SOLVED

Intune using User enroll then edge not single sign-on

Iron Contributor

we have using Set up user enrollment with Company Portal for iOS - Microsoft Intune | Microsoft Learn 

But when enroll with encrypt only work data then after enrolled access egde login not single sign-on and access outlook ask enroll device (because Condition accesss ask require complaint) but check in admin portal then this devcie complaint.How to configure to edge can access outlook web with user enrollment

3 Replies
best response confirmed by thanhtien19 (Iron Contributor)
Solution

Hi @thanhtien19,

to configure Edge to access Outlook Web with user enrollment, you need to do the following:

  1. Make sure that you have configured Conditional Access (CA) to allow user enrollment. To do this, create a new CA policy and set the Conditions to Device platforms and Select the platforms to All platforms. Then, set the Controls to Grant access and Require enrollment.
  2. Create a new app configuration policy for Edge. To do this, go to Devices > Configuration profiles > Create profile. Select App configuration as the profile type and select Microsoft Edge as the target app.
  3. In the App configuration policies section, click Add. Enter a name for the policy and select Single sign-on as the policy type.
  4. In the Single sign-on configuration section, select Enabled.
  5. Click Save.
  6. Assign the app configuration policy to the users who will be using Edge to access Outlook Web.

Once you have completed these steps, users will be able to access Outlook Web in Edge without having to sign in.

Note: If you are using the Intune Company Portal to enroll user devices, you will need to make sure that the Encrypt only work data checkbox is not selected. This is because Conditional Access requires devices to be enrolled in Intune in order to access protected resources.

Here are some additional troubleshooting tips:

  • Make sure that the user's device is meeting the compliance requirements of your Conditional Access policy. You can check this by going to Devices > All devices and selecting the user's device.
  • Make sure that the user's Edge app is up to date. You can check this by going to the Microsoft Store app on the user's device and selecting Downloads and updates.
  • Try clearing the user's Edge cache and cookies. To do this, open Edge and go to Settings > Privacy, search, and services > Clear browsing data.
  • Try resetting Edge. To do this, open Edge and go to Settings > Reset settings > Restore settings to their original defaults.


Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.


If the post was useful in other ways, please consider giving it Like.


Kindest regards,


Leon Pavesic

@LeonPavesic Note: If you are using the Intune Company Portal to enroll user devices, you will need to make sure that the Encrypt only work data checkbox is not selected. This is because Conditional Access requires devices to be enrolled in Intune in order to access protected resources.

-> Current we enroll and choose Encrypt only work data Should access edge not single sign-on and after login then require device enroll seen with when choose Encrypt only work data then edge can not single sign-on and check device compliant. But if choose another option then all work normal

Thanks your support , after we configure signle sign-on then edge can access all normal

thanhtien19_0-1695375859372.png

 

1 best response

Accepted Solutions
best response confirmed by thanhtien19 (Iron Contributor)
Solution

Hi @thanhtien19,

to configure Edge to access Outlook Web with user enrollment, you need to do the following:

  1. Make sure that you have configured Conditional Access (CA) to allow user enrollment. To do this, create a new CA policy and set the Conditions to Device platforms and Select the platforms to All platforms. Then, set the Controls to Grant access and Require enrollment.
  2. Create a new app configuration policy for Edge. To do this, go to Devices > Configuration profiles > Create profile. Select App configuration as the profile type and select Microsoft Edge as the target app.
  3. In the App configuration policies section, click Add. Enter a name for the policy and select Single sign-on as the policy type.
  4. In the Single sign-on configuration section, select Enabled.
  5. Click Save.
  6. Assign the app configuration policy to the users who will be using Edge to access Outlook Web.

Once you have completed these steps, users will be able to access Outlook Web in Edge without having to sign in.

Note: If you are using the Intune Company Portal to enroll user devices, you will need to make sure that the Encrypt only work data checkbox is not selected. This is because Conditional Access requires devices to be enrolled in Intune in order to access protected resources.

Here are some additional troubleshooting tips:

  • Make sure that the user's device is meeting the compliance requirements of your Conditional Access policy. You can check this by going to Devices > All devices and selecting the user's device.
  • Make sure that the user's Edge app is up to date. You can check this by going to the Microsoft Store app on the user's device and selecting Downloads and updates.
  • Try clearing the user's Edge cache and cookies. To do this, open Edge and go to Settings > Privacy, search, and services > Clear browsing data.
  • Try resetting Edge. To do this, open Edge and go to Settings > Reset settings > Restore settings to their original defaults.


Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.


If the post was useful in other ways, please consider giving it Like.


Kindest regards,


Leon Pavesic

View solution in original post