MAM Without Enrollment

MAM Without Enrollment

MAM Without Enrollment

Microsoft has implemented a MAM (Mobile Application Management) solution in Intune. However, this solution requires enroll the device in the MDM (Mobile Device Management). For people not wishing to add their equipment in a type MDM platform, it is possible to proceed with the creation of rules MAM without enrollment.

How to implement the rules ?

As a first step, it is necessary to access the Azure portal with the URL After to be authenticated, the Azure Portal appears.

Access to Microsoft Azure

In the portal, click in other Services button and on search bar enter Intune. Click application Intune Protection. In the portal, click in other Services button and on search bar enter Intune. Click application Intune Protection.

Search Microsoft Intune

A new window appears, click on enforcement strategy in settings.

Add application on azure platform

Click Add a strategy then enter the name you want and select the platform.

Click Select the required applications and select the desired applications. Click select pour validate your choice.

Select application

It is now necessary to configure settings that will apply to the strategy. To do this, click Configure the required parameters. It is possible to apply several types of parameters:

  • Prohibit the Itunes backup and Icloud
  • Prohibit save as
  • Restrict operations cut / copy / paste
  • Force the use of the Managed Browser
  • Ask for the encryption of the application
  • Disable the synchronization of contacts
  • Disable printing
  • Require a PIN
  • Require the company to access credentials
  • Block applications from running if rooted or jailbroken device
Add rules

I have configured this parameter, a PIN is requested however the fingerprint cannot be used for access to the resource.

MAM Without Enrollment

CLick OK to validate the rules and Create. After the rule is created, It is necessary to assign the rules to a user group. Click on the rule in order to access its properties, and then click user groups. Finally click Add user group.

Rules has been created

Select the desired group, and then click Select.

Select users concerned

The Rules is now deployed. You can install application on the device.

Application has beed installed on device

It’s now necessary to add new account in Microsoft Outlook. When I try to launch application, the rules are applied.

Data has protected with MAM Without Enrollment
Enter confidential code for MAM Without Enrollment

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.