With Microsoft recently depreciating Basic Auth for Office 365, those who are using Exchange ActiveSync payloads will likely experience authentication errors if they're not already using modern authentication.
A simple fix for this is to enable "Use OAuth for Authentication", this will prompt the user to authenticate using the modern method and allow the user to continue to use the native Mail, Calendar, Contacts, and Notes applications on iOS.
You shouldn't need to fill in the Signin URL or Token Request URL fields, as it'll prompt the device to auto-discover, however, if you do need these they can be found on your Office 365 admin console.
A small downside of this compared to basic auth, is that the end user must know the username & password of the O365 account they're authenticating, this is a limitation of using modern auth and is not something we can control on the Meraki end.
Meraki Support can assist if you have issues installing the payload, but once the payload is installed this is outside the remit of Meraki's control and you should direct authentication questions to Microsoft.
We set up OAuth last week for mobile users, but many of them keep getting prompted every day to re-enter their password. Is there a timeout setting somewhere that I need to look for that will extend this login period?
Do note however, that any time you make a change to a profile that contains an ActiveSync payload (even if the change isn't regarding ActiveSync) the profile is re-installed and the user will be prompted to reauthenticate. Therefore it's best to have the ActiveSync payload in its own profile, so that any other changes (such as WiFi, restrictions etc) don't require the user to authenticate.
That's kind of my issue as well as the linemen don't keep up with their password. It is strange. Some folks it asks for password re-entry every day, others it's longer. Some people never have an issue. Newer devices seem to act better.
I am unable to get it set up. It will ask for admin approval. I am unsure how to set it up. I have now spent over a week on this. It keeps asking for consent admin permission and I do not want to give each user admin consent.
Is there documentation on how to set it up from beginning to end?
You should only have to provide admin approval once. I recommend setting up the device for an admin first and when prompted provide the approval. After that is complete, users should not receive the prompt.