I am evaluating whether Intune can help us manage our Android devices. Our policy and goal is th following:
Our users have Android devices.
Every device must be enrolled with Android for Work.
Inside it, Outlook must be installed and configured.
The user must not be asked to enter his username or password.
What I did so far:
Linked our managed Google Play account to Intune.
Allowed Device enrollment > Android for Work enrollment > Enrollment restrictions to Android for Work platforms only.
The next step is to force the installation of Outlook. This is where I'm already having a hard time.
I have two options in adding an app:
(1) Approve Outlook in the managed Google Play Store. Then go to Mobile Apps > Apps, click on Microsoft Outlook, go to Assignments and add the security group I want to require the installation. What surprises me is that with this option I have to work with Azure AD security groups and that I am unable to select allusers or all devices, as I can do in the second option.
(2) Go to Mobile Apps > Apps. Click on Add. Select built-in app. Select Microsoft Outlook (Android). Go to Assignments. Here I am actually able to select allusers or all devices instead of having to deal with Azure AD security groups.
Now, option 1 was working. However, the user is able to remove Outlook and reinstalling it is a bit cumbersome. Option 2 didn't work at all. What is the recommended approach here?
The next step was to configure Outlook, so the user doesn't have to enter his credentials a second time. (He already entered his credentials in the Company Portal). How would I go about that?