Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

How can we improve Microsoft Intune

Support enrolling a device under MDM for two different organizations

Contractors/Service Provider employees generally have multiple companies they work for. One the company that pays their salary, another the company that they do the work for (clients). Intune currently do not allow enrolling a device with both the companies MDM. The user need to sign out of one MDM to enroll in another and this is a painful process. Should have a easier way to enroll the device under multiple MDM

373 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • sso
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Arulprakash Selvam shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    22 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Anonymous commented  ·   ·  Flag as inappropriate

        Same here.

        In the Company with a production and test environment this option is needed because now it is not possible and you need more devices to do testing.

        So make it able to register a device to more then one AzureAD tenant.

      • Scott Abbotts commented  ·   ·  Flag as inappropriate

        I'm an O365 admin with several tenants/organizations, so to be able to use password-less authentication would make life so much easier.

        https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-authentication-phone-sign-in

        But right now:

        "One of the prerequisites to create this new, strong credential, is that the device where it resides is registered within the Azure AD tenant, to an individual user. Due to device registration restrictions, a device can only be registered in a single tenant. This limit means that only one work or school account in the Microsoft Authenticator app can be enabled for phone sign-in."

        This phone sign-in option went live for public preview in September 2018, so not that long ago. But there must be lots of people out there like me that wish to use the password-less option by phone sign-in for multiple tenants.

      • Sara commented  ·   ·  Flag as inappropriate

        Can someone answer us please??? We need to work properly here. Please fix it ASAP.

      • M de jong commented  ·   ·  Flag as inappropriate

        Using flow to harvest the email into 1 single account works but its cumbersome and not secure.

      • Anonymous commented  ·   ·  Flag as inappropriate

        In healthcare -jumping between 3 organizations which all require MDM for use of email has prevented me from keeping up on email or forcing me to choose one organization. For Microsoft to not think this through is a travesty.

      • Julian commented  ·   ·  Flag as inappropriate

        Surprise surprise. No comment from MS on this at all in the year since it was logged here.

      • Andy commented  ·   ·  Flag as inappropriate

        Our organization has this issue too. We're in the middle of splitting the company up. Our email addresses are on the original domain, but our SharePoint site has been migrated to the new domain. We'll have this issue until the spin-off is complete. Pretty frustrating.

      • Sandra commented  ·   ·  Flag as inappropriate

        Same situation here. It's also a huge problem working as consult within IT

      • Jamie commented  ·   ·  Flag as inappropriate

        I am in health-care and I need this. My employer requires MDM to have email on my phone, and the hospital where we provide our services requires MDM for both email AND for remote access to the electronic medical record. Please provide a way to be simultaneously logged in at once.

      • Anonymous commented  ·   ·  Flag as inappropriate

        Limiting each device to one MDM instance is frustrating, we are an organisation that frequently undertakes work with large user estate within a Joint Venture set up. Currently, we are having to issue separate hardware for the JV to use because the smart device estate has been issued with JV PARTNER A apple DEP and MDM deployed from source. These devices need to connect to JV PARTNER B in order to connect to the JV Email System. The only way to achieve this is by removing JV PARTNER A's MDM and replace it with JV PARTNER B's MDM. This is disallowed by JV PARTNER A as this is against their Cyber Essentials+ Policy. So the only solution is to provide all users with new smartphones. When will this be addressed???

      • Thomas N. Carruthers commented  ·   ·  Flag as inappropriate

        This is a huge issue for us in the healthcare industry. Our hospital system (who is not our employer) requires InTune MDM for access to their e-mail, forcing our physicians to choose between their e-mail and our own organizational O365 e-mail. Please prioritize this.

      • Anonymous commented  ·   ·  Flag as inappropriate

        Not just companies and contract staff - also many joint venture organisations where staff need to access JV systems and parent organisations...

      • Soumya P Parida commented  ·   ·  Flag as inappropriate

        This needs a bump up. Multiple account from same org is ahead in votes and I can not guess why that is more important than this?

      • Lei Chen commented  ·   ·  Flag as inappropriate

        Yes, we need a easier way to enroll the device under multiple MDM, this is no good design to limit only one MDM.

      • Dae commented  ·   ·  Flag as inappropriate

        I'm coming across this more and more. It's now quite common for people to need to connect to multiple companies' accounts. I personally have the requirement. A lot of my customer have the same, for example directors of multiple companies, or those people that sit on charity boards etc.

        I understand the difficulties in having a full device managed by MDM. As such it wouldn't be so bad if MAM applications supported multiple accounts, e.g. Outlook for iOS/Android and Teams. At least that way there would be a workable solution.

      ← Previous 1

      Feedback and Knowledge Base