The feature that you are trying is not supported at the moment and is design limitation. Only one work account allowed is allowed to use on intune managed device.
Thanks,
eswar
www.eskonr.com
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi All,
I have created a MAM policy on Intune and applied two different users, but literally one person is using the both email addresses on his mobile phone(iOS). However, when he tries to add second user account, it will display the below error message.
appreciate the help!
PS: if this is the limitation of MAM policy in Intune, Can we do the same restriction by enrolling the mobile device to the Intune. essentially, we want to block copy paste from outlook to third-party apps like WhatApps, Messenger etc. this is the iOS device and if we want to enroll with Intune, we could go ahead with BYOD-Device Enrollment option in Intune.
Thanks,
Dilan
The feature that you are trying is not supported at the moment and is design limitation. Only one work account allowed is allowed to use on intune managed device.
Thanks,
eswar
www.eskonr.com
@Dilan Nanayakkara , For your question, here are my answers for the reference:
Q1: as per understanding, when we enroll the device without App protection policy, we can add multiple accounts right?
A1: Yes, you can.
Q2: so when it comes to Android, by default unable to share data between Work and personal profile and this shouldn't be the problem as long as we can add multiple accounts on personal owned work profile enrollment. Is this correct?
A2: Yes, By default, the Andrid OS might prevent users from sharing data in the work profile with the personal profile. Data in the personal profile can be shared in the work profile. And not the entire device is managed. Management capabilities only affect the work profile that is created on the device during enrollment. All Android apps and data outside the Android enterprise portion of the device remain personal and under the control of the end user.
https://learn.microsoft.com/en-us/mem/intune/enrollment/android-enterprise-overview#work-profile-management
For the best experience, always sign in to work apps with your work account, and sign in to personal apps with your personal account. Here is a link with more details for the reference:
https://learn.microsoft.com/en-us/mem/intune/user-help/what-happens-when-you-create-a-work-profile-android
Q3: so when it comes to iOS devices, if we choose BYOD-Device enrollment without app protection policies, again we can add multiple accounts right? in this case our challenge is to block copy-paste activates and I saw a settings "Allow copy/paste to be affected by managed open-in" under iOS device restrictions policy, Can we use this settings to block the copy-paste activities?
A3: Yes, for BYOD without app protection policy, in outlook, we can still add multiple work accounts. For the setting "Allow copy/paste to be affected by managed open-in", when I set it as yes and also set "Block viewing corporate documents in unmanaged apps" with yes, deploy outlook via Intune, then the copy paste from outlook to other unmanaged app, the action will be blocked.
https://learn.microsoft.com/en-us/mem/intune/configuration/device-restrictions-ios#settings-apply-to-all-enrollment-types
Hope it can help.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.