Clash of MAM on Same Tenant with multiple domains

%3CLINGO-SUB%20id%3D%22lingo-sub-1246326%22%20slang%3D%22en-US%22%3EClash%20of%20MAM%20on%20Same%20Tenant%20with%20multiple%20domains%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1246326%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20a%20single%20O365%20tenant%20with%20a%20number%20of%20domains%20on.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ELets%20call%20domain%201%20%3CA%20href%3D%22mailto%3Amartin%40Dominion.com%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Emartin%40Dominion.com%3C%2FA%3E%20and%20domain%202%20martin%3CA%20href%3D%22mailto%3Amartin%40dominion.business%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3E%40dominion.business%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EBoth%20domains%20are%20registered%20with%20O365%20and%20each%20has%20its%20own%20mailbox%20for%20separation%2Fpurpose%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20MAM%20and%20MDM%20setup%2C%20using%20Apple%20devices%20with%20Azure%20MDM%20%26nbsp%3Bconnectors%2Ftokens%20%2F%20VPP%2FApp%20Store%20etc%20federation%20to%20Apple%20Business%20Manager%20of%20the%20necessary%20domains%20all%20in%20place%20etc)%20working.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20can%20add%20the%20first%20domain%20to%20the%20iOS%20Outlook%20client%20no%20problem%2C%20but%2C%20when%20I%20try%20to%20add%20%3CA%20href%3D%22mailto%3Aaccounts%40dominion.business%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Eaccounts%40dominion.business%3C%2FA%3E%26nbsp%3BI%20get%20the%20error%20message%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%22Your%20admin%20wants%20the%20apps%20on%20this%20device%20to%20managed%20with%20the%20account%20'martin%40dominion.com'.%20The%20app%20account%20you%20are%20using%20'martin%40dominion.business'%20will%20be%20removed.%20To%20access%20your%20organisation's%20data%20with%20the%20account%20'martin%40dominion.business'%2C%20you%20must%20unenroll%20your%20device%20from%20the%20company%20portal.%22%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EBut%20its%20the%20same%20portal%2C%20O365%20tenant.%20MDM%2FMAM%20and%20AD%3F%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAm%20I%20missing%20something%20obvious%20here!!%3F%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1246326%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EIntune%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMobile%20Application%20Management%20(MAM)%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMobile%20Device%20Management%20(MDM)%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1246384%22%20slang%3D%22en-US%22%3ERe%3A%20Clash%20of%20MAM%20on%20Same%20Tenant%20with%20multiple%20domains%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1246384%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F590928%22%20target%3D%22_blank%22%3E%40Psybasec%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIt's%20not%20possible%20to%20add%20to%20MAM-protected%20mailboxes%20on%20the%20same%20device%2C%20even%20if%20they%20are%20from%20the%20same%20tenant.%20Microsoft%20is%20aware%20of%20this%20%3CA%20href%3D%22https%3A%2F%2Fmicrosoftintune.uservoice.com%2Fforums%2F291681-ideas%2Fsuggestions%2F12515529-application-policies-should-support-multiple-ident%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Eissue%3C%2FA%3E.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20current%20workaround%20you%20could%20do%20is%20give%20mailbox%20A%20full%20access%20to%20mailbox%20B.%3C%2FP%3E%3CP%3EThen%20log%20into%20Outlook%20with%20mailbox%20A%20and%20add%20mailbox%20B%20as%20%3CA%20href%3D%22https%3A%2F%2Fsupport.office.com%2Fen-us%2Farticle%2Fadd-a-shared-mailbox-to-outlook-mobile-f866242c-81b2-472e-8776-6c49c5473c9f%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ea%20shared%20mailbox%3C%2FA%3E.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1246520%22%20slang%3D%22en-US%22%3ERe%3A%20Clash%20of%20MAM%20on%20Same%20Tenant%20with%20multiple%20domains%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1246520%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F186539%22%20target%3D%22_blank%22%3E%40Thijs%20Lecomte%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26gt%3B%20The%20current%20workaround%20you%20could%20do%20is%20give%20mailbox%20A%20full%20access%20to%20mailbox%20B.%3C%2FP%3E%3CP%3E%26gt%3B%20Then%20log%20into%20Outlook%20with%20mailbox%20A%20and%20add%20mailbox%20B%20as%20%3CA%20href%3D%22https%3A%2F%2Fsupport.office.com%2Fen-us%2Farticle%2Fadd-a-shared-mailbox-to-outlook-mobile-f866242c-81b2-472e-8776-6c49c5473c9f%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ea%20shared%20mailbox%3C%2FA%3E.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EUnfortunately%2C%20this%20did%20not%20work...%20Still%20get%20the%20error%20message%20about%20management...%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1247187%22%20slang%3D%22en-US%22%3ERe%3A%20Clash%20of%20MAM%20on%20Same%20Tenant%20with%20multiple%20domains%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1247187%22%20slang%3D%22en-US%22%3EA%20management%20profile%20might%20still%20be%20stored%20somewhere.%20Try%20deleting%20Outlook%20and%20the%20company%20portal%20and%20try%20again%3C%2FLINGO-BODY%3E
New Contributor

Hi,

 

I have a single O365 tenant with a number of domains on. 

 

Lets call domain 1 martin@Dominion.com and domain 2 martin@dominion.business

 

Both domains are registered with O365 and each has its own mailbox for separation/purpose,

 

I have MAM and MDM setup, using Apple devices with Azure MDM  connectors/tokens / VPP/App Store etc federation to Apple Business Manager of the necessary domains all in place etc) working. 

 

I can add the first domain to the iOS Outlook client no problem, but, when I try to add martin@dominion.business I get the error message

 

"Your admin wants the apps on this device to managed with the account 'martin@dominion.com'. The app account you are using 'martin@dominion.business' will be removed. To access your organisation's data with the account 'martin@dominion.business', you must unenroll your device from the company portal."

 

But its the same portal, O365 tenant. MDM/MAM and AD??

 

Am I missing something obvious here!!??

3 Replies

@Psybasec 

 

It's not possible to add to MAM-protected mailboxes on the same device, even if they are from the same tenant. Microsoft is aware of this issue.

 

The current workaround you could do is give mailbox A full access to mailbox B.

Then log into Outlook with mailbox A and add mailbox B as a shared mailbox.

@Thijs Lecomte 

 

> The current workaround you could do is give mailbox A full access to mailbox B.

> Then log into Outlook with mailbox A and add mailbox B as a shared mailbox.

 

Unfortunately, this did not work... Still get the error message about management...

A management profile might still be stored somewhere. Try deleting Outlook and the company portal and try again