SOLUTIONS AND SERVICES
Q & A from our Conditional access
with Microsoft Intune webinar
These questions were posed by attendees to our
webinar on 26 March 2015 and are answered
here by our technical consultant Mat Richards.
■■ QUESTION As I understand, you can only enrol
a device to one Intune tenant. How do I give my
contractors (that already have their devices enrolled to
their Intune and Office 365 tenant) access to my Office
365 tenant if using Intune?
■■ ANSWER At this time you can only enrol a device
to one Intune subscription. I know that Microsoft has
received a lot of feedback on this and it is likely that
they are considering it for a future release.
■■ QUESTION My main issue is that I have System
Center Configuration Manager configured to manage
my mobiles via Intune and an on-premise Exchange
solution. From what I have read, the conditional access
is not possible in this solution. Do you know when it
will be available or how easy it is to swap back to an
Intune managed solution? I want to cancel our current
subscription and create a new one but using the same
domain.
■■ ANSWER Microsoft will enable this scenario within the
next few months.
■■ QUESTION I see Intune used by O365, Exchange,
SharePoint to make sure the device is compliance.
What VPN service that can be consumed by only
compliance. users based on the device statues in
Intune.
■■ ANSWER Not sure that I fully understand the question
but Intune supports the provision of VPN profiles both
IPSec based and SSL. They can be device-wide VPN,
application-triggered or data domain-triggered. The
deployment of a VPN profile can be targeted at specific
users only or groups.
■■ QUESTION If the protection is enabled for Exchange
Online as part of O365 does this impact users
accessing other parts of O365? How can we allow third
parties access to SharePoint but lock down Exchange
Online to compliant deivces?
■■ ANSWER If Exchange online conditional access is
enabled then this will only impact access to Exchange
online. You can also specify that SharePoint online is
subject to conditional access, but they are separate and
will not impact each other.
T
+44 8456 584425
+44 8456 584426
E [email protected]
W www.oxfordcomputergroup.com
F
■■ QUESTION Can you control or block Microsoft
Outlook full client, too? Or is this only applicable to
Active Sync clients?
■■ ANSWER Currently the conditional access capability
of Intune relates to mobile email apps. You can control
access to the full Outlook client using EAS rules. These
are exposed within the Intune portal.
■■ QUESTION Can I have a connection to more than
one Exchange on-prem server? And with this different
policies?
■■ ANSWER Currently only one Exchange organisation
can be used. I’m not aware of plans to implement
that scenario but I will feed this back to the Microsoft
product group.
If you have other questions, please do give
us a call on 08456 584425.
Our team will be happy to help.