- 01-21-2013, 09:12 AM #1
So here is the situation:
We buy users new Windows 8 machines, We buy them Windows 8 phones.
We create a live account for their corporate email address and link it to their domain account.
We setup this live account on both the Phone and the PC.
No... Now the users want to buy apps in the app store but corporate isn't going to pay for them and the end user doesn't want to tie their credit card to a corporate controlled live account. Additionally they want to take their apps with them should they leave at some point in the future.
The way you handle this on Android is that it allows multiple accounts in the play store. I don't see this functionality in the Windows Phone 8 store.
- 01-21-2013, 09:19 AM #2
why don't you have them set up the live account in their name, then add your exchange account separately. I know this is more time consuming having each employee enter their xbox/live/hotmail credentials but then the WP store would be with their own account.
The 2nd thing you could do, if you want to buy an app, it comes out of your paycheck. :)
01-21-2013, 09:22 AM #3
- 408 Posts
The issue is that accessing the Win Phone Store from the phone is automatically tied in to whichever MS account you create on that particular phone. That doesn't mean you can't create separate accounts though. Users would have to create their own MS accounts and download and install apps manually to the phone.
01-21-2013, 09:50 AM #5
- 294 Posts
- 01-21-2013, 10:13 AM #6
The problem is all of the integration. We want to provide people with larger skydrive accounts and so on but we don't want to pay for angry birds.
We also need to maintain control of user that the devices are tied to in the event that the user leaves.
Accounting would likely stop cutting IT Payroll checks if we asked them to micromanage app store purchases.
I would think there is some type of solution here but it's I can't see anything front and center that allows us to retain control while allowing end users to purchase apps.
- 01-21-2013, 11:32 AM #8
Sheena D.: Hello David, my name is Sheena D. with Microsoft Support. Please give me a few moments as I review the information you've submitted.
You: I just spent 45 minutes on the phone and talked to 5 different people. I am growing very frustrated here.
Sheena D.: I understand that you have purchased Windows 8 PC and Windows Phone 8 device for employees, and they are trying to purchase apps for there devices. The only way to purchase apps from the Store on the phone, is to add a credit card to the primary Microsoft Account on the phone.
Sheena D.: If they do not want to add their credit card to the corporate live account, they need to create a new Live account and hard reset the phone.
You: The problem is that we tie their domain to a live account which is email@example.com for example.
You: The end users don't want to put their credit card in a firstname.lastname@example.org live account they want to put it in a email@example.com account. This way they are not exposing their personal credit card to our internal IT staff and they can take their apps with them if they leave the company.
You: In android you have the option to add a second account for store purchases
You: Same in IOS
Sheena D.: There is no option in Windows Phone 8 to add a secondary account for billing purposes. The primary Microsoft Account is the one used for downloading apps and for billing. If the end users are purchasing the apps themselves and would like to keep their investment if they leave the company, then the only thing I can suggest is to create a personal Live Account, hard reset the phone, and then use the personal as the primary one. Then they can use the domain live account as a secondary email account.
You: Then they lose access to their skydrive, office syncing, etc
Sheena D.: You can of course make a suggestion to the developers of the phone here to add this feature: Feature Suggestions: Hot (21177 ideas)
- 01-21-2013, 11:51 AM #9
Microsoft cannot provide any answers. We have been kicking it around here at the office and there doesn't seem to be a way around this.
If you let the users use their own live account and link it to their business windows 8 devices (domain account) then when you terminate that user you lose control of all of the documents that are stored with the live account. The employee will very likely have proprietary company information stored in skydrive and all they have to do is connect another device to that account or log into the website to retrieve it. The IT staff loses all control over this content.
If you don't allow the user to use their own live account and that user wants to purchase apps then they have to use your corporate account for app purchases and they lose these apps if/when they leave the company.
Also some users might have an xbox account they want to link to their phone but they are in the same boat.
01-21-2013, 12:35 PM #12
- 488 Posts
Wow. This would not have passed final review at my firm. I have a selected group of 10-20 users of which at least half are IT support staff to test this sort of thing before release.
Is it not possible to use a secondary account for Skydrive access? I only used a Lumia for a month before deciding that it wasn't for me, personally.
