Intune Conditional Access Policy.

Iron Contributor

We are currently using Intune to push native email client profile for Android and IOS.

Users device must be compliant and the user account must be part of a specific group.

In order for the Auto profile push to work.


My issue is when I force enrollment for user who want to use the Outlook APP, they get caught in a sign in Loop or Outlook completes the setup after redirection to company portal but then Intune Auto pushes profile for Native mail client which they do not want since they opted for the Outlook APP.


The Ideal setup Im looking for is,  if user wants native mail,  add to AD group then install company portal and run through that for profile push.


IF user wants to use outlook then I still want to force company portal compliance  but no push of profile to native mail client.  How can I accomplish this?  Since the policies for native mail setup are pointing to a group do I just create another group called Outlook APP and add user to that Group to avoid Native mail Profile push? DO the native mail user and outlook app users need to be in seperate groups?


I have a ticket open with MS but they are spining their wheels as I have been working with them on this for at least 2 to 3 weeks with no resolution in sight,.

0 Replies