Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

Device access rule for Outlook App for iOS and Android does not work for Intune on-premises Exchange conditional access


View products that this article applies to.

Symptoms

Consider the following scenario:
 
  • You have an on-premises Microsoft Exchange Server environment.
  • You use conditional access for Microsoft Intune.
  • You allow access to Intune for Outlook Apps for iOS and Android by using an Exchange ActiveSync device access rule, such as the rule that's shown in the following screen shot.
     
    4464611-I
In this scenario, the Outlook App devices are blocked.

↑ Back to the top


Cause

This issue occurs because conditional access for Intune in an on-premises Exchange environment does not support the Outlook App for iOS and Android. Any Outlook Apps that are detected will be blocked by the Intune service. Any Outlook entry that is allowed by the Exchange on-premises device access rule will be blocked.

↑ Back to the top


Workaround

We no longer support the old workaround to use the Exchange ActiveSync device access rule to allow the Outlook App users to connect. If you have users that have to use the Outlook App, you cannot target those users for conditional access. However, you can enable hybrid modern authentication for both Outlook iOS and Android. For more information, see the following Microsoft Docs article:
 

↑ Back to the top


Keywords: InTune, kbContentAuto, CI91551, Technical Support

↑ Back to the top

Article Info
Article ID : 4464611
Revision : 6
Created on : 11/1/2018
Published on : 11/1/2018
Exists online : False
Views : 474