Intune MAM Policies(Android/iOS) not applying to Onpremises mailbox users

Brass Contributor

Hi All,

We have exchange hybrid environment and most of the mailboxes are on on-premises exchange.

Also we have enabled Hybrid modern authentication for on-premises exchange hybrid.

We have configured below things.

1. Configured HMA for Onprem Exchange

2. Assigned microsoft E5 License including Intune License

3. Configured below Azure AD conditional access policies

  1. Create a conditional access policy
  2. Create an Intune app protection policy
  3. Enable hybrid Modern Authentication

4. Configured App Protection policy for Android and iOS devices and assigned to the Intune license users.

It is working fine for cloud mailbox users only having issue with Onprem mailbox users.

Let us know if any advance configuration we need to do from exchange on-premises.

Reference Articles

Using hybrid Modern Authentication with Outlook for iOS and Android | Microsoft Docs

Hybrid Modern Authentication overview and prerequisites for use with on-premises Skype for Business ...

 

4 Replies
What client are they using ? They need to be using Outlook as far as I understand.
Yes they are using Microsoft Outlook.
@ Mdrafik-Shaikh: did you end up resolving this issue? I am wondering if InTune HMA works for on-premise mailboxes myself.

This is resolved. We have opened case with MS and they updated the required cipher suite for exchange server. Exchange server is not detecting the autodiscover requests.