iOS
51 TopicsSync GAL to Android & IOS devicees
Hi. Does anyone have a working way of synchronizing the GAL to IOS and Android devices' native contacts app? We are using intune, and i have tried with the app protection and app configuration policies, and with device configuration, and none of them give me the wanted result. I can manage to the the Sync turned on, and manually from the outlook app select single users to sync, which works - but not the entire GAL automaticlly..... I know there is alot of licensed 3. party software that can do this - i'm hoping someone here has an intune native solution to the issue..16KViews0likes9CommentsDefender iOS not syncing with Intune
I am setting up Apple Automated Device Enrollment and using authentication with modern authentication/setup assistant. I have tried the JIT option as well but my ios device does not come into compliance because Defender is not syncing with intune. I have set a policy to require the device to be under a threat level to be compliant. I have set up all the necessary policies for JIT and have used in for user enrollment. I have also set up zero touch deployment for defender ios (supervised). Seems all the policies are successfully being deployed but I am stuck on the Defender syncing. Does anyone have any ideas? All other functions seem to be working.858Views0likes8CommentsiOS Microsoft Defender Compliance Policy not showing compliance despite successfull setup of the app
I am having an issue on multiple tenants and after a lot of try and error I am not getting it. All tenant enroll their devices through the Apple DEP in supervised mode and deploy the Microsoft Defender app using a VPP token with a device based license. The app is successfully installed on the devices and users are able to sign in to the app and the defender is showing everything is green. However the Compliance policy does not switch to compliant even after long waiting and the security center is not showing the device. Strangely this is not happening always... around half of the enrollments switch to compliant while the other half does not. Sometimes the issue also resolve by reinstalling the app. I have this issue on multiple tenants. I am using the Filter profile with auto enrollment (which also does not start always) but the VPN onboarding has the same issue. So if someone else had this issue and has an idea where this comes from: Please give me a comment.400Views0likes0CommentsiOS/iPadOS deployed Edge crashing after last update
Hi, since the last update of MS Edge to iOS devices via Intune (automatic updates), Edge is not opening - it just flash the window and thats all. It wont open. Sometimes, there is an error like "something went wrong, we are working on it, and try it again button, but mostly if just flash. Anyone experiencing this issue, or in better case, how to fix this ? App is installed as required. Thanks.2.4KViews1like8CommentsOutlook for iOS + Caller Identification
Hey folks, i'm struggling at this for years, as you can see in my previus post from 2020. Let me shorten this: Scenario We have iOS Devices with Outlook for iOS installed. The users have many contacts in their EXO Mailboxes When a user gets a call from one of his contacts, the phone number is presented instead of the name (no Caller identification) Approaches I already know this MS articles belonging to Contact Sync. So i've learned that this leads to a running contact sync without the need of an icloud Account. The contacts could be written directly between Outlook for iOS and the native contacts app. (Better than nothing ) The Problem is, that if contact sync is in use ANY App could see these contacts. (Including Whatsapp, etc...) Because of GDPR this is a no-brainer. Many other solutions are using Apple Call-Kit, so that the incoming call is identified (name is shown) just without any need of contacts to be present in the native contact app. I didn't found anything belonging Call-Kit or any other possible solution for this issue, yet. There MUST be any better solutions except syncronizing all the contacts, isn't it? ANY Answer is highly appreciated. (At least the positive ones ) Regards, Patrick!6KViews2likes8CommentsiOS managed contacts - how to deal with that?
