IOS Conditional Access – force MDM

This is the config how to block MAM config on Android Phones.

Go to

Endpoint security > Conditional Access

Create new Policy

Give it a name like IOS – No MAM

Specify the group or user to apply on

Select the Office 365 app

Select Platform IOS

Add Device Filter

device.deviceOwnership -ne “Personal” -and device.deviceOwnership -ne “Company”

Set Block Access

and set it on ON

Also create a policy to Force authentication check.

Install Fonts with Powershell

$ssfFonts = 0x14

$fontSourceFolder = ""

$Shell = New-Object -ComObject Shell.Application

$SystemFontsFolder = $Shell.Namespace($ssfFonts)

$FontFiles = Get-ChildItem $fontSourceFolder

$SystemFontsPath = $SystemFontsFolder.Self.Path

$rebootFlag = $false


foreach($FontFile in $FontFiles) {

    # $FontFile will be copied to this path:

    $targetPath = Join-Path $SystemFontsPath $FontFile.Name

    # So, see if target exists...

    if(Test-Path $targetPath){

        # font file with the same name already there.

        # delete and replace.

        $rebootFlag = $true

        Remove-Item $targetPath -Force

        Copy-Item $FontFile.FullName $targetPath -Force


        #install the font.





#Follow-up message


    Write-Host "At least one existing font overwritten. A reboot may be necessary."