Nov 05 2019 03:03 PM - edited Nov 05 2019 03:04 PM
Ok. Hopefully I can explain this. We are using MAM for our O365 apps. When we setup a fresh iOS device, we register it with Authenticator and the first time Outlook is setup we get prompted to create a PIN per our policy and all is good.
However, from that point on, I can wipe the MAM apps with Intune we can unregister the device, uninstall and reboot, and when we setup Outlook again (or any other MAM app) we never get prompted to create a PIN.. It just automatically users the one that was setup the very first time. The only way, it seems, to get a truly fresh device is to do a hard reset.
Anybody know where that secret location is, or how to clear it out?
Nov 05 2019 03:06 PM
Nov 05 2019 03:27 PM
@Thijs Lecomte Oh yeah. Tried just uninstalling it. Tried deleting my credentials from it, de-registering it, then uninstalling it. It wouldn't bother me too much, but now that they released S/MIME for Outlook we're finding that once you install your personal S/MIME certs.. they go somewhere on the iOS device and there is no way to remove them, sans a hard reset of the device. And once your personal cert is on there, you can't replace it because it simply says it already exists.. so if somebody would put a bad cert on their device, we can't remove it.
Maybe that's unrelated to the other settings, but it's another thing that hangs around after everything is uninstalled from the device.
Nov 05 2019 11:57 PM
Nov 06 2019 09:43 AM
@MSBSKB we don't have a management profile. We are doing MAM-WE.
Sep 23 2021 10:10 AM
@Christopher Neuendorf I know this is an old thread that I just stumbled on that might help someone going forward but yes some settings are still left over after uninstalling everything. To clear these you need to install OneDrive go to iOS Settings > OneDrive then toggle Clear Account Settings. Opening OneDrive will clear it and you don't need to sign in to OneDrive.