Forum Discussion

Adam Weldon-Ming's avatar
Adam Weldon-Ming
Brass Contributor
Jul 01, 2019
Solved

Conditional Access native iOS mail app works - but not if manually configured or if mail already set

Hello When I create CA Policies for iOS,  (All iOS devices on iOS 11+)   Scenario: Client has existing iPhone's already in use - 90% use native iOS App - We want to force these devices into MDM ...
Conditional Access
Intune
Mobile Application Management (MAM)
mobile device management (mdm)
  • jenstf's avatar
    jenstf
    Jul 02, 2019
    The first policy (legacy) should block access. It's also recommended to make one policy for active sync and one for other clients. Make sure to exclude service accounts that doesn't support modern authentication.

    I would monitor the sign-in log and look for logins from other client and active sync (unsupported) before doing this in production.

    JT
Alexander Vanyurikhin's avatar
Alexander Vanyurikhin
Iron Contributor
Jul 02, 2019

Adam Weldon-Ming Nature of Conditional Access is that it actually works only with Modern Auth. So, in your case you need to have 2 policies.

- One to block Legacy authentication.

- And one more following guide you used.

Resources