Also, I doubt that the Outlook domain admin can see users' credit card numbers. I am domain admin for my company's corporate Google Apps accounts and I can't, as far as I can tell. I understand that even Google support staff themselves can see only the last 4 digits, card type and expiry date.
01-21-2013, 12:48 PM #14
- 488 Posts
- 01-21-2013, 12:59 PM #15
I am a big windows 8 / phone 8 fan but this type of oversight really makes it hard to justify platform upgrades to the bean counters.
- 01-21-2013, 01:28 PM #17
I guess I don't get how Live Accounts work in that situtation. Even though you create a Live ID that has the same name as your corporate email, isn't that still a seperate account. If you shut off access to their domain account, won't that Live Account still be valid and the Skydrive still exist?
- 01-21-2013, 01:50 PM #19
- 01-21-2013, 02:21 PM #20
I think it's ok if they are using corporate skydrive because IT can retain that information and log in to clear it out as part of the termination process. The problem is if they use corporate skydrive accounts they cannot buy apps or use xbox services from a personal account.
The simplest way to fix this would be to allow account selection on applications like Store, and Xbox. This way you provision the phone with a corporate live account and the user can install free apps. But if they want to install paid apps they simply switch to a personal account in the store app or if they want to hook up to their personal xbox live account they simply switch to that account for that app.
01-22-2013, 04:26 AM #21
- 380 Posts
The normal method of deployment in this sort of scenario is to provision the device with a personal account, add the corporate email account afterwards and share corporate data using a Sharepoint server, which can be on- or off-premise.
It is possible to have more than one Skydrive account accessible on a WP device by using the store Skydrive app but that's not ideal as you cannot open new documents from within that app, whereas a Sharepoint server can be accessed from within the Office hub on the device.
WP does not support the concept of more than one account for in-store purchases via the Store and I doubt it ever will (at least for the forseeable future), because the roadmap describes corporate app deployment using Sharepoint, alongside the Store and associated account for personal purchases.
- 01-22-2013, 05:55 AM #22
Again: I would set it up as a personal email, then add the secondary account on top of it..the users can make a shares account folder for SkyDrive. But how often are employees really working on documents on their phones? They should pull out the windows 8 laptop you bought for them.
Sent from my RM-820_nam_att_100 using Board Express
- 01-22-2013, 07:16 AM #23
Markfive: Thank you for pointing me in the right direction. Connecting to a sharepoint resource works well and provide the type of functionality corporate users are looking for. I am still kind of on the fence about using personal accounts for phone/workstations.
01-22-2013, 09:32 AM #24
- 380 Posts
IMO for the phones its not really an issue as long as you are using EAS to sync the corporate email accounts (so you have remote wipe and PIN policies that can be controlled centrally regardless).
For the workstations its a bit more complex. You can link the domain and MS accounts of course, but in practice I'm not entirely convinced that's the way to go unless seamless access to both personal and corporate data is an overriding priority for you. My inclination would be to stick with domain accounts, and let people use the web for accessing personal stuff. One thing that might help here is the Skydrive app, its very good on desktops. However you also need to factor in the risk of corporate files leaking onto personal storage, whether deliberate or accidental. Sometimes its a mistake to make access to personal stuff as easy as access to the corporate stuff...
- 01-22-2013, 09:54 AM #25
I am liking the SharePoint sync functionality. Where I ended up at is Skydrive (personal), and Skydrive Pro (sharepoint).
On the desktop we setup SharePoint sync and if the user wants to sync their personal skydrive we will make a decision on that individually.
On the phone we setup a live account if they don't want one and don't plan to make purchases. If they do then we add their live account to the phone as the primary account.
Either way we setup links to the sharepoint sync.
- By mpovolo in forum Windows Phone 8Replies: 0Last Post: 12-22-2012, 12:21 AM
- By dxdy in forum Software Development and HackingReplies: 0Last Post: 12-14-2012, 09:08 PM
- By Visual360 in forum Windows Phone 8Replies: 4Last Post: 12-06-2012, 12:34 AM
- By dxdy in forum Microsoft News & RumorsReplies: 0Last Post: 08-17-2012, 10:08 AM
- By bwigginit in forum Windows Phone 7Replies: 3Last Post: 01-23-2012, 06:02 PM