First published on TechNet on Oct 05, 2016
Author: Joel Stevens | Microsoft Support Escalation Engineer
When you activate the Mobile Device Management (MDM) for Office 365 service, you are prompted to create a Device Management Security Policy. The mobile devices for users that you target with this policy will be quarantined, and the user will be sent an email asking them to enroll using the Intune Company Portal application before the quarantine will be lifted. An example is below:
Note: More information on the enrollment process for mobile device in Office 365 can be found here .
After implementing this in your environment, if you no longer desire to use Office 365 MDM Access Control, here are some things you can do to minimize the impact to your end-users:
- If removing Access Control for only a limited amount of time, you can manually override the quarantine rules by completing the following steps:
- If removing Access Control for some or all users permanently is desired, you can override Access Control via a Security Group. This also lifts the quarantine immediately.
- If you prefer to stop Intune enrollment requests for your entire organization, then you should delete all Device Security policies:
See the following article for a description of Office 365 MDM Access Control powered by Microsoft Intune: https://technet.microsoft.com/en-US/library/ms.o365.cc.devicepolicysupporteddevice.aspx .
Please be aware that it is not currently possible to “turn off” Office 365 MDM. If you are switching to a 3 rd party MDM provider, then you can follow the steps in this article to remove Access Control and there should not be any further impact. There is no need to contact Microsoft Support unless you plan to use System Center Configuration Manager to manage your mobile devices via Microsoft Intune.
Joel Stevens , Support Escalation Engineer
Microsoft Enterprise Cloud Group
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.