I have been tasked with researching MDM deployment and enrollment.
Our current situation:
We currently have a hybrid environment synchronizing with AAD but have O365 for our mail exchange.
We only have Office 365 Business Essentials licenses and we would like to deploy MDM.
Where we want to go:
We would like to manage what applications can be used to synchronize company mail for example Company Portal. i preferably would like this to be enforce so the native mail applications are not able to be configured to synchronize mail. that said, if users don't enroll using the company portal app, configuring their email address is not possible. I would like to remotely wipe, at least mail access and content by the administration portal. If remotely wiping a device is also possible its a plus.
I don't know if this is feature based or License based. i know that the company portal application is related to intune, but upon login in to azure AD portal i see that i need a premium subscription to use intune. But is this also necesary to deploy specific policies and enforcing what i would like to achieve?
Note the limitations mentioned but however this is available with Office 365 Business Essentials license at no extra cost:
"Because this is a device management solution, there is no native capability to control which apps can be used even after a device is enrolled. If you want to limit access to Outlook for iOS and Android, you will need to obtain Azure Active Directory Premium licenses and leverage the conditional access policies."
Microsoft 365 Business (at extra expense) would be the best option which includes Microsoft Intune and Azure AD Premium (which can be also bought separately as an add-on), this opens up much more control:
I have read the supplied links. What i would like to achieve is not possible with just Mobile device Management for Office 365. It will give me the opportunity to set policies and secure wipe the phones but i can't control which app they use to synchronise their email. I have to set up a test pilot and try to configure mdm for O365 using specific policies to achieve the minimum i would to achieve. But your information was very helpfull. But for now i know enough.