Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

How can we improve Microsoft Intune

Deploy email profile to Outlook for iOS/Android

Instead of deploying a policy to configure the native email client, we need to be able to configure the (awesome) Outlook app

2,034 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • sso
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Tim Nilimaa-Svärd shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    We are happy to announce that is now possible to deploy account setup configuration details for Outlook for iOS and Android through app configuration policies. For more information, see https://blogs.technet.microsoft.com/exchange/2018/01/30/now-your-enterprise-mobility-management-solution-can-be-used-to-simply-set-up-and-configure-outlook-for-ios-and-android-for-exchange-on-premises/

    We have additional refinements planned, for example, the "Ability to choose/configure Email client (i.e. Outlook) within mail policy” is planned for a future release. https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/8388312-ability-to-choose-configure-email-client-i-e-out

    There are a lot of moving parts and there were a lot of prioritization sessions across multiple teams, but your consistent feedback helped keep it high on our radar, and is still spurring us to deliver more in this area.

    We appreciate your feedback! Now that you have your votes back, we encourage you to vote for the next things you want to see.

    135 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • John commented  ·   ·  Flag as inappropriate

        In reply to Cathy Moyas mail:

        1) Have you already purchased licenses: YES

        2) If you have purchased licenses,
        a) 60000 EMS licenses
        b) 0 Intune deployments
        c) Being able to use the MAM functionality across the Office suite and the MS apps (including Yammer, Word, Excel, PP, Outlook, OneDrive and others) is critical for us. We need to be able to target a mail profile at Outlook to use it successfully and full utilise all the components within the EMS sutie.

        Outlook is currently too immature to deploy within an enterprise (which includes the massive ActiveSync proxy security hole currently!) and the lack of this functionality highlights how little attention has so far been paid to these much needed features/functionality.

      • James Larson commented  ·   ·  Flag as inappropriate

        1. YES
        2a. 3050
        2b. 10
        2c. We do not want the additional burden on our Help desk staff for users accidentally messing up the configuration. Our other MDM platforms do not require user interactions.

      • Jon commented  ·   ·  Flag as inappropriate

        Hi Cathy,
        With regard to your email, I literally had a customer stop mid deployment after finding out this wasn't supported along with MAM features with exchange On-Prem and they ended up switching to AirWatch. With regard to this customer:
        1) Have you already purchased licenses (either Intune or EMS)? YES, EMS
        2a) how many licenses have you bought? 700
        2b) How many licenses have you actually deployed? <5 because of aforementioned blockers
        c) How has not being able to deploy Outlook email profiles impacted your deployment plans? This in conjunction with inability to use MAM policies with Exchange On-prem stopped deployment plans

      • Anonymous commented  ·   ·  Flag as inappropriate

        Likewise not being able to see her e-mail.

        This is a major flaw in the entire product and one I think could be easily fixed. Its preventing customers from moving over to a MAM model and adding a level of complexity the end-user does not need.

        1) Have you already purchased licenses: YES
        2) If you have purchased licenses,
        a) We are a channel partner providing the consultancy for Pre-Sales/Deployment/Support for EMS so this figure could be upwards of 30k+
        b) Deployed over 7000 Intune licenses to date.
        c) Needing a managed mail client is paramount for security signoff of Intune

        3) If you currently have a trial subscription: We have customers with trials
        a) Pipeline is currently 3000
        b) Security teams always flinch at not being able to configure all aspects of the MAM deployment, in this case the e-mail account its self.

      • Tim Nielsen commented  ·   ·  Flag as inappropriate

        In reply to Cathy Moyas mail:

        1) Have you already purchased licenses: YES
        2) If you have purchased licenses,
        a) 3.500 licenses (EMS) - potentially an additional 1.000 licenses later (4.500 total)
        b) So far no more than 30
        c) Needing a managed mail client is paramount for security approval
        3) If you currently have a trial subscription: NO
        a) how many license would you buy, if you bought them?
        b) Our security division requires managed mail client before we may deploy fully to our firm.

      • Berry van Esch commented  ·   ·  Flag as inappropriate

        My reply on the questions from Cathy:

        Can you help us by answering these questions ASAP?
        1) Have you already purchased licenses.
        2a/b) For several customers total around the 500.
        2 c) Will not allow our users to use any Office mobile apps until this is supported

      • Anonymous commented  ·   ·  Flag as inappropriate

        Forgot to expand a point I made below.

        When mentioning my poor point of view in regards to the way this request was handled:

        The fact that it took well over 300+ (400 if you count the other related duplicate requests) user requests and almost 7 months before your team took this very basic request seriously enough to start even talking about it says a lot about why Intune is often looked on as an afterthought in the MDM industry. 7 months is an eternity in the mobile device world, iOS 9 was barely a week old when the original requester asked for this and now after many significant upgrades it's already at 9.3.1. Really, shame also on the Office team, they should have either already been working on this, or if they were really on the ball, have their portion of this feature ready the day the last major revision of the Outlook app was released, instead your busy scrambling trying to convince your developers why this is worth their time. I'll give you a hint, based on what should be your real world knowledge of supporting mobile devices in an Enterprise and also based on the massive feedback that you've received on here, no more justification by you or your customers should be necessary. If you want Intune to be a relevant player in the Enterprise MDM market, you're going to have to do better than this.

