Forum Discussion
Shared iPad Misconfiguration Alert - Intune
I figured it out. You'd have to enable SSO plugin extension in your shared device policy. I have shared the link to the docmentation below
https://learn.microsoft.com/en-us/entra/identity-platform/apple-sso-plugin.Once your policy is applied, on the test device, login to the authenticator which is already installed on the device. You will be prompted to register the device. The SSO extension will automatically recognize the account registered on the authenticator when you open outlook or any other O365 app.
Let me know if this works.
8 Replies
- Got exactly the same issue. with the ": ." in the first line.
No AppConfig send to the device, Authenticator login works fine. It cannot login Outlook via Authenticator somehow. No other Restrictions applied to the device which can restrict this afaik.I figured it out. You'd have to enable SSO plugin extension in your shared device policy. I have shared the link to the docmentation below
https://learn.microsoft.com/en-us/entra/identity-platform/apple-sso-plugin.Once your policy is applied, on the test device, login to the authenticator which is already installed on the device. You will be prompted to register the device. The SSO extension will automatically recognize the account registered on the authenticator when you open outlook or any other O365 app.
Let me know if this works.
- What settings do i need to configure in the "Single sign-on app extension" settings?
- Is an Organization Allowed Account configured for Outlook in an App Configuration Policy? See here: https://learn.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/outlook-for-ios-and-android/outlook-for-ios-and-android-configuration-with-microsoft-intune#organization-allowed-accounts-mode-settings
If it is configured can you let us know the value?- No it is not configured. Our device enrollment type is targeted at managed apps not managed devices.
