Since upgrading to AnyConnect 4.10.05095 our Azure AD authentication for VPN has broken because the login fails the Conditional Access policy. We found that the Windows 10 clients no longer report device information as part of the SAML sign-in process which fails the Conditional Access policy that is require for a corporate owned device, Azure AD/Hybrid Joined and registered in Intune. Users receive a message stating that while they successfully logged in, their device does not comply with the policy, and therefore prevents them from accessing VPN.
This looks to be an issue with WebView2 in AnyConnect 4.10.05095. We are using the registry key on our test devices now, but we are not rolling this version out to production until the issue is resolved.
Has anyone found a fix for this issue beside changing the registry entries from using WebView2?