Getting App protection policies to work for the bundled Office app in iOS/iPadOS & Android in Intune

The not so new Office app was made 'generally available' in Feb 2020. Since then, Microsoft have already addressed the requirement for supporting App protection policies using Intune. As a matter of fact, I have been applying the policies myself for some time now, but every time I have worked on this, I felt that the details on the application of the policies are not that properly documented in Microsoft's official documentation and which is why I decided to blog about this now.

Unlike the traditional Microsoft office apps like Word, Excel, PowerPoint etc, Office app has been made available under the following categories -

For Android -

Office Hub – Meant to be installed on devices in China which is under the custom bundle id com.microsoft.office.officehub.

Office Hub [HL] – Meant to be installed on devices in the US which is under the custom bundle id com.microsoft.office.officehubhl.

Office Hub [ROW] – Meant to be installed on devices outside of the US and China which is under the custom bundle id com.microsoft.office.officehubrow.

This is how they show up in Intune.

For iOS/iPadOS -

Office - Universal app under the custom bundle id com.microsoft.officemobile

This is how the app will reflect in Intune.


Note: There have been instances where the Office app doesn't list for iOS/iPadOS. In such a case, you can add the custom bundle id directly as shown below.


However, in my case the app was already available in the list so despite adding it as a custom bundle id, it automatically reflected under Public apps (as you can make out from the warning message).

That's about it. Just add the apps shown above in your APP policies and you are good to go. You can verify in the APP report if the APP policies are applying or not.


If you are interested in learning about APP policies and the tier based data protection framework in Intune, then you can head over to my previous post Implementing App protection policies using Tier based Data Protection Framework.

Comments

Popular posts from this blog

How to force escrowing of BitLocker recovery keys using Intune

Intune: Configure Printers for Non-Administrative Users

Prevent users from running certain programs or applications on Windows endpoints using Intune