Feb 11 2019 01:11 AM
Hello guys,
I am struggling with a specific use-case: I would like to allow users to save Outlook contacts (company email == company contacts) to the native iOS contacts app. Outlook is a managed app and is available to all users.
Now I am not quite sure based on the recent blog and the official documentation how to configure it properly without allowing un-managed apps (like WhatsApp) so see or sync the managed contacts that were synced from Outlook to the native contacts app.
Especially the official documentation is a bit confusing. On the setting Viewing non-corporate documents in corporate apps it states that it blocks "viewing non-corporate documents in unmanaged apps". Which does not make sense from my point of view. Instead it should be "prevents viewing corporate documents in unmanaged apps" or am I missing something?
Just to rephrase my use-case and what I want to achieve, for better understanding:
I want to log-in in Outlook with my work account and sync my business contacts to the native iOS contacts app. However, I want to prevent unmanaged apps to be able to see or sync the business contacts.
Currently I have the device restriction profile configured as follows:
Thank you for your help!
Mar 05 2021 01:06 AM
I do have the same issue. Any hints on that?
Mar 05 2021 02:45 AM - edited Mar 05 2021 03:17 AM
Hello @ljasha
I recommend to take a closer look at App Configuration policy instead, there is a long section about Save Contacts in Microsoft docs. What you need to do is first go over the flowchart to determine which type of policy you should create and once that is on lock, you can start playing around with the App configuration policy (chart source) to see if the results fit your expectations and there is no accidental leaks.
There was a similar question asked just recently in this forum iOS Outook sync to Contact app, protection from non managed apps, probably a good idea to go through that as well, as there is a lot of nuance to this topic.
Mar 05 2021 03:36 AM
Mar 05 2021 05:41 AM
@ljasha Thanks for the fast reply.
But let me ask another question. If you sync the contacts with an E-Mail profile on the device, isnt whatspp (for example) having also access to these?
My aim is to have something similar like a "work profile". When the user is called they should see who is calling but whatsapp/threema or other apps should not be possible to see that information.
Do you know what i want to achieve? Is that even possible with InTune?
Best regards,
Michael
Mar 07 2021 11:10 PM