Device Compliance / Conditional Access on Shared machines

Hello I am investigating and trying to impliment my companies Device Compliance & Conditional Access policies onto multi-user ( shared user account ) machines. Hybrid Azure environment with Seamless SSO enabled To describe the setup in a short summary, we have Conditional Access setup so users can access company resources ONLY when they are connecting from a Compliant device. The compliancy rules are that it is enrolled / is an active user / av up to date and a couple of others that aren't important. For users that have their own dedicated machine this works correctly, they log into the device and can access Outlook , One Drive etc fine . They sign into Edge and the Device ID is passed through so they can access everything online too. However, for these 'Shared' machines I can't seem to get the configuration correct. These are configured by having a main Windows log in ( with E3 and EMS license ) then 3 or 4 users with P1 licenses can go to the web to access emails and sharepoint. I have tried multiple configuration policies in an attempt to get the Shared user account to be compliant, which allows the multiple P1 users to sign into Office 365 on the web. My main stumbling blocks are : 1 . Without EDGE being signed in, the DEVICE ID is not passed through when users try to access office.com ( for example ) resulting in the device not being compliant and users not being able to access resources. 2. When EDGE is signed in as the WINDOWS user, EDGE automatically signs into everything office related ( due to SSSO ) which results in the same, no reliable / continued access to resources. 3. I also can't seem to find any information on how to raise a ticket with Microsoft regarding this ( without going through our reseller ) AND information on buying a one off support ticket. Any help will be much appreciated