@Manish Chaudhary,Thanks for posting in Q&A.
For the Conditional access error 53003, it means BlockedByConditionalAccess. Please check the user Sign-in logs which locate in Intune admin center > Devices > Conditional access > Sign-in logs and see which setting is blocked.
Here is a link about how to troubleshoot Conditional Access Policy problem:
Troubleshooting sign-in problems with Conditional Access - Microsoft Entra | Microsoft Learn
I notice the device is compliant in Intune. Please also check which compliant status of the affected device In Azure AD.
Moreover, to achieve your goal, we can create a new filter for devices including Entra Hybrid joined, Entra Joined, Entra registered Device and corporate owned devices, then create a new Conditional Access policy to block all Cloud apps and add filters to exclude the above devices.
Please try above information, if there is any unclear, feel free to let me know.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.