Intune Mobile Outlook Asking password again and again

Copper Contributor

we have some of the mobile users which is having issue with outlook signin . After enrollment of the device user is not able to sign in in the outlook it seems like it is stucked in the loop. however teams is working fine for these users. Also these device are successfully enrolled without any error,device is compliant and passed all the conditional access policies. 

can anyone help me out on this issue.

19 Replies
Hi... so there are definitely no errors or notifications in the sign in log? Did you also enabled app protection perhaps?
yes there is not sign in errors in fact in logs it is saying that successfully singed in App protection is enabled. Also enabled the modern auth in org settings. in App protection Pin for access is not configured.
happen to have tested it without app protection? ios/android?
issue is with android device but not all the device. few of the devices have this behavior. I have tested some of the users without app protection it is working fine.
if you want i can share the video of the issue
So... if I am getting this correctly app protection could cause some issues.. what happens on the device that is having issues when you remove the broker app (company portal)
when i remove the broker app, it will again prompt user to download the broker app to continue access to the company resources due to the Intune license.
There two scenarios in 1st scenario i will remove intune license and broker app
2nd scenario user will have the Intune license and broker app but no sign in in the broker app excluded from the conditional access policy we called as the MAM setup.
1. If i remove intune license and remove the broker app both the outlook work fine.
2. i have conditional access setup for the Require App Protection Policy and Require Complaint Mobile Devices. If i exclude the user from these conditional access policy outlook works fine
let me know if you not understand
SO I assume when reinstalling the broker app it still doesnt work.... But before you are mentioning there were no errors in the sign in logs..... That conditional access rule that blocked it should be shown in those logs (normally)....
First off I would split up the conditional access rule in 2 parts... 1 for requiring compliant devices and 1 for the require app protection.
Second: When did you deploy the app protection policies? did you checked if the device had the app protection policy downloaded /configured as mentioned here
https://call4cloud.nl/2021/01/the-sum-of-all-app-protection-policies/
thanks for the link, please allow me some time i will check and let you know.
Hi, are the devices enrolled as fully-managed or with a work profile?

@somesh_pathak with work profile byod enrollment

Hi @Vijay2744 , Great. If possible, could you please share the screenshot of the App protection policy configured for BYOD and also check if you have configured any policy specific to the Outlook app.

 

Br/
Somesh

@somesh_pathak please find the screenshot below

there is no specific outlook app protection policy configured 

1. App config policies

Vijay2744_0-1672304676114.png

2. App protection policy for android 

Vijay2744_1-1672304760348.pngVijay2744_2-1672304788772.png

 

Vijay2744_3-1672304862106.pngVijay2744_4-1672304903806.png

3. Access Requirement

Vijay2744_5-1672304972522.png

 

Vijay2744_6-1672304998447.png

 

 

Hi @Vijay2744 ,

 

Thanks for sharing the screenshots. In the APP, can you please check why "device type" is showing blank? and, have you added the public apps manually to this list?

And I can also see from the screenshots that you have app config policies for M365 apps, are they having similar configurations?

 

Br/

Somesh

@somesh_pathak 

1. Device Type in APP 

 

Vijay2744_0-1672371069529.png

Only the Microsoft App are added to the App protection Policy 

App config policies for the autologin as follows the sample yes they have similar config on all autologin policies 

Vijay2744_1-1672371233047.pngVijay2744_2-1672371268378.pngVijay2744_3-1672371346497.pngVijay2744_4-1672371367528.png

 

I am experiencing this exact same authentication loop issue today (video attached).

 

It only affects Android Intune enrolled devices; our Apple devices work with Outlook mobile just fine.

No errors in sign in logs- all conditional access logs show successful.

 

Device: Android (personally-owned work profile)

 

Teams, OneDrive, and Edge all work and are deployed as required from Intune. It's just Outlook mobile that does not sign in.

 

App config policies: one for Office 365 account config the other for general outlook config settings which targets both iOS and Android (screenshots attached)

is there any specific device manufacturer that you are facing this issue? for me most of the Redmi and Xioami devices.
For me as of now no solution works, but yes as per the https://call4cloud.nl/2021/01/the-sum-of-all-app-protection-policies/ this link i am testing out some of the users.
As per my observation you need to wait at least 1 or 2 days to get apply these policies.
Let me know if you any other solution for this

It was only affecting our new hires that started yesterday. This morning everything is working fine for both devices that had the issues. One was a Pixel 7 Pro and the other was a OnePlus 9 Pro.

@Rudy_Ooms_MVP  checked as per link but nothing worked for me. i have raised couple of support tickets to the Microsoft but they also don't have the solution for this. can please help me on this topic.