DNS Override rule in teams not applying to non-identity WARP clients

Hi we have a gateway DNS override rule that works fine for WARP clients that authenticate with an identity.
However, WARP clients (android) that use service auth identity, which ends up with non-identity while they have access to the tunnel (I can pull up private network resources by IP) the DNS override rules don’t seem to apply.