Entra Shared Mode - Force App Stop
Hi All I hope you are well. Anyway, I was asked this yesterday and think I already might know the answer, but here goes. We had an instance of Microsoft Excel stuck in "getting things ready" on an Android Entra Shared Mode Device. Technical Support wondered if there was a way to Force Stop Excel or clear the app data. We had a look in Exit Kiosk Mode, Android Settings, and the Force Stop of Excel said "Action not allowed" and the clear the app data said "Unable to delete data for app" So, my question(s) would be, is going into Exit Kiosk Mode and even trying to force stop / clear data on apps even a valid option, or is this by design? Would adding Excel to this setting help? Any help or confirmation would be greatly appreciated. Stuart
Autopilot enrollment through serial number
I’m working for a reseller, and one of my customers has asked us to enroll their device serial numbers into their Intune/Autopilot tenant. We only have permission to upload devices because we are not their CSP partner. Now the customer wants us to enroll the devices, including their Purchase Order (PO) number, in the Purchase Order field in Intune. The issue is: Because we are not their CSP, the tenant does not allow us to enter or modify the Purchase Order field when we upload devices. My question: Is it possible for a non‑CSP reseller or partner to add a Purchase Order number during Autopilot device enrollment? If not, what options exist for a reseller to ensure that the Purchase Order field is populated?
Intune MAM BYOD: Remove Account message for iOS devices
Hello, I am seeing an issue for Intune MAM BYOD(iOS) users. After a user account password reset, it causes Intune to remove the account configured from mobile applications like MS Outlook, Work, OneDrive, etc. Current Intune Configuration: Done - App Protection Policy Done - Conditional access policy --> Grant --> Requires app protection policy (checked) Users had to re-enrol to access his/her data. Here is the screenshot, Thank you,
iOS Company Portal Security
Scenario: Colleague have installed the Company Portal and enrolled their personal device. They then install an application through the Company Portal. Any application that does not have the Intune SDK integrated. It is understood that Application Protection will not be applied to the application without the SDK integration. Question(s): What is the level of security protection on this application? Would the data stored from the application be secured? If the iOS restriction policy deemed that the transfer of information from the application to another unmanaged application be limited, would that be enforced?App Protection Policy Android Microsoft Teams as dialer
Hello, I have a problem on Android devices that calls are not automatically forwarded to the Microsoft Teams Android app. I have set the following in the app protection policies: When I enter Microsoft Teams in the Dialer App Name field, it does not work either. When I select Any policy-managed dialer app in Transfer telecommunication data to, I get a push up notification. The Teams app is set up with the corporate account and calls have already been made . Push Up Notification: No available apps There are currently no apps configured on this device that your organization allows to open this content. Make sure you are logged into your managed apps with your business account, or contact your organization's support team. Thanks in advance for the help Regards MichaelHow to Seamless Transition from Local Active Directory to Microsoft Intune?
Our organization currently operates with a Local Active Directory (AD) setup, using Azure AD Connect to sync directories with Azure Entra. All organizational devices are domain-joined and managed via Local AD. We are planning to transition device management to Microsoft Intune while ensuring a seamless process with no user intervention and no loss of user data. What are the industry best practices for achieving this transition?
Intune MAM - Restrict Application Access to Specific Biometric Profiles
We want our employees to be able to restrict access to company apps on private devices to only specific biometric profiles on the devices. If needed: Are you working together with Apple to make this possible? (e.g. via tiered device control levels / admin password in iOS)Multiple accounts on one device managed by different companies
I have employees who work for multiple companies and have Microsoft 365 and Intune at each of their companies. They add their work accounts to their personal devices to access Outlook and Teams. When applying App Protection Policies, will the applications have policies relevant to the organization that owns the data have that organization's policies applied to the data? What happens if two work accounts have App Protection Policies applied? Will one take precedence over the other? Searching around seems to indicate this was impossible before Outlook allowed more than one work account. I cannot find an answer where multiple work accounts are now permissible in Outlook and in Teams. Thanks in advance.
