Intune prevent access to corporate contacts in iOS

Copper Contributor

Hi

 

i am struggeling to prevent access to corporate O365 contacts in iOS from unwanted applications (whatsapp)

We use E3 licenses and I added the full intune licenses to get access to all intune settings. I created the needed rules also with the setting to prevent unmanaged apps to access corporate contacts but Whatsapp still shows all coporate contacts. Am I missing something?

 

I habe some possible szenarios that might be the case here:

- I need additional licenses (Azure AD P2 or stuff like that) for conditional access? not sure...

- What I want is not possible and I need to restrict access to the corporate O365 to the outlook app

 

Any help would be great

 

Thanks

Jan

3 Replies

As far as I know you will have to use CA policy to restrict access to Outlook Mobile only and then you can restrict contacts sync using MAM policy.

 

For CA, yes. You will need Premium license.

But what ist this setting for ??

https://cloudblogs.microsoft.com/enterprisemobility/2016/04/05/new-in-intune-block-contact-sync-cond...

 

I can prevent syncing of contacts, but it doesnt do anything, since the contacts are synced via EAS !?

or I dont get it !?!

Unbenannt.JPG

And there is no word I need conditonal access ...

 

MAM policy can be applied to apps which are supporting such feature. Native iOS mail client is not supporting that. So, you can do that without CA policy, but anyone with something different from Outlook, will be able to sync contacts.