cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

App Protection Policy is not applied

Deleted
Not applicable

‎Mar 11 2019 07:15 AM - edited ‎Mar 11 2019 07:16 AM

‎Mar 11 2019 07:15 AM - edited ‎Mar 11 2019 07:16 AM

App Protection Policy is not applied

Hi everyone,

 

i have the following constellation:

 

1. One App Protection Policy named "iOS General"

2. One App Protection Policy named "iOS Outlook for managed devices"

3. One App Protection Policy named "iOS Outlook for unmanaged devices"

 

Configuration:

1. The following options are set for "iOS General:

Target to all app types -> yes

Targeted Apps -> all Apps in List except Outlook

 

2. The following options are set for "iOS Outlook for managed devices"

Target to all app types -> no -> Apps on Intune managed devices

Targeted Apps -> Outlook

 

3. The following options are set for "iOS Outlook for unmanaged devices"

Target to all app types -> no -> Apps on unmanaged devices

Targeted Apps -> Outlook

 

My expectations:

unmanaged Devices

  1. Policy "iOS General" is applied for all Apps, except from the Outlook App.
  2. The Outlook App applies the Policy "iOS Outlook for unmanaged devices"

managed Devices

  1. Policy "iOS General" is applied for all Apps, except from the Outlook App.
  2. The Outlook App applies the Policy "iOS Outlook for managed devices"

 

My problems:

1. unmanaged and managed devices are applying the "general" Policy. Very good.

2. When it comes to the distinction between managed device -> Outlook & unmanaged device -> outlook the App Protection Policies are not properly applied.

The policy "iOS Outlook for unmanaged devices" is applied every time. (Not as expected only on unmanaged devices!)

 

additional information:

I'm using a group with static user assignment. All my test-users are member of this group.

Every App Protection Policy is using this static group. (Policy -> Assignments -> Inlcude)

 

 

Thank you very much in advance.

Patrick :)

24.9K Views
0 Likes
22 Replies
Reply
22 Replies

‎Mar 19 2019 06:14 AM

‎Mar 19 2019 06:14 AM

Re: App Protection Policy is not applied

@AndrewDawson 

 

I experience a new problem.

In my test scenario i had the setting "only work and school accounts" activated.

The recognition if Outlook has to apply the managed or the unmanaged profile worked well.

When rolling out to a pilotgroup the users reported, that they lost their personal accounts inside Outlook. Okay, i can understand that. So what i've done is to disable "only work and school accounts", so that the user are again enabled to use their personal accounts.

The Problem: Now every device is is applying the unmanaged policy and nothing is working.

 

Thats really annoying.

Any ideas?

Both of the options are not satisfying me.

1. I need the ability for the users to be able to use their private accounts.

2. I need to be able to distinguish wether the device is managed or unmanaged, so i can allow Contactsync in managed state.

0 Likes
Reply
PatrickF11

‎Apr 17 2019 10:59 PM

‎Apr 17 2019 10:59 PM

Re: App Protection Policy is not applied

Because of a new techcommunity account, this is just a short response to follow up the thread. :)
0 Likes
Reply
RichardRiley

‎Nov 20 2020 09:06 AM

‎Nov 20 2020 09:06 AM

Re: App Protection Policy is not applied

@AndrewDawsonThank you for this!! Microsoft Docs wasn't that clear to me so your pic example was exactly what I needed. Thanks

0 Likes
Reply