![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Microsoft 365 and Office | Subscription, account, billing | For business | Other
Microsoft 365 features that help users manage their subscriptions, account settings, and billing information.
Hi John,
Thank you for reaching out to Microsoft Community Support. I'm glad to help you!
Based on my understanding of your message, I’d like to gently clarify what’s likely happening and suggest you through the step to help you take back full control of your device.
In this situation, for the reason it's happening, when you signed in with your Microsoft 365 work account and selected the options:
- "Automatically sign in to all desktop apps and websites on this device"
- "Allow my organization to manage my device"
your device may have been automatically registered with your organization’s Azure Active Directory (Azure AD), or enrolled in Microsoft Intune, which enables your organization to apply security policies to your device.
This is a common scenario for corporate-managed devices, but can be unintentionally triggered on personal devices, and I understand why this would raise privacy concerns.
Reference: What is device identity in Microsoft Entra ID? - Microsoft Entra ID | Microsoft Learn
Here's what each option does:
- Allow my organization to manage my device
When you check this box and tap OK, your device allows your organization’s IT administrators to manage it remotely. They can install apps, control settings, enforce security policies, and if necessary, reset the device. - Uncheck "Allow my organization to manage my device"
If you uncheck this and tap OK, your device will stay under your full control, and administrators won’t be able to manage or enforce policies on it remotely. - No, sign in to this app only
By clicking this link, you will only be signed in in the current app, not across your entire device. Your account information will not be used to automatically sign in to other apps and websites.
While the device may now be under organizational management, administrators cannot view or access your personal files or data stored locally. They can only:
- Apply device configuration or compliance policies
- See some system information
- Wipe work-related data only using tools if ever needed
However, any files synced with organizational services (like OneDrive for Business or SharePoint) could be visible to your organization, depending on their policies.
For your concern how to remove your device from organization management. If this was done by accident and you're using a personal device, you can safely remove the organization’s management access by following the steps below:
- Open Settings > Accounts (can type it in search bar) > Access work or school
- Under Work or school accounts, find the account under your organization
- Click the account > press Disconnect > Restart your device
However, in some tightly controlled environments (for example, companies with high security policies), this right may be restricted by the administrator. But if you are a freelancer using a service account, you usually can disconnect normally.
If you’re unsure whether the device was Azure AD-joined or just registered, you can also check via:
Settings > System > About > Device specifications > Scroll down to "Domain or workgroup" and see if it says "Azure AD joined"
Please let me know how it goes, or if you have any questions, please feel free to reach out. Please understand that our initial response may not always resolve the issue right away. But with your help and a bit more detail, I'll try my best to help you.
Looking forward to your reply!
Sincerely,
Jeanie-H - MSFT | Microsoft Community Support Specialist.