This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 56.00000000000001%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAB%3C/text%3E%3C/svg%3E)
We're trying to deploy App Protection Policies / MAM on the personal devices of our employees and we're having a problem on many devices. Once the policy is enforced by a conditional access rule, the targeted apps on the device (tried it with Teams and Outlook) flashes "Confirming app status" many times and it ends up with an error message.
If I delete the corporate account from outlook and try to add it back, I see Confirming app status again and it ends up with "Unable to log-in" "This Account can't be added because Outlook isn't configured correctly".
The conditional launch section of the policy looks like this:
| Setting | Value | Action |
|---|---|---|
| Max PIN attemps | 10 | Reset PIN |
| Offline grace period | 720 | Block access (minutes) |
| Offline grace period | 7 | Wipe data (days) |
| Disabled account | Wipe data | |
| Jailbroken / rooted devices | Block access | |
| Min OS version | 12.0 | Warn |
| Min OS version | 11.0 | Block access |
| Min OS version | 10.0 | Wipe data |
If I remove all the Min OS version clauses and the Disabled account clause, adding the corporate account to Outlook works again, but the policy doesn't seem to be applied: the device is not asking to setup a PIN, is not forcing the links to be opened with Edge, and is not limiting the amount of data that can be copy-pasted.
One of the device I'm trying to debug is a Google Pixel 7 running Android 14, and I have no reason to beleive it's jailbroken/rooted. Company portal is installed on the device, but the device is not enrolled.
What are the next steps to troubleshoot this? Where can I get some logs to see what's wrong?
Managing Android devices using Microsoft Intune
Managing apps and software deployment through Microsoft Intune
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 44%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
Same here. On a complete blank pixel device with only Outlook and Teams installed we are getting / having exactly the same error message / behavior.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 84%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
i also have the same issue. do you manage to find the fix without needing to remove min os version and disabled account in conditional launch?
The vast majority of the devices have only those two apps, this is what I tested. I confirm Outlook, Teams, Company Portal and the OS are up to date.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 69%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERJ%3C/text%3E%3C/svg%3E)
Is the issue only with Outlook, Teams? Can you confirm if the Office apps, Company Portal and OS security patches are up to date?
The vast majority of the devices have only those two apps, this is what I tested. I confirm Outlook, Teams, Company Portal and the OS are up to date.