Dec 14 2021 07:02 AM
Hi All!
I have a strange behavior.
The current setup is:
We are using iOS and Android devices with conditional access policies and application protection policies. The conditional access policies are enforcing the application protection policy.
The app protection policy is enforcing a 4 digit PIN code to access the Microsoft 365 apps.
The future setup is:
The updated app protection policy will enforce a 6 digit PIN code, instead of the 4 digit PIN code.
The behavior / problem:
Enabling the new policy for a test user group leads to the following problems:
With this behaviour we cannot roll the update for 5000 users out.
Does anybody know how to adress the issue?
Dec 14 2021 11:25 AM - edited Dec 14 2021 11:27 AM
Hi just wondering but could you tell us which app is giving you that error? And are the office 365 apps uptodate ?as well as the device itself?
The error you got means "user canceled interactive authentication" if i am not mistaken
ANd I am also reading app protection policies, do the devices also have the broker app installed (mfa auth or for android the company app portal)
And are those devices mdm enrolled or are they byod?
Dec 14 2021 11:30 AM
Dec 14 2021 11:47 AM - edited Dec 15 2021 02:34 AM
Just wondering, but what happens when (if thats possible) they first open Microsoft outlook to check if that's working and if so open teams...
Could you also show us the CA config in wich you enforce app protection ?
And maybe a stupid thought... but are terms of use configured ?
Dec 15 2021 04:31 AM
Dec 15 2021 05:23 AM
Dec 15 2021 05:59 AM
Sure, they do have MFA. 🙂
The app protection policy is this: (the new one, the older one had a pin length of 4 digits and enabled third party keyboards.
Dec 15 2021 10:27 PM
Dec 16 2021 02:28 AM
Dec 16 2021 02:53 AM
Dec 16 2021 03:04 AM
Dec 16 2021 04:15 AM
Dec 16 2021 05:02 AM
Mar 23 2022 05:46 AM
May 26 2022 07:06 AM
@cmessina85 remove the account from device and re-add