Dec 12 2017 01:03 PM
Hi all,
Is it possible to block users from logging into their Office 365 accounts via 3rd party iOS apps such as MyMail which is found on the Appstore/Play Store ?
Link to MyMail:
https://itunes.apple.com/us/app/mymail-email-app/id722120997?mt=8
We're in the process of migrating all users to Outlook for iOS/Android. If corporate owned, they will enroll via the Company Portal app and have Outlook, Work, Excel, PowerPoint, Teams, OneDrive & Authenticator auto installed/pushed. If they are BYOD, I need them to only use Outlook for iOS/Android with an app password forced via Intune App Protection Policy.
I've attempted disabling ActiveSync, + OWA for Devices within O365. No luck.
Appreciate any input.
Cheers
Brett
Dec 20 2017 01:45 PM
You may be able to achieve this by using Conditional access with Intune. There is an option to restrict access to Approved app.
https://docs.microsoft.com/en-us/intune/app-based-conditional-access-intune-create
Jul 01 2019 12:59 PM
Jul 02 2019 12:37 AM
@Brett Lindsey
If Outlook mobile is the only app, you need to create few Conditional Access policies.
- Policy to block apps with legacy auth.
- Policy to require "Approved client app" to connect to Exchange. Because only MS apps are "Approved" it will limit everyone to Outlook only.
Jul 02 2019 12:44 AM - edited Jul 02 2019 12:47 AM
@Brett Lindsey You should block legacy authentication anyway with conditional access. With that you get rid of most 3rd party apps. As far as I know, only the native iOS email application supports modern authentication.
Two policies with block as action control, one for other clients and one for active sync under client apps.
In combination with approved client app cond acc. and eventually App Protection policy you should be able to force the users to use Outlook