They are protected by an application protection policy before you receive access to them.
Use this solution for your organization and solve the require a managed browser to open this link issue. The first stage is to apply Conditional Access for Microsoft 365.
The next one requires you to configure the Azure AD Conditional Access policy using ActiveSync for Exchange Online. You will find below what are the steps you must take in this regard.
Configure an Azure AD Conditional Access policy with ActiveSync (EAS)
- Log in to Azure Active Directory.
- Select Security and Conditional Access.
- Choose the New policy option, name it and navigate to Assignments.
- Choose Users and groups, and from Include select All users or specific Users and groups.
- Select Done, navigate to Cloud apps or actions, and choose Office 365 Exchange Online.
- Navigate to Conditions, choose Client apps, and from Configure select Yes.
- Choose the Exchange ActiveSync clients while deselecting everything else.
- In Access controls, select Grant access and Require app protection policy, and choose Select.
- Confirm settings, navigate to Enable policy, and select On.
- Choose Create and then create and enable the new policy.
The third stage of this solution requires you to focus on Android and iOS applications. Your task will be to configure an Intune protection policy for them by applying the steps explained below.
Configure Intune protection policy for Android and iOS applications
- Log into the Microsoft Endpoint Manager admin center.
- Select Apps and App protection policies.
- Choose Create policy and then iOS/iPadOS or Android.
- In Basics add values to Name and Description sections for Platform.
- Click Next, navigate to Apps and add a minimum of one application.
- In Target to apps on all device types select Unmanaged or Managed for iOS.
- Choose between Unmanaged, Android device administrator, and Android Enterprise for Android.
- Ensure to check Select public apps and Select custom apps.
- Click Next to navigate to Data protection settings.
- Click Next to navigate to Conditional launch.
Conditional launch for iOS and Android
- Select Setting, insert a Value, and choose Action.
- Click Next and navigate to Assignments.
- Click Next: Review + create and then click Create.
This allows you to set the sign-in conditions for the app protection policy. The Value must be met by users that want to sign in to your company app.
When you choose Action, that section contains the conditions for when users do not meet your requirements. There are certain cases when you can configure multiple actions for a single setting.
The issue named require a managed browser to open this link is something many users have encountered when trying to open a browser.
Some employees have encountered this error when trying to open a link from their work mail address.
We recommend you use Microsoft Intunes for eliminating this error and create a protection policy for Outlook Express. Another way to solve the issue is to apply Conditional Access.
This will require you to perform three additional sub-fixes: configuration for Microsoft 365, configuring a policy with ActiveSync and setting a policy for iOS and Android apps.
Test our solutions and comment in our dedicated section about your experience with our previously mentioned fixes.
This post was written by Vladimir Popescu and was first posted to WindowsReport