SOLVED

How to restrict users adding email accounts to Outlook different from company's domains

Iron Contributor

Is it possible to restrict users adding email accounts to Outlook different from company's domains?

8 Replies
You should be able to restrict addition of personal accounts using App configuration policy for Outlook in Intune.

Hello @AtanasM

You might wanna restrict user experience to only business use on the M365 apps, but you’ll have to consider the full user experience. What is your goal here, MDM  or MAM? 

if you’re considering MAM, I would suggest to configure App configuration policy and app protection policy. 

if you wish, I might be able to give you a could of best practices in that direction. 

best regards 

Shady Khorshed 

Hi @ShadyKhorshed
I just want to restrict users to add email accounts to Outlook only from the 2 company domains.

Hello @AtanasM
first of all, make sure to create App configuration policy for Outlook, in the below example, is the App Config for iOS

By enabling this setting, users will be unable to add personal email and storage accounts within Outlook. If the user has a personal account added to Outlook, the user is prompted to remove the personal account. If the user does not remove the personal account, the work or school account cannot be added.​

ShadyKhorshed_0-1689322704509.png



If you found my answer helpful, please make this answer as best!

Best regards
Shady Khorshed

@ShadyKhorshed I was asking here not about personal accounts, but about Work & School accounts from other organizations, different from company's domains.

Haello @AtanasM

the answer would still be the same in my previous comment. If you disable the highlighted function in app configuration policy, then the Outlook app allows only one work and school account. 

on the other hand, if the end scenario is to allow only your Business UPN and no other external UPNs are allowed, then you can still configure it in App configuration policy, and you’ll have to make sure that you are pushing VPP apps (in iOS case) to the managed device. 

 

best regards 

Shady Khorshed 

Hi @ShadyKhorshed
could you send me useful links, how to configure App configuration policy, so that I can use only my Business UPN in Outlook?
best response confirmed by AtanasM (Iron Contributor)
Solution

Hallo @AtanasM

As promised, below are screenshots of iOS config
1- AppPP 
2- Outlook app Config policy

3- Teams app Config policy. 

 

as for normal iOS app Config policy, just make sure to add the following to each managed app (as show in the Teams app config).

IntuneMAMUPN
String
{{userprincipalname}}

 

 

ShadyKhorshed_0-1689592741638.png

 

ShadyKhorshed_1-1689592791933.png



ShadyKhorshed_2-1689592833837.png

 

1 best response

Accepted Solutions
best response confirmed by AtanasM (Iron Contributor)
Solution

Hallo @AtanasM

As promised, below are screenshots of iOS config
1- AppPP 
2- Outlook app Config policy

3- Teams app Config policy. 

 

as for normal iOS app Config policy, just make sure to add the following to each managed app (as show in the Teams app config).

IntuneMAMUPN
String
{{userprincipalname}}

 

 

ShadyKhorshed_0-1689592741638.png

 

ShadyKhorshed_1-1689592791933.png



ShadyKhorshed_2-1689592833837.png

 

View solution in original post