Microsoft released some updates for Outlook app for Android and iOS to be able to configure the app to connect to an on-premises Exchange server.
Microsoft released two articles regarding this
- Account setup in Outlook for iOS and Android using basic authentication (Exchange 2013)
- Account setup in Outlook for iOS and Android using basic authentication (Exchange 2016)
I encountered some issues with the article and it does not describes all steps in detail, this guide will guide you how to configure the Outlook app (until you migrated all you mailboxes to Exchange online 🙂 )
In general this is quite easy task, and here I will walk you through the tasks needed
- Deploy and assign the Outlook app
- Create, configure and assign an Outlook app configuration
Deploy Outlook App
In this article I cannot include all ways of deploying an app (Apple VPP, Android for Word, Apple Store etc.), so here is a guide how to deploy Outlook with Android for Work.
- First logon to Android for Work webpage: https://play.google.com/work
- Search for the Microsoft Outlook app and press Approve
- Head over to the Azure portal, and the Intune blade, Mobile Apps and Android for Work.
Press Sync to synchronize Android for Work apps into Intune
- From the Mobile Apps and Apps list, make sure the Outlook app is listed
- Do not assign the app to your users or devices yet, wait until the configuration is done
Create App Configuration
Now its time to perform the actual app configuration, and this differs between Android and iOS. Lets start with Android.
Android app configuration
Android is a bit easier than iOS since Intune will help you with keys and variables in the portal.
-
- In the Intune blade, enter Mobile Apps, and App Configuration policies and press Add
- Enter a Name and Description. Set Device enrollment type to Managed devices, and Platform to Android for Work.
Press Associated app and search for Microsoft Outlook in the list, and press OK
- No the configuration, press Configuration settings.
Select Enter JSON data and start to fill in the values. This will load a predefined JSON file, where you can fill in your data, either string values or expandable values, such as {{mail}} to get certain attributes from the user
Example JSON
- In the Intune blade, enter Mobile Apps, and App Configuration policies and press Add
{
“kind”: “androidenterprise#managedConfiguration”,
“productId”: “app:com.microsoft.office.outlook”,
“managedProperty”: [
{
“key”: “com.outlook.username”,
“valueString”: “{{userprincipalname}}”
},
{
“key”: “com.outlook.emailServer”,
“valueString”: “exchange.domain.com”
},
{
“key”: “com.outlook.accountName”,
“valueString”: “{{userid}}”
},
{
“key”: “com.outlook.emailAddress”,
“valueString”: “{{mail}}”
}
]}
- Or choose the easy way out and choose Use configuration designer, you can choose from predefined Keys by pressing the Add button.
Now you can choose either string value type to enter a static value or choose variable to enter a predefined expandable variable.
- Now you can deploy the app and app configuration to your users
iOS app configuration
The iOS app configuration is slightly more tricky.
-
- In the Intune blade, enter Mobile Apps, and App Configuration policies and press Add
- Enter a Name and Description. Set Device enrollment type to Managed devices, and Platform to iOS.
Press Associated app and search for Microsoft Outlook in the list, and press OK - Now select Configuration settings, similar to Android you can select either Use configuration designer or Enter XML data.
Note that iOS configuration does not offer the same functionality as Android for Work with predefined Keys or variables. You have to know the Configuration Key, and there is a list further down
If you choose the Enter XML data, you have
Example XML
<dict>
<key>com.outlook.accountName</key>
<string>{{username}}</string>
<key>com.outlook.emailAddress</key>
<string>{{mail}}</string>
<key>com.outlook.username</key>
<string>{{userprincipalname}}</string>
<key>com.outlook.emailServer</key>
<string>outlook.domain.com</string></dict>
- Now you can deploy the app and app configuration to your users
Outlook Keys
The following keys used when configuring Microsoft Outlook app for Android and iOS
| com.outlook.emailAddress | string |
| com.outlook.accountName | string |
| com.outlook.emailServer | string |
| com.outlook.domain | string |
| com.outlook.username | string |
| com.outlook.serverAuthentication | string |
Intune variables
With Microsoft Intune it is possible to not only enter static values, but also enter expandable variables.
Watch the list here
- {{userprincipalname}} expands to user@domain.com
- {{mail}} expands to first.last@domain.com
- {{partialupn}} expands to first.last
- {{accountid}} expands to dc0e44be-a405-4110-a184-122466d642ba
- {{deviceid}} expands to 428a05f3-da2b-4e8f-948e-00dfed3d7960
- {{userid}} expands to d2e64546-af6b-4296-881e-828a1cde1200
- {{username}} expands to UserName
- {{serialnumber}} expands to F4KE55ERI4A1 (for iOS devices)
- {{serialnumberlast4digits}} expands to I4A1 (for iOS devices)
End user experience
When not using any app configuration the first time experience with Outlook looks similar to this
When the app configuration is successfully deployed it looks like this
Sources
https://technet.microsoft.com/en-us/library/mt829322%28v=exchg.150%29.aspx
https://docs.microsoft.com/en-us/intune/app-configuration-policies-use-ios
https://docs.microsoft.com/en-us/intune/app-configuration-policies-use-android
I am trying this setup together with a per-app-vpn policy. But when the Outlook app can’t access the internet, it does not work. It seems like the app makes a lot of requests to Microsoft over the internet. Have you tried this scenario?
LikeLiked by 1 person
Hi Henrik, no sorry I haven’t tested that. The VPN does not have route to internet?
LikeLike