One of the MDM integration features is to set a policy to block Out-Of-Compliance (OOC) or/and devices that are not managed by the MDM server.
In order to get to the registration settings, we'll need to Sign in to the Access Portal admin area → Settings → MDM integration → OOC registration validation, or by using the following URL: /admin/settings?category=mdm_integration_settings
There are 3 OOC registration validation options:
Block if OOC
This policy will only block a device if it will find a record in the MDM server that this device is OOC.
Registration will still be allowed if no matching device is set in the MDM server.
Block if OOC or device is not managed
This policy will block devices if they have a record in the MDM server that this device is OOC.
Also, registration will be blocked if there is no matching record in the MDM server for this device.
Do not check OOC
This policy will not check if the device is OOC or not managed by the MDM server.