Coexistence of Air Watch and Intune MAM and What is MAM without MDM

Why Intune option is visible in Azure portal ( This is good news for SCCM/Intune admins. We are getting new features in Intune. This time it’s Intune MAM (Mobile Application Management) without MDM enrollment. For full management of mobile devices, we need to use the original Intune portal ( In this post, we will see Coexistence of Air Watch and Intune MAM and What is MAM without MDM.

It was a regular question in forums and others communities that can Intune coexist with other MDM products like Airwatch or Mobile Iron. Now the answer is Yes, in some ways. But don’t take me wrong you can’t enroll a device into two MDM products at the same time,  however, you can use Intune MAM policies for office applications on other MDM (Airwatch or Mobile Iron etc..) managed devices. More details about this topic available in a TechNet blog post here.

Coexistence of Air Watch and Intune MAM and What is MAM without MDM

Once you click on Intune from Azure portal, Intune Mobile Application Management (MAM) page will open up with 3 options as you can see the below screen capture. App Configuration – App policy, Remote Requests – Wipe requests and Resource Management – UsersCoexistence of Air Watch and Intune MAM and What is MAM without MDM

You can create new Intune MAM policies from the Azure portal – Intune session.  Click on App Policy and then click on add new app policy to create Intune MAM policy. At the moment we have options only to create iOS and Android Intune related MAM policies. Windows option is missing from this. Also, we have very limited options with application selection – Onedrive, Excel, Powerpoint and Word. In the following scenario, I selected only Excel app for Intune MAM policy.

Intune MAM without MDM-5

Once we selected the  app which we want to apply Intune MAM policies without MDM enrollment, then you can configure the aka policies as you can see in the following screen capture. The MAM policy options are same to the one we have in Intune portal. This will help to protect the corp data by preventing save as options, copy paste between managed and un-managed applications.Intune MAM without MDM-10Once Intune MAM policy is created then you can deploy that policies to a group of users. This can be done directly from Azure portal Intune page as I shown in the following screen capture. Right click on the Intune MAM policy which you want to deploy and select Target User Groups.
Intune MAM without MDM-7

Now we need to add a user group which we want to deploy this Intune MAM policy. Click on add user group button as I shown in the following screen capture. Search for the user group and click on select option to deploy MAM policy to those users.Intune MAM without MDM-8Once we finished deploying Intune MAM policy and we want to change some settings of the deployment or configuration or User group then you can do it as shown in the following screen capture.Intune MAM with out MDM-11

I logged into iPad Mini (iOS 9.1) and launched one drive application to test whether MAM policies are getting applied for One Drive app or not. Intune MAM policies got applied to One drive application and it had given access to my corp files as you can see in the following screen capture. However, it didn’t work well for Word and Excel applications. I’m not sure why it’s not happening. Will check more and update here.

Intune MAM with out MDM-13

Sharing is caring!

6 thoughts on “Coexistence of Air Watch and Intune MAM and What is MAM without MDM”

  1. Hi Anoop nair.

    How to integrate with Airwatch?
    We only want to use the MAM policies of Intune. We are not interested to enroll to Intune, as AirWatch is our MDM

    • Use Intune MAM as I mentioned in the post. No need of integration with Intune and Airwatch. But you can configure Intune MAM policies to the user ID (with Intune license and Azure AD license) 1. Install Azure Auth app (for iOS) 2. Install Intune Company portal for Android device (NOT need to configure).

      You will be fine managing with Air-watch and Intune !

  2. Great information, Anoop.

    Using AirWatch MDM and Intune MAM…is there such a setting in Intune MAM that allows to restrict (or mimic restriction of) receiving Corporate email unless the device is registered in A/W MDM? Conditional Access policy only allows either Intune managing any device O/S, or any MDM for Windows O/S only.

    I appreciate your insight.


  3. Hey

    does the detection of device types work? We would like to seperate between unmanaged Android devices and devices managed with Android Enterprise. I know in iOS you can configure the IntuneMAMUPN but how does this work for Android?



Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.