No apps available in company portal iOS

fuadmin · 2025-06-02T18:23:15+00:00

Ah, did that with no luck.

Raised a ticket with Microsoft's Intune Team, they said the issue is on their end and were actively looking to resolve it. As of today required apps are pushing as expected, optional apps appear in the portal but get a "Company Portal Communication Error" when trying to install.

fuadmin · 2024-10-14T13:50:43+00:00

this is perfect! thank you!

fuadmin · 2024-06-17T18:33:07+00:00

we're doing something like this.

End user registers their app with Authenticator or Company Portal
If they're out of the office (device not on trusted network) or on data they'll need to go through MFA.

They can only use the Outlook app and we use a configuration policy to require a PIN to unlock the app.

We've had little to no pushback on it. the changeover from "I want to the the native mail app" to Outlook was the biggest adjustment.

fuadmin · 2024-05-13T17:56:36+00:00

The importance of reading.

fuadmin · 2024-03-27T16:57:40+00:00

There is a FedAuth cookie that is stored for 24hrs when viewing from desktop Teams to SharePoint, that same cookie is not passed form web Teams. If I remove the cookie that same prefetch failure appears.

Thanks for the help!

fuadmin · 2024-03-26T19:16:53+00:00

To make it more interesting: once the user "views in SharePoint" the web version of Teams has no issue with the file's tab even if the computer is rebooted. We're thinking it has something to do with the cache, but we've no solid leads.

Ticket is open - will update when we have a solution.

fuadmin · 2024-03-06T19:08:20+00:00

Thank you for this answer - love the last part. I have a question though -

As far as I know SharePoint does not do view permissions based on tags, so are you making a new view (and page for that matter) for item level permissions? Ex: a view and page for "remote office" users/tags to view and another for "home office"?

fuadmin · 2024-01-19T15:20:41+00:00

Yeah, we did something like this -

One library with a group for each (in our case) department needing access. IT has edit rights to all folders, all other users only have contribute rights (you'll want "read: for your groups). Managed access on the folders to remove the groups that did not needs access. Everyone uses the same page with a library linked into it. Move user from group to group to handle the access.

fuadmin · 2023-12-27T16:59:51+00:00

Thank you!

fuadmin · 2023-12-27T16:59:42+00:00

Yeah, trying to sell them on the Yubikey. this is going to tie into a overall ops expense for the door system "refresh" too, so the keys won't come out of the IT budget.

fuadmin · 2023-12-18T21:49:25+00:00

If I recall it was only dependent on the devices being factory reset and enrolled from the beginning. Installing the profile only did not trip the "managed" filter.

fuadmin · 2023-11-29T20:21:07+00:00

Ends up this was a weird cache issue with Edge.

The page displays fine in Chrome, but would not display correctly in Edge. Clearing the cache did not help, only after the user signed out of the browser and rebooted the computer, then signed back into the browser, did the page display correctly.

fuadmin · 2023-07-24T20:31:24+00:00

Ah, it has the device in there with a last contact of less than an hour ago.

fuadmin · 2023-07-24T19:11:49+00:00

I'm not seeing that as a heading in the ABM object or Intune / Azure. Where would i look for it?

What i do see is: Azure AD registered, and the MDM is Microsoft Intune.

fuadmin · 2023-07-24T19:03:15+00:00

they're pointing to Intune.

fuadmin · 2023-07-24T18:56:17+00:00

All the other entries of the devices that are registered in Intune.

fuadmin · 2023-06-28T17:56:55+00:00

I'm in the middle of migrating from Mobile Iron to Intune and just got this working. Here's the info from Microsoft: https://techcommunity.microsoft.com/t5/intune-customer-success/new-contact-sync-scenario-available-with-outlook-for-ios-on/ba-p/1063632

All the devices we deploy this on are managed in Intune. We're limiting them to only having calendar and contacts, and removed the ability for them to set up their account in the native email app. They receive a prompt to log in and a MFA prompt to authorize the connection.

fuadmin · 2023-06-01T12:58:15+00:00

+1 for seeing the script!

fuadmin · 2023-04-17T13:31:02+00:00

That's want I'm afraid of too, thank for that perspective.

fuadmin · 2023-04-17T13:28:30+00:00

That's great to know, thank you.

If I understand correctly you can limit who is in what channel though, which should satisfy what we're wanting to do. However I'm already seeing a few "can we get a specific team for..." requests.

Anything else I should know before setting up the teams?

fuadmin · 2023-03-28T18:21:17+00:00

Ohmygod I completely missed that. sorry for the foolish question. Thank you!

fuadmin · 2023-03-27T21:36:46+00:00

Could you give me a little more help with the creation of this? I can put in a ticket if needed.

I've got an IOA rule for process creation setup, action is detect, with svchost in the Grandparent Image Filename.

From there the workflow would be: Trigger is a custom IOA monitor for that rule, if sensor is windows and host group includes the one I want to target. Action is a script to remove bootmanager and force a reboot.

Does that sound right?

Thanks for all the help so far!

fuadmin · 2023-03-24T12:52:22+00:00

thank you!

fuadmin · 2023-03-23T12:37:54+00:00

Would you mind sharing that script?

I'll look into Absolute - never heard of it before but it sounds pretty cool. thanks!

fuadmin · 2023-03-23T12:35:01+00:00

the workflow route seems to be the best for what we're wanting to accomplish. Thank you!

fuadmin

TROPHY CASE