LMS365 mobile app can be deployed using Microsoft Intune to help you control access and protect your data. Being part of Microsoft's Enterprise Mobility + Security (EMS) suite, Microsoft Intune integrates with your Azure Active Directory (AAD) and Azure Information Protection allowing you to keep your organization’s information protected on all the devices of your users with the policies you create.
This article describes how to set up Microsoft Intune to work with the LMS365 mobile app. To set up Microsoft Intune, Microsoft 365 global admin performs several steps. When describing these steps, we will show an example of setting up policies for Android for a specific user and requiring multi-factor authentication for LMS365 mobile app usage.
In this article
- Settings, required in the Azure Active Directory admin center
- Settings, required in the Microsoft Endpoint Manager admin center
We don’t support Microsoft Intune App Policies. If you use your own app or SharePoint/mobile browser, you should understand that LMS365 is deployed as three AD Applications within your AAD. These applications are always impacted by your Security Policies but can be excluded since you don’t expose any threat but how AAD Authentication is implemented. We use Conditional Access Policies and also deploy the LMS365 mobile app using Microsoft Intune internally for IOS and Android phones.
Settings, required in the Azure Active Directory admin center
Go to the Azure Active Directory admin center > Security > Conditional Access | Policies.
On the Conditional Access | Policies page select New policy, give it a name and configure two blocks:
- Assignments where you can set Users and/or groups and Cloud apps or actions to apply to the policy.
- Access controls where you can state what exactly you want to apply—grant or block access to resources.
Under Assignments, you can control who, where and with what conditions the policy will be applied to.
- When selecting Users and groups, two tabs are displayed–Include and Exclude. On the Include tab, the options for selection are None, All users and Select users and groups.
According to the requirements of our example to set up policies for Android for a specific user and requiring multi-factor authentication, we will check Select users and groups, check the box for Users and groups, then Select to target a specific user or group by browsing the available Azure AD users and groups, confirm your choice with Select. Click Done at the bottom of the Users and groups panel to save changes and close the panel.
To find more detailed information and related restrictions and limitations please visit Conditional Access: Users and groups.
- When selecting Cloud apps or actions, two tabs are displayed–Include and Exclude. On the Include tab, the available options are None, All cloud apps and Select apps. To provide flexibility, you can also exclude certain apps from the policy.
According to our example requirements to set up policies for Android for a specific user and requiring multi-factor authentication, we will check Select apps, then Select to browse the list of available sign-in events, find and click Microsoft Intune Enrollment, and confirm our choice with Select. Click Done at the bottom of the Clouds apps or actions panel to save changes and close the panel.
- When selecting Conditions, a list of available options is displayed where you can specify additional criteria you would require to apply to the policy. Detailed information is provided in Conditional Access: Conditions.
For our task—setting up policies for Android for a specific user and requiring multi-factor authentication—we:
- go to the Device platforms to include devices based on their operating systems–Android. Confirm the choice with Select.
- go the Client apps to include mobile applications for our LMS365 mobile app to be available. Choose Select to save the changes and close the panel.
When ready, select Done to apply the changes and close the Conditions panel.
Under Access controls, you decide to grant or to block access. Choose Grant and check that the Grant access radio button is selected. More information can be found at Conditional Access: Grant.
For our task—setting up policies for Android for a specific user and requiring multi-factor authentication—we check the boxes:
- Require multi-factor authentication so that the user will need to complete additional security requirements, like a phone call or text.
- Require device to be marked as compliant requiring the device be Intune compliant. If the device is noncompliant, the user will be given the option to enroll the device in Intune.
Require approved client app and Require app protection police settings are not supported by LMS365.
Choose Select to save the changes and close the Grant panel.
When ready with all the settings, select Create to create your policy.
Settings, required in the Microsoft Endpoint Manager admin center
To add an Android store app to Intune from the Azure portal follow the steps from the Add Android store apps to Microsoft Intune guide.
For the step 6 of this guide you need to add details:
- Name: LMS365.
- Description: LMS365 mobile app provides easy access to all courses a learner is enrolled in. On their mobile device, learners can at any time and from anywhere view courses they completed, are in progress and courses not yet started.
- Publisher: Enter the name of the publisher of the app.
- Appstore URL: https://play.google.com/store/apps/details?id=com.elearningforce.LMS
- Minimum operating system: requires to select the earliest operating system version on which the app can be installed. Otherwise, it will not be installed.
All other fields are optional.
When ready with all the steps, the app you've created is displayed in the Android Apps list.
To add an IOS store app to Intune from the Azure portal follow the steps from the Add iOS store apps to Microsoft Intune guide.
When ready with all the steps, the app you've created is displayed in the iOS Apps list.
The next step is to download Microsoft Intune app/ Company portal app on your mobile device, log in and set up access for your account. Finally, download LMS365 mobile app and enjoy using it.
If you face some issues with log in, please, go to the Azure Active Directory admin center, check Sign-ins status and open Details. Follow the link to find more information.