Share via

Restrict users from signing in to more than one Office365 tenant in Word/Excel/Powerpoint on Windows with MS Intune?

Greg Azar 6 Reputation points
2022-06-03T01:41:56.107+00:00

Hello,
I'm trying to restrict our users from being able to use external O365 credentials to login to Word/Excel/Powerpoint on our Intune managed machines.

The closest I found is this: https://howtomanagedevices.com/intune/2677/block-signing-into-office-using-administrative-template-policy-intune-organization-only/

But this seems to block ALL Org IDs, including our Intune-managed one, or none at all.

Is there any way to allow just our own Org ID to login to Office applications and restrict all others?
I thought if we switched the policy to "None allowed", Office would still function as it is licensed through intune, but it seems that this is not the case.

Microsoft 365 and Office Install, redeem, activate For business Windows
Microsoft Security Intune Application management
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Crystal-MSFT 53,981 Reputation points Microsoft External Staff
    2022-06-03T06:18:18.627+00:00

    @Greg Azar , For the administrative template policy, it is for Microsoft Office 2016. Firstly, please ensure the office on windows machines are all with this version.

    If it is, then we can configure the "Block signing into Office" as "Org ID only" which means users can sign in only by using the user ID assigned by your organization for accessing Office 365. like usera@m365xxxx.onmicrosoft,com.

    For the "None allowed", I think it means users cannot sign in using either Microsoft account or organization user id.

    In addition, in the note, it seems to be with licensing. which has nothing to do with Intune. We can use Product key or the user account to activate the office. But it will not affect the signed in state of Office. mentioned above.

    Hope it can help.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments
  2. Greg Azar 6 Reputation points
    2022-06-03T13:18:20.223+00:00

    So, I've now changed it to "Org ID Only". The problem however is that our users have a 2nd O365 account from our parent company and they still have the ability to login to both O365 accounts on the same Word/Excel/Powerpoint software.

    Our users receive documents from the parent company which are digitally protected and only accessible using a parent company O365 ID.

    The result is that our users attempt to access these protected files by logging into Word/Excel using their 2nd O365 ID, which ends up causing more problems than it solves.

    Ideally, I would like to restrict users to only be able to sign in with their primary corporate ID, and disallow their ability to use their 2nd parent company login. And as such, we would direct users to use Web-Word, Web-Excel, etc... to access any parent company digitally protected documents.

    Not sure if this is possible?

  3. Bui Duy Minh 0 Reputation points
    2025-02-05T08:23:58.0566667+00:00

    Hi Microsoft team,

    I have the same issue and have tried adding the settings below. I can access it with another tenant account, and this issue may be related to data loss.

    Thank you!!User's image

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.