Forum Discussion
intune using AFW same device registered twice direct and EAS
Dear All,
please help me on Exchange on-prem conditional access with intune same device registered twice direct and EAS
1- Direct in compliance EAS active but still can not create mail profile
2- EAS it show access denied
- Karim El-MelhaouiBrass Contributor
I would suggest you change the "default rule" to "Allow the devices access to Exchange", this is a Global Exchange Rule which may cause issues and will affect devices outside the scope of your Intune deployment. Also note; Intune synchronizes EAS devices from Exchange - if users have previously EAS enabled devices they will appear in the Intune console, considering you have Default Rule to Quarantine this will definitely affect the users.
I will summarize my suggestions:
- Change default rule to "Allow the devices access to Exchange" (No worries, everything will work as expected regardless, this is just a Global Exchange Rule targetting users outside your Tenant).
- Make sure you deployed Email Configuration Profile for Gmail through Android for Work settings and that the user receives the configuration.
- Yousef HanounCopper Contributor
thanks for the suggestion already changed it "Allow the devices access to Exchange"
but still android devices recginized as two devices if outlook profile was depolyed as some users want to change gmail client mail app
Thanks,
Yousef
- Karim El-MelhaouiBrass Contributor
Yes, the Outlook application will appear as it's own device. Unforutunately the Outlook client is not yet supported with Exchange On-Premises. Microsoft has announced they will support it in UserVoice:
More information regarding this can be found here: https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/11530827-conditional-access-for-on-premise-exchange-and-out