When you sign in to any Microsoft Application like Microsoft Teams, Microsoft Outlook, Microsoft Excel etc., for the first time on any PC, you will get the below pop-up after typing in your username and credential.
When you click OK by selecting Allow my organization to manage my device. Your credential will be stored on the PC, so you can open all the Microsoft Applications without giving your username and credential.
This will be a problem because when you open any Microsoft outlook or Microsoft Teams, it will be opened up automatically with that user credential. This will give access to all the confidential information related to that particular user.
This feature is very beneficial, but what if you have a standard PC in the meeting room where you don’t want to store your user’s credentials?
When this pop-up shows up, all the users will click OK without reading the instruction, even how much you educate your users.
You cannot depend on your users every time. Some follow the rules; some will don’t. Even though.
How Prevent Allow My Organization to Manage My Device or Prevent adding Work or School Accounts
When you or any user accessing the common PCs, educate them to Click No, sign in to this app only. This will prevent storing your work or school accounts on the PC.
But you know your users will forget all the time. But unfortunately, there is no immediate solution available for the system administrator to control this behaviour in the office 365 admin centre or Microsoft admin centre.
Many windows users have been requesting for Microsoft Teams to stop this behaviour Please Stop: “Allow my organization to manage my device”. For now, you can vote on this request so that Microsoft can consider this option to Disable allow my organization to manage my device.
Workaround to Prevent Allow My Organization to Manage My Device using Registry Editor
Likely, you can create one Registry key to prevent this popup from showing when the user login in for the first time on new devices.
Step 1: Open Registry Editor
Press the Window key button on your keyboard and type registry on the search
Step 2: Navigate to the below location in the registry editor
On the registry editor, navigate to this location:
Step 3: Create new Registry Key
Here we have to create a new registry key.
Right click , select New and click DWORD (32-bit) Value
Type Registry Value Name as = BlockAADWorkplaceJoin
Right-click the Registry Key “BlockAADWOrkplaceJoin” and select modify and type value data as 00000001.
That’s it. You have successfully created the registry key to disable Allow My Organization to Manage my Device issue.
Now clear your credential from the PC and try to log in again; this time, your PC will not show the popup again.
How to Prevent Allow My Organization to Manage My Device using Group Policy
Suppose you have multiple devices which need to be configured on. Then the best way is to use the Group Policy option to create the above registry on multiple computers and control it centrally.
Group Policy Management Editor allows us to create a new registry key, delete, place, or update. This can be applied to multiple computers at once. You can centrally control the behaviours.
Step 1: Login to your domain server
Login to your Domain control, search and open Group Policy Management.
Step 2: Create new or locate to the existing Group Policy
Either create a new Group Policy or open the existing one to create the registry key.
- Expand Computer Configuration/Preference
- Select Registry
- Right Click and Select New
- Click registry Item
In the New Registry Properties, configure as below:
- Select Action as Create
- Select Hive as HKEY_LOCAL_MACHINE
- Define Key Path as SOFTWARE\Policies\Microsoft\Windows\WorkplaceJoin
- Define the Value Name as BlockAADWorkplaceJoin
- Define Value type as REG_DWORD
- Define Value data as 00000001
That’s it. You can now create the registry key successfully to prevent my organisation from managing my device.
How to Remove your Work or School Accounts from the PC
If you wrongly press the button, Allow my Organization to manage my device. Your credential will be stored on that PC, and your organization’s policies will now manage the device.
To configure if your device is already linked to your Organization, follow the below steps:
- Open the Setting App by pressing the Windows Key on your Keyboard
- Go to Accounts\Access work or school
On the right side of the screen, you can locate the account used to sign in to the device.
- If your work account is listed here, then select your account and click Disconnect.
Now you have successfully disconnected this device from being managed by your organization.
Was this Article Helpful?
Did I just helped you solve one of your problem? Support me by buying me a coffee. Thanks for your support