I'm trying to get more understanding of the intune to Exchange online Service to Service Connector.
The conditional Access policy within intune to restrict mobile devices to only use the restricted Microsoft Apps i.e Outlook, Sharepoint etc only works if I turn on the Exchange connector from Intune.
Is there any details of why or how this mechanism works, I wanted more specific info of what this is doing? I gather intune is connecting to the mailbox of the user but what is the connector doing differently to what a connection with no connector is doing?
If I turn off the connector it will allow the user to use any app i.e android gmail app to connect to their mailbox.
The conditional Access policy help secure email and other services (SFB and Sharepoint) depending on conditions you specify. The Exchange connector connects you with your Exchange deployment and lets you manage mobile devices through the Intune console. After the Exchange Server connector is successfully configured, it begins to inventory devices that are not yet enrolled to Intune, but are connecting to your organization’s Exchange resources or Office 365 using Exchange Active Sync. You do not need to use the connector for conditional access policies, but is required to run reports that help evaluate the impact of conditional access. What i believe we should look into is why your deployment does not work without the Connector turned on.