A user with an Office 365 business account wanted to block the "Stay signed in to all your apps" dialog from coming up when she signed into her Office applications using that account.
I get a pop up every time I log on to an account from my client: "Windows will remember your account and automatically sign you in to your apps and websites on this device." It has a checkbox for "Allow my organization to manage my device" and a link for "No, sign in to this app only". I don't want my client to manage my device for obvious reasons and their authorization expires quickly, so I need to sign in often and uncheck the option before clicking the link to sign into the app only. How do I remove this annoying dialog?
Yes, that dialog is annoying. But you prevent it from coming up (and prevent the organization from managing your device) when you sign into any Office application using your business address by adding the BlockAADWorkplaceJoin value to the registry.
HKLM\SOFTWARE\Policies\Microsoft\Windows\WorkplaceJoin DWORD: BlockAADWorkplaceJoin Value: 1
If you don't want to edit the registry, download this ready-to-use reg file, then double click to run it. (If your browser saves it with the .txt extension, change it to .reg)
This key should take effect immediately, without the need to reboot your computer.
What is managed when 'manage my device' is enabled?
What exactly does allowing the organization to manage your device do, when you leave the box checked?
If you allow your organization to manage your device, it is linked to your Microsoft Office 365 Business account and registered in Azure AD. Your organization can then use Intune to manage the device. This does not allow them to access your personal files or personal email in Outlook, but they may be able to disable hardware, delete work files, or prevent you from adding personal accounts to Outlook.
For smaller Office 365 organizations, it generally doesn't make a difference as there are often few (if any) Intune policies in effect.
Larger organizations may have policies that limit features or the ability to open additional accounts in your Office apps. They could remotely wipe work files from OneDrive on your device (but not personal files stored outside of OneDrive), they can "see" your hardware configuration and can disable some hardware (such as your camera).
For a complete list of what the organization can "see" when this option is enabled, see Intune's help article:
What information can my organization see when I enroll my device?