Recent discussions
Not able to restrict personal email from logging into Work GMAIL app for BYOD enrolled devices
I wanted to restrict personal emails (with gmail account) from logging into Work GMAIL app for BYOD enrolled devices. I however want workspace accounts to be able to login. When I set modifyAccountsDisabled to true in AMAPI policy, no account can be added (including workspace account). Same problem happens when I specify com.google for accountTypesWithManagementDisabled - no account can log into GMAIL. Is there any solution to this ? Thanks in advance.
Disable random mac address during EMM enrollment
My company is trying to provision tablets via headwind MDM. We have no problem on some of our networks, but the location they are being provisioned at at-scale have a strict no-random-mac address rule on their network. Thus far I have been unable to figure out how to create a QR code that will disable random mac address on the SSID of the network the device connects to when enrolling in our MDM. Is there a field I am missing? Surely there must be a way to overcome this.
ANDROID 15: Problem with unlock code expiry in COPE mode
Hello, Our users' Samsung smartphones are enrolled in Intune in COPE mode. We have a configuration profile that requires a device unlock code with an expiration time. We haven't configured a code for the work profile, so the One Lock setting is enabled by default. In Android 15, following the expiration of the unlock code, the user is now required to change the unlock code. However, once they do so, when they launch an app in the work profile, the smartphone also asks them to change the work profile code. I don't understand why the smartphone is asking to change the work profile code when the One Lock setting is enabled. Is anyone else having the same problem? BenjaminWhat security threats do you experience the most?
Hey everyone, Stop what you’re doing - episode 2 of The Secure Element is out now! Tune in as Bigdogburr and Theresa Lanowitz, Chief Cybersecurity Evangelist at LevelBlue, dive into achieving cyber resilience in an era of boundaryless computing. Their discussion truly reinforced for me just how vital a holistic approach to securing all end-user computing is - from laptops to mobiles, and everything in between - especially with cyberattacks becoming so sophisticated. The role AI plays in crafting these increasingly targeted attacks was a real eye-opener! This episode got me thinking about the real-world threats we’re all facing. What are the kinds of cyber threats you are most confronted with? Cast your vote in the comment section below: Phishing / Quishing/ Smishing (Email, SMS, or QR code tricks) Deepfakes (Convincing fake video/ voice calls) Malicious apps (Apps designed to steal data/ compromise devices) Network attacks (Rogue or Spoofed Wi-Fi, man in the middle, etc.) Other (please share more details in the comments!) And share some wisdom! Do you have some tips on how to identify a cyber attack? If you’ve been targeted, what’s one key lesson learned that you think everyone should hear? Looking forward to reading your stories. Chat soon, Emilie
Seeing spike in HARDWARE_BACKED_EVALUATION_FAILED for Android 16 devices.
We are seeing a spike in HARDWARE_BACKED_EVALUATION_FAILED in https://developers.google.com/android/management/reference/rest/v1/enterprises.devices#securityrisk field in AMA Device response. We are seeing this mostly in the Android 16 customers and for some users it went away without any change on their side. So it does not seem anything wrong with the devices and seems random. Anyone else facing this with AMA or play integrity?
Control Wi-Fi Calling settings
Hi there, hope you're well. Just wondering is it possible to control the Wi-Fi Calling settings within Android via MDM? The closest thing I've seen is to use Knox Asset Intelligence to check Wi-Fi Calling setting status on Samsung devices: https://docs.samsungknox.com/admin/knox-asset-intelligence/dashboard/network-insights/wifi-calling-setting-status/ Thank you for your help & input in advance!
Google Keyboard configuration Intune
Hi, I would like to know how to configure the Google Keyboard using Microsoft Intune. Specifically, I need to set up the keyboard with dual language support (Italian and German) on my Android devices managed through Intune. Could anyone help me achieve this goal?[Feedback] App installs: share your experiences & suggestions
Hello everyone, Our team is always interested to hear your insights around the current employee experience on managed Android devices and profiles (Work Profile). One specific area of focus is the application installation experience, particularly for apps installs that happen while the device is in use (not part of initial setup). The installation experience can vary depending on a variety of factors - the device model and Android version, configuration of your EMM’s DPC client, management mode of the device (fully managed vs. Work Profile), the permissions required by the app, the source of installation, permission policies, etc. Based on your setup, it would be fantastic to hear some of your user experiences and what improvements you’d potentially like to see? I know this is an interesting topic for many of you, so I'm looking forward to hearing your thoughts, feedback and having a good conversation. Massive thanks in advance, Lizzie
SCEP and EAP/TLS
Hi Team, I'm so sorry to ask this but it is expected that whenever I select the SSID of a Wi-Fi network that contains a SCEP and EAP/TLS configuration, it will show a popup example below? The policy for SCEP and EAP/TLS are already being configured by third-party MDM and we just assume that we don't need to do this manually on each devices.
Intune - Android Enrollment Default Profile
Hi, We’ve noticed that our Android devices are no longer enrolling automatically, which is resulting in the default profile being applied from the auto-created policy in the Google Zero-Touch customer portal. I’ve reviewed the portal settings, and the correct profile is still assigned by default. This process previously worked as expected. Many thanks, Joe.
