After migrating a SEPM group from hybrid to cloud-managed, the policies in use by the agent are ones inherited from the cloud instead of the SEPM policies imported during migration.

The locations defined in the SEPM did not include the Default location. New policy targeting rules are created for custom locations, and SEPM policies are targeted accordingly. However, the original Default location on the SEPM had been deleted, so there were no policies to apply to the cloud's Default policy target. Due to ambiguous policy targeting rules (location criteria migrated from the SEPM) the client failed to meet requirements to move to one of the custom locations and reverted to Default.

Either adjust the policy targeting rules so that the client switches to the policy target with the desired policies or apply appropriate default policies to the Default policy target.

Note: Changes to policy targeting rules may be lost if another group with the same locations defined is later switched to cloud.