      • Anonymous commented  ·   ·  Flag as inappropriate

        Just received a request from Cathy Moya in regards to this, I don't see an email address to send my reply to, so I'll just post it here:

        Hi - we need your help and we need it pretty quickly. We have a meeting with the Office team on April 12. It really helps our discussion if we can go into that meeting saying: Our customers have told us "if Microsoft doesn't do this, we purchased X licenses but we won't be deploying Intune" or "We are looking at buying Y licenses, but we won't if you don't have this".
        Can you help us by answering these questions ASAP?
        1) Have you already purchased licenses (either Intune or EMS) or are you currently a trial user?
        2) If you have purchased licenses,
        a) how many licenses have you bought?
        b) How many licenses have you actually deployed?
        c) How has not being able to deploy Outlook email profiles impacted your deployment plans?
        3) If you currently have a trial subscription:
        a) how many license would you buy, if you bought them?
        b) How has not being able to deploy Outlook email profiles impacted your purchase plans?
        I know several of you have commented that it's a deployment or sales blocker, but we need to correlate that with the number of licenses being blocked to make an effective case.
        Thanks! I'm putting Karan's address below. He's the PM who will be presenting your case at the meeting, and your replies will go directly to him, since time is short. We really appreciate your help!
        Cathy Moya

        My reply:

        First of all, really? Are you guys being serious here. You're going to ask your customers/prospective customers to go to this level of detail for such a basic MDM feature? I'm almost speechless, anyway:

        1. Have purchased licenses
        2.
        a. 170
        b. 170
        c. Will not allow our users to use any Office mobile apps until this is supported
        Bonus:

        1. I can't believe that your Product Group and the Office team needs this level of justification to work on such a basic MDM feature. This does not make me optimistic about the timing of support for the more advanced features that Apple is releasing constantly in their new iOS versions and that other MDM providers are providing zero day support for such as device based VPP, Lost Mode, iOS update management, remotely enforce activation lock, etc... In fact, the way this one request is being handled almost tips the scales for me to want to give up altogether and start looking at other MDM's.

      • Alex commented  ·   ·  Flag as inappropriate

        It's discouraging that potential and/or existing Intune customers must justify to the Product Group why this is worth working on. This is a very very basic feature of any MDM service. I concur with all previous user responses. Not only that but the fact that you support pushing the email profile to iOS using the native app but not for the Outlook app only encourages customers not to use Microsoft iOS Office apps which I would imagine would be something the Office team would like to avoid.

      • Tony Colgrove commented  ·   ·  Flag as inappropriate

        Being able to push the configuration with the Outlook app, saves the confusion for the end user. They might not know exactly is it Office 365, or Exchange onprem.
        Autodiscover in the native mail client even hides that. Currently in the Outlook App (at least on iOS), asks you to chose your account type after typing in your email address.
        it would be great to simply the user experience by pushing Outlook and when they open it, knows what account type and their email address. all they have to do to complete the process is type in their password.

      • Paul Byrd commented  ·   ·  Flag as inappropriate

        Everyone knows the default email client for iOS is the most unsecure mail client for mobile. That, coupled with the inability to enforce policy on the app, makes it imperative to customers to be able to deploy an email profile to Outlook. I've lost several potential customers to Airwatch and Mobile Iron because they have their own securable email client. This is not a "nice to have" feature - it's a "must have" for the future of Intune in the Enterprise.
        Not to mention - as I have before - this functionality was announced last April as a coming feature for Intune. Please make this a priority!!

      • Aaron Marks commented  ·   ·  Flag as inappropriate

        We support organizations with hundreds of users that are considering the purchase of Intune so they can implement Conditional Access for security. The biggest blocker we hear about for purchase is that there is no desire to implement until enrollment and configuration can be fully automated.

        Our customers want us to be able to enroll hundreds of devices automatically, push Microsoft apps to them automatically at the same time, and most importantly have all those apps automatically configured and signed in. It would make sense if the user had to enter their password once, but that should the max; use the Azure Authenticator app possibly to ensure only one login.

        Our clients often lose interest when we get to the demo part of our sale when they see that most Microsoft apps have to be individually authenticated and configured. Look at how Google and Adobe are handling SSO and zero config on iOS; you only enter a password once in any of the apps. Google's MDM can deploy apps that require zero config. We lose lots of sales because of this.

        Does that drive home the point enough Cathy?

      • John McGlinchey commented  ·   ·  Flag as inappropriate

        We need to to make the deployment of EMS/InTune as hands off as possible especially since we are evaluating converting from another MDM (MobilIron) to EMS/InTune. Without this we will need to get hands-on with users phones to ensure proper configuration. That's not a good thing. This is a "compete" item that needs to get pushed up higher on the priority stack.

      • John commented  ·   ·  Flag as inappropriate

        Without this feature we (a 60k+ user company) would never deploy Outlook as the companies "go-to" email application.

        The whole device enrollment scenario should be as seamless to the end user as possible. After entering their credentials to enrol their device everything they need should be provisioned, and if we are using Outlook as our mail/calendar/contacts application then that should include the mail profile being pushed into Outlook with the users credentials.

      • Gennessis commented  ·   ·  Flag as inappropriate

        As a non-profit organization that focuses on domestic violence, it is extremely important to manage emails on personal phones, lost phones etc. following HIPPA, not only does office MDM need its deployment in outlook but at an enterprise level. Currently, MDM is supported for IOS, but not fully supported for android.

        Once an employee leaves, data should be 100% cleared pertaining to anything on that email profile not personal (selective data). IF the intune app gets deleted, the email profile goes along with it. This is important. We don't want it to just stop reciving emails, we want what's left to disappear. I could not deploy this in my company of 250+ staff because of this.

      • Anonymous commented  ·   ·  Flag as inappropriate

        This would be a great feature, would prefer to not use the built in Android client.

      • Paul Byrd commented  ·   ·  Flag as inappropriate

        can we not get a comment on this? After all, it was an announced upcoming feature a year ago...

      Feedback and Knowledge Base