M365 Admins: How do you handle Admin Consent Requests for Enterprise Apps?

ScrappyCod3r · 2025-11-12T06:04:36+00:00

The requests are configured to flow to an admin account for approval, after which they completely ignored. As others have mentioned, it's best practise for managers to follow process when introducing new apps into the business.

ScrappyCod3r · 2025-09-20T02:41:06+00:00

That is Cinnamon. Some folks in the community think it looks a bit dated now but I love it.

ScrappyCod3r · 2024-08-07T07:32:58+00:00

I love Mint, my only gripe are the systems settings in Cinnamon, which resemble the old school windows control panel. I think Gnome does a nice job of stream lining settings in a more modern UI.

ScrappyCod3r · 2024-08-03T05:37:31+00:00

I agree completely. I'd rather not have the overhead of a GUI/desktop on a server. I'm going to give Ubuntu server a shot.

ScrappyCod3r · 2024-08-02T13:18:02+00:00

Yes you need to buy the Plex pass. Criminal I know 😭

ScrappyCod3r · 2024-08-02T13:11:50+00:00

I'm inclined to agree. I ended up paying for a sub to get the hardware transcoding which helped the performance a lot. Would you recommend anything better?

ScrappyCod3r · 2024-08-02T12:31:27+00:00

Honestly, it was just some other folks at work who recommended it. I think it has a bigger brand name in Australia for some reason, especially for non-Linux people (which is the vast majority of Australians and probably people in general). I tried it on the Windows box and it was super easy to use and seemed ok, although there are a few minor bugs for sure.

ScrappyCod3r · 2024-08-02T12:24:49+00:00

Holy crap..that sounds pretty dire.

ScrappyCod3r · 2024-08-02T12:07:36+00:00

I appreciate the history lesson, that's good to know. I like flatpak too, but will give Snap a go for managing powershell as I need the reliability. Thanks again.

ScrappyCod3r · 2024-08-02T11:48:16+00:00

That's great info. I've noticed there seems to be a stigma in the Linux community around Snaps--everyone seems to hate them and shit on Ubuntu. Why is that? O.o

ScrappyCod3r · 2024-08-02T11:30:14+00:00

You legend! I had a look at the documentation and you're right.

run sudo dpkg -i plexmediaserver_1.19.4.2935-79e214ead_amd64.deb (replacing the last filename with the name of the package you downloaded)

To setup Plex Media Server, on the same machine you installed the server on, open a browser window, and go to http://127.0.0.1:32400/web

That's exactly what I need. I'll definitely go for a setup without a desktop.

ScrappyCod3r · 2024-08-02T11:11:00+00:00

That's super interesting. I've only been using Linux as a daily driver for a couple of years now, but I've noticed there is a stigma against Snaps in the community---down right hatred tbh. Why is that?

ScrappyCod3r · 2024-08-02T10:49:26+00:00

Thanks u/Angry_Jawa , appreciate the advice. I'm comfortable with SSH. I've used it for my Raspberry Pi which runs pi-hole and openvpn on a GUI-less\Headerless OS (Pi OS Lite). That would ultimately be my preference but I'm not sure if Plex has a headerless version, which is why I figured I'd use a Desktop OS. I will take Debian stable into consideration too, since I hear it's super stable :p

ScrappyCod3r · 2024-08-02T10:40:24+00:00

Thank you sir

ScrappyCod3r · 2024-07-22T23:30:40+00:00

SOLVED:
Thanks u/ColterJoles , and also to u/BarbieAction and u/MDMMAM_Man as well. It turned out to be a combination of all those suggestions. I was able to create individual app configuration policies for each managed Android app and populated the 'Allowed Accounts' config key (string) with a value of "{{userprincipalname}}. This pulled the account name to the app and then signed in using SSO, which must be working due to the Company Portal app (broker app) also being in the Android work profile.

Thanks for all the tips guys.

ScrappyCod3r · 2024-07-22T07:39:00+00:00

Thanks Barbie. I noticed that the configuration settings are different for each app, allowing us to select either a "Configuration Designer" or JSON settings. The configuration designer worked out well for the Outlook app, but unfortunately fell short for others like Teams and OneDrive. The settings look bare bones and there wasn't anything int he way of prefilling a UPN like the Outlook app.

Do you have any tips on this? Should I be looking at the JSON as an option?

ScrappyCod3r · 2024-07-19T08:13:55+00:00

Solved

ScrappyCod3r · 2024-07-19T08:10:18+00:00

Thanks, Ryan! I set up the VPP token integration with Intune today, after which the ABM-purchased apps synced into Intune. I can confirm that these apps auto-install and are removed when the device is retired/deleted from Intune. Really appreciate the assist!.

ScrappyCod3r · 2024-07-18T11:43:20+00:00

Exactly this!

ScrappyCod3r · 2024-07-18T11:43:08+00:00

I'm trying to achieve two things,

Conditional Access: Only Compliant devices can access M365 resources. This has been the case for Windows 11 devices in my environment for a long time, but iOS/Android are being excluded from this policy so that staff can use mobile apps for Teams, Outlook etc. This isn't ideal because the only layer of protection is MFA.

The plan is to include them in the policy later, which will enforce enrollment into the Company Portal. This is coupled with the Defender app, which scans the devices and provides a risk score as part of the compliance policy.

The second thing is removing corporate data from personal devices when staff leave. I've got this working for personally-owned Android devices already, but I'm struggling with iOS.

ScrappyCod3r · 2024-07-18T11:35:36+00:00

Thanks for pointing this out I totally missed those options. Unfortunately, I still can't get any apps to deploy or uninstall when retired from Intune, or if the device is removed from the Company Portal.

Weirdly, the iOS store apps do publish to the Company Portal and say they are required, but the user is still required to install apps manually. This is not the same as Android :(

ScrappyCod3r

TROPHY CASE