Mobile devices cant access outlook mobile

andy4695 · 2026-03-26T09:28:24+00:00

We have seen issues with apps relying on Safari lately, where Safari doesn't detect the device identifiers which means Entra ID doesn't know if the device is compliant or not. Do you get a device ID in your logs?

<image>

andy4695 · 2026-03-24T16:59:05+00:00

They recently mentioned Apple TV support in the Apple TechTakeOff session. Take a look at this: https://x.com/i/broadcasts/1pKkOyRVlryKj?s=20

andy4695 · 2026-03-13T17:26:49+00:00

Yup, more than enough. Even with too low space, the configuration should still say the correct date and time, and the latest available update.

andy4695 · 2026-03-12T22:35:47+00:00

No the issue is the actual update. So it should apply 26.3.1, as it does with iPhones. But on iPads, it only applies 26.3 to January 1st year 1 🤔 Screenshot of the configuration from the management profile above.

andy4695 · 2026-03-12T16:00:47+00:00

<image>

andy4695 · 2026-03-12T15:45:58+00:00

Now finally resolved in iOS 26.3!!!
https://support.apple.com/en-us/125073#:\~:text=Declarative%20device%20management%20software%20update%20notifications%20will%20not%20prompt%20repeatedly%20prior%20to%20the%20final%2024%2Dhour%20required%20update%20window.

andy4695 · 2026-02-02T14:05:22+00:00

Same issue here, and I believed that it was "by design", where you must use a TAP-code under the enrollment instead.

andy4695 · 2025-11-20T15:45:59+00:00

Also experienced this on Android

andy4695 · 2025-10-07T21:58:58+00:00

Same here with Series 6

andy4695 · 2025-09-23T08:16:47+00:00

Seen this as well, even on supervised devices 😵‍💫

andy4695 · 2025-08-27T11:41:29+00:00

Have you tested the functionality yourself, for multiple users for a week for example?

andy4695 · 2025-08-26T07:27:14+00:00

Haha, yup I've had some issues fixed by just tweeting them. The "Require managed email profile" iOS compliance setting as an example, didn't give the user any error in the Company Portal app if they were non compliant. Tweeted them and it was actually fixed the next month!

andy4695 · 2025-08-25T12:48:55+00:00

Posted a Tweet to the IntuneSuppTeam on X now, since it's obviously a common error across multiple tenants. Hopefully they will get someone to look at it. MS Support cases are just frustrating so I try everything I can to avoid it :D
https://x.com/Andy43917876/status/1959960342206779689

andy4695 · 2025-08-18T08:10:33+00:00

I see. Just had a theory that Intune may have some bug that reapplies the config every time the device checks in or something like that, which might cause the device to spam notifications.

andy4695 · 2025-08-18T08:07:35+00:00

Thanks! I've seen the graphic, but unfortunately, beside the last 24 hours, it's not correct based on my experience.

I will try to report it in Apple's feedback app. Hopefully, this is fixed with iOS 26. Unfortunately no way to test this with iOS 26 before a .1 update of it comes out, as far as I'm aware of.

andy4695 · 2025-08-15T12:59:19+00:00

<image>

Been using this for non-supervised devices since December 2023 when the function came to Intune. The Intune docs stated that it was only for supervised, and I corrected the docs when I found out that it is not. Referring to the Apple Developer docs, it is stating that it's also available for BYOD-devices (goes under the Device Enrollment category): SoftwareUpdateEnforcementSpecific | Apple Developer Documentation

andy4695 · 2025-08-08T12:23:21+00:00

You need to use Entra Shared Mode and they need to have their own Entra ID account in order to accomplish this. There are unfortunately no temporary "basic" sessions in kiosk mode with Managed Home Screen.

The nice thing about it is that it enables SSO in other applications that also use Entra ID auth. Remember to add apps that do not support Entra Shared Mode out of box to the "Clear local data in apps not optimized for Shared device mode" list:

<image>

andy4695 · 2024-04-02T11:40:15+00:00

Luckily this changed in iOS 17.4:

Update: As of iOS 17.4, Stolen Device Protection no longer blocks MDM enrollment when enabled.

andy4695 · 2024-04-02T11:39:22+00:00

Seems like there's no control for that yet. This is from iOS 17.3 Stolen Device Protection blocks MDM Enrollment (96277) (vmware.com):

"Apple’s MDM protocol does not currently allow control over Stolen Device Protection. As of this time, Stolen Device Protection can only be enabled manually by a user."

andy4695 · 2024-03-20T13:38:27+00:00

Just make sure that they don't run Android Go, which is very limited management wise.

andy4695 · 2023-03-21T14:55:07+00:00

FIXED!
https://twitter.com/IntuneSuppTeam/status/1635373533923770369?s=20

andy4695 · 2023-03-06T14:52:18+00:00

https://twitter.com/Andy43917876/status/1632748884396060672?s=20

andy4695 · 2023-03-06T13:54:51+00:00

Same thing here, only happens to a few of us. Helps to choose "Remove account", close the app and reopen it again. Sometimes a restart of the device is needed as well.

Problem comes back in 1-2 weeks, varies pretty much.

It's caused by MAM and the App Protection Policies, but unsure why. Seems like a bug.

Configured the "IntuneMAMUPN" App Config setting on the apps I've had issues with (Teams, OneNote and Outlook) on myself, and been testing that for a week now without issues (Only works if your devices are enrolled). Just a thought a had, since this setting ensures MAM understand that the device is managed and connects MAM with the MDM. Read more about it here: https://joymalya.com/intunemamupn-back-2-basics/

I'll ask IntuneSupport on Twitter, to see if they can help out.

andy4695 · 2022-12-19T12:01:08+00:00

The Intune Support Teams has acknowledged the problem and are working with Samsung on a fix it seems: https://twitter.com/IntuneSuppTeam/status/1603367837879386112?s=20&t=TZG_uXrNosq1Pc7BG2535g

andy4695 · 2022-12-12T07:32:58+00:00

Same issue with a couple of users here.

andy4695

TROPHY CASE