I'm having trouble signing into Microsoft 365 on new iPhone devices using the Apple Mail app or popular browsers like Safari, Firefox, and Chrome. We have company policies requiring that devices be compliant with Intune to access resources, and this has worked fine with my older device. The new iPhone 17s are enrolled correctly through the company portal app and show up as compliant on both Intune and Entra portals. They work with Microsoft Outlook and Azure apps without any issues. However, when trying to use Apple Mail or those browsers, I get a message stating that my device needs to be secured for access, even though the device shows compliant. The error logs indicate that the device is unregistered, which contradicts all the evidence. Has anyone encountered similar issues or have advice on what could be going wrong? Any help would be appreciated!
1 Answer
It sounds like you might be running into issues with device registration. Check your sign-in logs carefully to see if the failures are due to compliance requirements. If any of the check-ins relate to the deprecation of EWS, this could be influencing the Apple Internet Accounts performance. You can verify EWS status using Exchange Online PowerShell. Here's a link with more info if needed: [EWS Deprecation](https://learn.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-ews-exchange-online).
I found that the sign-in is failing because of compliance checks, leading to the blank Device ID issue with Apple Internet Accounts and browsers. It looks like compliance policies aren't recognizing the new devices.