Oct 18 2022 07:12 AM
Oct 18 2022 07:12 AM
So our org mostly uses E1 lecesnes, and everything worked fine (pretty much had the default configuration for endpoint manager).
We have sence added a handfull of users on Microsoft 365 Business premium. Things just started to not work well. For example from the get go, business premium users just couldnt log into office apps for desktops or mobiles, they were able to log intot he web apps.
For the most part we got things working with Business Premium users by installing company portal on their desktops and haing them log in. Even though they are joined to the Azure Domain. We had to do quite a bit of hacking though to get office apps working (at first they could save files to their devices), or use MS Edge.
But we still get issues, for example, if a Business Premium user gets an email with a pdf, they are prompted to select the app they want to use to open (every time). Whatever app they use they cant mark it as default becasue there is some message that said the app if for personal files only.
Also, with the E1 users it seems like things are less than ideal, every so often the user now have issue opening files, logging in etc. It seems random. It is almost like the system wanted to controll them with intune. But thse users dont have intune licenses.
Anyway, I would have thought default setting would have just worked, and my playing with thisngs has made some things better but introduced other issues. I am wondering if anyone has any decent resources for just some base settings that just work. Again liek i would have thought base microsoft 365 would have just worked. We dont really have any advanced/special security requirement.
It wouldn't be to bad to go back and just figure out how to setup default basic security, and disable intune even for Business Premium (I never really enabled it, just seemed automatic). And somehow treat everyone like it was prior to those lecenses.
Oct 18 2022 01:25 PMSolution
Take a look at this link and see if you have an App Protection Policy defined. It sounds like WIP may be on, hence the message about it being "personal" instead of "corporate."
Either disable the MAM User Scope, set the policy to "Silent", or remove the policy to clear the prompts. E1 doesn't support the feature, hence it had no effect beforehand, but the feature lights up via the Premium license.
Please like or mark this thread as answered if it's helpful, thanks!
Oct 19 2022 07:49 AM