Issue with Intune MAM policies for similar user using multiple policies

Brass Contributor

Does anyone faced similar issue below? 

I deployed CORP MAM policy(doesn't have app level passcode) to an Intune managed device only option for User A

And then deployed a "BYOD MAM policy (includes app level passcode)" to an "Unmanaged device option"  for same User A

Now the issue is that when "User A" access outlook on his/her corporate device, then managed apps(ex: Outlook) is asking passcode. Ideally it should only for BYOD device not the corporate device.  Now sure why Intune is not able to recognize device state. 


Please provide your thoughts on this scenario. 

3 Replies
best response confirmed by Steve Bucci (Microsoft)

Able to fix the issue by following below steps. 


1. Push the outlook app through Intune managed company portal. 

2. Create App configuration policy for Outlook IOS only and set the parameters as " IntuneMAMUPN , String and configuration value as : {{UserPrincipalName}}  ". 

3. If you want to allow gmail and other personal accounts to use Outlook app then we need to set "Configure email account settings" under the same configuration policy and the authentication to be set to "Modern" which will give you an option to set "Allow only work or school accounts" at which you can set it as "Not configured" .

@gadagottiraj We have similar issue and configuring IntuneMAMUPN has fixed issue for some of the users but policy didnt apply to all users apps on managed devices. Investigating this now !

@prtkdv were you able to figure out this issue? I think the apps have to be installed through Company portal on Managed Devices.