Suppress "Allow my organization to manage my device" for personal devices

Question

Suppress "Allow my organization to manage my device" for personal devices

AsAdmin 396

Hi Team,
We want to suppress office app notification "Allow my organization to manage my device" on user personal devices.
Anything can be done via o365 admin portal?
This is to avoid user accidentally enroll device to Intune.

As of now BYOD devices are allowed to enroll in Intune enrollment restriction. We don't want to disable BYOD enrollment, any other option?

2 answers

Your answer

Answer 1

Simon Ren-MSFT 40,346 Microsoft External Staff

Hi,

Thanks for posting in Microsoft Q&A forum.

1,Here is a workaround for your reference. Add below registry key on one device to have a try:

HKLM\SOFTWARE\Policies\Microsoft\Windows\WorkplaceJoin, “BlockAADWorkplaceJoin”=dword:00000001
When using this registry, your users will no longer see this notification when they login to ex. Microsoft 365 apps or Microsoft Edge with another work or school account.

Similar threads for your reference:
Are you tired of “Allow my organization to manage my device”?
How to Prevent Allow My Organization to Manage My Device
Please note: The links are not from Microsoft, just for your reference.

2,You could also submit an uservoice for Microsoft Teams to stop this behavior :
Microsoft Teams feedback

Thanks for your time.

Best regards,
Simon

If the response is helpful, please click "Accept Answer" and upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Simon Ren-MSFT 40,346 Reputation points Microsoft External Staff

2021-12-10T08:55:22.76+00:00

Hi,

Just checking in to see if there is any update. May we know the current status of the question? If there is any other assistance we can provide, please feel free to let us know, we will do our best to help you.

Thanks and regards,
Simon
Tyler Montney 16 Reputation points

2022-09-23T17:52:02.933+00:00

Edit: This doesn't seem to suppress the dialog for new accounts (such as signing into Microsoft Edge). It also blocks the user, on Windows 10, from running an Intune sync.

In addition to this, you can configure this same setting by creating a Settings Catalog Configuration Profile: Settings > Allow Workplace > Block. Side effect will be you can only leave the Azure AD Domain, from the device, by running dsregcmd /leave. Of course, you can still remove a device via the MEM portal.

Answer 2

Mr Sb 371

There is no way to disable or hide this option on unmanaged devices when using the Intune service within your tenant. This is a feature which is related to the Azure AD registration service which gives the user the ability to register their (personal) device in the Azure AD tenant. When the device gets lost or stolen, your organization will then have the ability to remove access to the corporate data on that personal device.

Share via

Suppress "Allow my organization to manage my device" for personal devices

2 answers

Your answer