Hi everyone, the last years i've already tried to solve the problem with the managed contacts. Because this was not possible earlier i forgot about that. Now i want to readress this issue. A very important article i've found is this one: Techcommunity Success: New contact sync scenario available with Outlook for iOS on enrolled devices With this thread i would like to discuss some unanswered questions of myself. I would really appreaciate any answer of you guys. 🙂 Goals: Business contacts should be able to be read through contacts app (because of caller-id) 3rd Party Messengers should not see these business contacts Thesises: It is not possible to achive this with Outlook for iOS and it's contact sync feature, right? (Because of these contacts are going to be synced through icloud, therefore these contacts are marked as "unmanaged contacts.) It is possible to achive these goals by using: an device configuration profile which configures an active sync account which only synchronizes the contacts of the users mailbox. These contacts are considdered as "managed contacts" an app configuration profile which disables the "sync contacts" feature for "outlook for ios" An App protection policy which disables "Viewing corporate documents in unmanaged apps Because of the fact this is only working for enrolled and managed devices, we need to tell the users: Caller identification is only possible if you enroll your device in Intune. (in relation to the previous points) So far, so good, but the bad news is: Because of the incopatibility with conditional access policies, we're hence not able to restrict the user from using other apps to connect their EXO account. Right? I would be very thankful if anyone can discuss this with me. (I think the best way to adress the different topics is to quote my post and answer inline.) Greetings, Patrick7.2KViews0likes6CommentsEdge iOS authentication loop on Intune-managed device with Microsoft Enterprise SSO plug-in enabled
Hello Team, I'm experiencing a pretty weird issue with Edge on an iPhone 12 (16.5) enrolled in Intune with user affinity. I have an Azure AD user logged into the browser with sync enabled. The user is logged in to all Microsoft apps using the Microsoft Enterprise SSO plug-in for Apple devices.. Here's a .gif of the issue: Whenever I attempt to login to any website that uses Azure AD as its idP, the browser gets stuck at the login.microsoftonline.com endpoint and eventually enters what appears to be a loop with the Microsoft Authenticator app. This behavior is exclusive to Edge. All other Microsoft apps authenticate the user successfully using the SSO plug-in. Here are the Intune management settings enabled on the device: Device configuration policy settings Single sign-on app extension is enabled SSO app extension type: Azure AD Additional configuration for single sign-on app extension App configuration policy settings for Edge App protection policy for all Microsoft apps In addition to those settings, I do also have Safari hidden via a device restrictions policy. The goal is for all users to use Edge only. Any idea what might be driving this issue?5.4KViews0likes9CommentsiOS Wifi Profile not getting delivered
For the past few months we have had a profile set up that gets a restriction profile that locks the device into kiosk mode for an app and also has the setting "Join Wi-Fi networks only using configuration profiles" configured. We push out our Wi-Fi network to the devices along with root cert + SCEP profile for certificate based authentication. This has been working great for the past few months. Starting last we were enrolling iPads as we have been doing, but when enrolling the device into Intune it gets the green check mark for 'Get your device managed' and goes to 'Update device settings' and can never confirm device settings. Looking at the device its been disconnected from the WiFi network. Going to Settings -> WiFi; theres no networksavailable (I have verified there are multiple networks available)and it says 'Your iPad can only join WiFi networks that are configured by yourorganization'sadmin'. Checking the management profile on the device I can see all the restrictions and both the SCEP certificate and rootcertificate, but the WiFi profile is not listed in there. Checking the device in Intune shows that the WiFi profile is still 'pending' for the device, along with the management profile, root cert and SCEP cert. If I enroll a regular user based device assigned the same WiFi profile (but not restrictions profile) it gets the profile and connects without issue. It seems like the device is getting the policy to only allow access to the network from the configuration profile and disabling WiFion the device before it gets the WiFiprofile. Has anyone run into this or have a solution? We can remove"Join Wi-Fi networks only using configuration profiles" but I'm not sure how that would impact the already enrolled ~80 devices.3.4KViews0likes2CommentsiOS Apps are still managed even install over offical App Store
Hello everyone, We have the following problem and I wanted to ask if anyone has similar experiences or a solution. For iOS devices we have Available Apps like OneDrive. For this we have also created configurations that include "IntuneMAMAllowedAccountsOnly". If a user installs OneDrive via the official Apple App Store, the app is unmanaged and private accounts can be used. If the user installs OneDrive via the Company Portal, only the account that we have configured can be used. However, if a managed app is uninstalled over the User and reinstalled via the Apple App Store, the app remains managed and no private account can be used. The only solution I have found is to remove the configuration from the device via Intune and push it again. Is there another solution?540Views0likes1Comment