Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, April 7, 2016 3:23 PM
Why does Intune create a second email account once a mobile device completes enrollment if the device already has an email account added with the same credentials used to enroll in Intune? For example, my phone has my business email account [email protected] on it, and after I enroll in Intune a second account for email [email protected] is added. Is there some configuration that I'm missing that will allow Intune to detect that an email account is already set up on a device, or even have it remove the original email account if Intune requires it's own account?
Thanks,
EJ
All replies (4)
Thursday, April 7, 2016 8:01 PM âś…Answered
Hi
If you are deploying a email profile to the device with Intune - if you not are using the same name for the email profile in Intune as you already have on your device then it will create a new mail profile.
Kind regards
Per Larsen
Twitter: @PerLarsen1975 | Blog: osddeployment.wordpress.com
If this post is helpful please vote it as Helpful or click Mark for answer.
Thursday, April 14, 2016 3:42 PM
Hi EJ, what mobile phone/OS is this behaviour occurring on?
I've had mixed results:
Apple iOS: Mail Profile will fail to push, and will report an error in the console. If the user manually deletes their "original" profile, the push will succeed and portal error will clear.
W8.1: Mail Profile will push alongside (duplicate) and user will need to delete the original unmanaged one
W10: The unmanaged mail profile will be removed when conditional access kicks in, and will be replaced by the pushed one.
The W10 scenario is how I wish all platforms would react, I don't think I'm alone in this but I'm struggling to get the most out of Intune due to mail profiles.
I want Conditional Access to force all my users to enroll, but for them to provoke CA - they need a mail profile in the first place.
I then want Intune to manage my mail profiles, so that a selective wipe will remove it - etc. The only way for intune to manage a mail profile is to push it in the first place, which on none W10 devices doesn't seem to be possible without the user manually deleting their original profile.
I am however limited to how many devices/scenarios I can test - so appreciate learning more about your particular experiences on specific devices.
Regards,
Friday, April 15, 2016 3:23 AM
I've only tested the mail profile on iOS and Android so far. Today I found out that the Compliance Policy setting has the option "Email account must be managed by Intune" which I enabled.
My iOS device which had an email profile on it that wasn't managed by Intune: Intune required me to remove that email profile so it could push the Intune managed email profile. Once I removed the non-Intune managed profile the Company Portal app then said the device was compliant after pushing the Intune email profile, and I was able to receive email again.
On my Android device, however, Intune still says my device is compliant even though my email profile isn't managed by Intune. According to https://technet.microsoft.com/en-us/library/dn705843.aspx that Compliance Policy setting only works for iOS 6 and later, so unfortunately it seems to be working as designed.
I too wish that all mobile platforms be able to use the "Email account must be managed by Intune" setting so I can perform a selective wipe on them if needed. I am now looking into forcing Android and Windows devices to use the Outlook app for email since I can perform a selective wipe when that app is used.
-EJ
Tuesday, September 24, 2019 2:40 PM
We can ask the users to remove the maually added email profile still some users may be interested or they might come back to us asking which one to remove. In order to solve this, we can remotely remove it using Exchange Control Panel.
Step 1: wipe out "account only remote wipe for a particular device" for ex iPhone10C1
Step 2: Immediately after wiping out the email profile, the company portal pushes a new profile to the device and after this you will see the same device model with differet identity entry in the "view mobile device" under ECP -->recipient> mobile devices. make a note of the old device ID and then delete it from the mobile list from the portal
I hope this helps