Today I was working on a Git Repo in Azure DevOps that is used for a training that I am currently building. together with my colleague Randy. One of the things we want is to set a branch policy on the main branch so that a Pull Request build is fired when we check in. The expected behavior is that nothing can be check in in to the main branch. Right? Seems trivial ? No.. Not right

Strange enough, when configuring “any” branch policy in the repo, did not trigger anything. We could happily push everything. Of course we tried on another repo and there everything worked as expected

After a while we took a look at the permissions of the repository. and we saw this.

Obviously, it was set to allow. Strange, probably did that when fiddling around. The normal setting is [Not Set].
After switching this back to Not Set, everything works as expected, on every branch!

Hope this helps!