App Protection Policies and CA Policies

Question

Hi All,

So I set MAM with App protection policies and CA policies.
It seems to work kind of
But If I take a brand new iPhone and try to setup Outlook, it first asks for an authenticator, where I log in with my password. And then it shows the “register…” window?
If I continue and click register, it shows the app is part of the app protection policy – so it seems as it should.
Is this default behavior for MAM? – I actually thought the idea of MAM was no registration, but I don´t know if this window should appear.

Posted by Peder Jensen in HTMD FB Group

in progress 0
Sunitha P.S 2023-10-18T22:08:33+05:30 3 Answers 8 views
0

Answers ( 3 )

  2. Sunitha P.S
    0
    2023-10-18T22:21:26+05:30
    Reply

    Replied by Markus Tuomi

    Peder Jensen Yes, all you have to do is make sure that the device is registered. No need to log into Authenticator.

    Replied by MichÆl Courville

    Does your CA policy stipulate a device should be enrolled?

    Replied by Peder Jensen

    No – Only app protection policy

  4. Sunitha P.S
    0
    2023-10-18T22:17:03+05:30
    Reply

    Replied by Peder Jensen

    Is there somewhere a setting that enables a device to be added to Intune? I’m just wondering where this registration comes from, as it cannot be conditional access. As written, it is a “registration” and not “enrollment” It asks for

    Replied by Markus Tuomi

    Peder Jensen, It is not joined in Intune. Registered is a different case. The device must be registered in Entra ID, that’s it. Then you just need a broker app which can be Autenticator or Company Portal with iOS. Android requires that the broker app must be Company Portal. You do not have to log in to the broker. Just install it, that’s all.

    Replied by Peder Jensen

    Just found it – it seems default behavior in this registration window
    https://hmaslowski.com/…/intune-mam-without-enrollment…

  6. Sunitha P.S
    0
    2023-10-18T22:12:30+05:30
    Reply

    Replied by Markus Tuomi

    You should not sign in to Authenticator. Just install it and leave it that way. Authenticator is just a broker app. Try again after reinstallation, and your mam policies should work just fine.

    Replied by Peder Jensen

    It auto-forwards me to the authenticator after I have entered my email address in Outlook

    Replied by Peder Jensen

    where it ask me to sign-in

Leave an answer

Sorry, you do not have permission to answer to this question .