Share via

SharediPad - configuring App permission remotely for M365 Apps via Intune for supervised devices

BYODMDM 0 Reputation points
2024-07-30T06:54:06.14+00:00

We would like to provide "office/m365 apps" in a shared iPad with Guest login with app protection policy with ping to secure. But we want to pre-provision the app permission for the M365 App so that it wont prompt the users every time he/she login to an App. for e.g. : Mic permission/Camera permission/ notification permission for TEAMS App. How to configure the permission for these App via Intune so that multi users just login to the app and enjoy the shared iPad.

Microsoft Intune iOS
Microsoft Intune iOS
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.iOS: An Apple mobile operating system.
223 questions
Microsoft Intune Configuration
Microsoft Intune Configuration
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Configuration: The process of arranging or setting up computer systems, hardware, or software.
1,893 questions
0 comments

4 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. glebgreenspan 2,230 Reputation points
    2024-07-30T12:48:52.33+00:00

    Hello

    Here is couple steps for your request:

    Create App Protection Policies

    1. Login to Intune:
      1. Configure App Protection Policies:
        • Navigate to Apps > App protection policies > Create policy.
          • Choose iOS/iPadOS as the platform and click Next.
          1. Policy Settings:
            • Configure the policy according to your organization's requirements, focusing on settings that apply to data protection, access requirements, and other relevant configurations.
            1. Permissions for App Settings:
              • Under Permissions, ensure that the necessary permissions required by the M365 apps (Teams, Outlook, etc.) are allowed or set to prompt only once so users are not repeatedly asked to grant permissions.

    B. Assign Users

    • Assign the app protection policy to a group that represents the users who will use the shared iPad.
    1. Configure the Managed App Configuration

    To pre-configure specific app permissions (mic, camera, etc.) for M365 apps, you can use app configuration policies in Intune:

    1. Create Configuration Policy:
      • In Intune, go to Apps > App configuration policies.
        • Click on Add and choose Managed apps.
        1. Select the App:
          • Select the Microsoft Teams app (and any other M365 apps you plan to configure).
          1. Configuration Settings:
            • In the settings, you can provide specific configurations. However, note that not all permissions can be set via Intune due to Apple's privacy and security model. The settings that can be changed should be chosen based on what’s applicable.
            1. Assign the Configuration:
              • Assign the configuration policy to the same group as the app protection policy.
    2. App Request Settings
    • If you want to ensure that permissions are not repeatedly requested, ensure that users are provisioned in a way that allows them to authenticate seamlessly (using Azure AD, SSO, etc.). Create App Protection Policies
      1. Login to Intune:
      2. Configure App Protection Policies:
        • Navigate to Apps > App protection policies > Create policy.
        • Choose iOS/iPadOS as the platform and click Next.
      3. Policy Settings:
        • Configure the policy according to your organization's requirements, focusing on settings that apply to data protection, access requirements, and other relevant configurations.
      4. Permissions for App Settings:
        • Under Permissions, ensure that the necessary permissions required by the M365 apps (Teams, Outlook, etc.) are allowed or set to prompt only once so users are not repeatedly asked to grant permissions.
      B. Assign Users
      • Assign the app protection policy to a group that represents the users who will use the shared iPad.
      1. Configure the Managed App Configuration
      To pre-configure specific app permissions (mic, camera, etc.) for M365 apps, you can use app configuration policies in Intune:
      1. Create Configuration Policy:
        • In Intune, go to Apps > App configuration policies.
        • Click on Add and choose Managed apps.
      2. Select the App:
        • Select the Microsoft Teams app (and any other M365 apps you plan to configure).
      3. Configuration Settings:
        • In the settings, you can provide specific configurations. However, note that not all permissions can be set via Intune due to Apple's privacy and security model. The settings that can be changed should be chosen based on what’s applicable.
      4. Assign the Configuration:
        • Assign the configuration policy to the same group as the app protection policy.
      5. App Request Settings
      • If you want to ensure that permissions are not repeatedly requested, ensure that users are provisioned in a way that allows them to authenticate seamlessly (using Azure AD, SSO, etc.).
  2. ZhoumingDuan-MSFT 13,085 Reputation points Microsoft Vendor
    2024-07-31T06:14:12.4166667+00:00

    @BYODMDM, Thanks for posting in Q&A.

    For your issue, if you want to provide Guest login with app protection policy with pin to secure, yes, you can configure the feature via app protection policy to secure, you can refer the method mentioned by @glebgreenspan, and if you want to pre-provision the app permission for the M365 app so that it won't prompt the users every time he/she login to an App, currently, you can refer the link below, here is Here is a sample with Outlook:

    https://docs.microsoft.com/en-us/mem/intune/apps/app-configuration-policies-use-ios

    https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/outlook-for-ios-and-android/outlook-for-ios-and-android-configuration-with-microsoft-intune

    However, some app permissions cannot be granted automatically, because they were by designed by the OS.

    Hope it will help.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

  3. Customer Care 0 Reputation points
    2024-08-02T08:45:40.5633333+00:00

    How do पेटीएम कस्टमर केयर नंबर पर कॉल +41=88 89 26--12 75 ऑनलाइन शिकायत कायत दर्ज करना चाहते हैं, तो हमसे संपर्क करें” +91--88 89-26-12-75-✓ टोल फ्री करें...++

    0 comments
  4. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.

    Comments have been turned off. Learn more

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.