If you’ve received error AADSTS530004: AcceptCompliantDevice setting isn't configured for this organization, it means the tenant has a conditional access policy that only allows compliant devices — and the service provider account is not treated as compliant.
Cause: This typically occurs when Conditional Access policies require compliant devices, but the Sync 365 account is not covered by an exclusion.
How to Identify the Policy
- Login to the customer's Azure portal
- Open Microsoft Entra ID (Azure AD)
- Go to Users → Sign-in logs
- Find the sign-in attempt by "<Your company name> Technician"
- Click into the failed sign-in to see the Conditional Access policy blocking access
Resolution
To resolve this issue, you can exclude the service provider account from the Conditional Access policy. See full guidance here: Conditional Access Policies
- Edit the Conditional Access policy
- In the Users section, click Exclude → select "Service provider users"
- All: excludes all service providers with tenant relationships
- Select: allows you to specify specific tenant IDs — be sure to enter your Sync 365 tenant ID
- Save the policy and retry the connection in Sync 365
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article