Recent discussions
Intune Management Capabilities for Samsung Devices
Dear Team, Greetings, I would like to better understand the management capabilities available for Samsung Android devices, with Intune . Specifically, I am looking for clarity on whether these devices can be fully managed through Intune instead of relying on the Samsung Knox management tool, including support for application deployment, patch distribution, firmware updates, and other administrative functions. Any slides reference would be good for my internal discussion ?.[Day 2] Mission Intune : When Migration Becomes a Mission (Almost) Impossible
Good Morning Everyone 🕵️ Deep within the digital infrastructure, a high-stakes mission is being prepped. Five mobility experts have been deployed to solve a massive puzzle: migrating tens of thousands of smartphones to Microsoft Intune. The Goal: Ensure a fluid, secure, and uninterrupted transition for thousands of users. The Battlefront: A complex landscape filled with legacy policies, mixed configurations, and strict deadlines. It’s a race against the clock where one wrong move could start a domino effect. From scripts to security protocols—nothing is left to chance. Failure is not an option. Following Broadcom’s acquisition of VMware in 2023, the Workspace ONE product is now owned by Omnissa. Broadcom’s commercial strategy, which has influenced its spin-off companies, had become highly aggressive toward all customers. Consequently, we have decided to migrate the management of our Android and iOS tertiary fleet to Microsoft Intune.. While we are familiar with Intune, several limitations should be noted: Reporting: Intune offers basic reporting through Microsoft Endpoint Manager and Power BI integration, but lacks the advanced, customizable dashboards available in Workspace ONE. Deployment Performance: Application and configuration deployments can be slow, with status updates often delayed due to Intune’s reliance on periodic device check-ins rather than real-time communication. iOS Management: Intune provides full functionality only for devices enrolled via Apple Business Manager (ABM). Non-ABM devices have restricted supervision capabilities, limiting advanced configuration and app deployment. Error Handling: Intune does not display granular error codes in its console. Troubleshooting often requires log collection from the device or use of Microsoft Support tools, increasing diagnostic complexity. Conditional Access & Compliance: Intune integrates tightly with Azure AD for conditional access policies, which is a strength, but requires additional configuration and licensing for advanced scenarios. App Protection Policies: Strong for Microsoft 365 apps, but less flexible for third-party apps compared to Workspace ONE. Migration Strategy Overview The project aims to migrate the entire mobile fleet—a few tens of thousands Android and some iOs devices—between September 2023 and December 2024. Cybersecurity requirements mandate a shift from COBO (with personal Google accounts allowed) to COPE, reinforcing corporate control and reducing exposure to security risks. Key Challenges Technical Constraints: Devices incompatible with Android 13 require hardware replacement. For most employees, migration involves full device reset and Intune re-enrollment—a complex, time-consuming process. Security Limitations: Backup tools cannot be authorized, increasing the risk of data loss and user errors. A recurring issue is failure to remove Microsoft Authenticator configurations, creating significant support overhead. Performance Impact: The Samsung Galaxy A32, previously adequate under COBO, performs poorly under COPE, affecting user experience. Status and Strategic Decision By June 2024, progress is far below target. To mitigate operational disruption and support overload, the strategy shifts: forced migrations are discontinued. Migration now occurs only during: Hardware replacement (obsolescence, failure, or breakage) Voluntary device reset This approach prioritizes stability and resource optimization while maintaining compliance with security standards. We’ve been with Intune for almost two years, we make do with it and we are hardly surprised anymore when something doesn’t work. If you have any questions, don't hesitate to reach out via the comments below Kris
Android COPE Devices randomly wiping
Hello, Recently our COPE profile in ZT is not functioning. The device will go through the enrollment, it gets registered correctly in our tenant (Entra/Intune) and we can get to the home screen just fine. However, after some time the device will receive the following notification: “Your organization has set up this device to be managed by your organization. If this is an error, contact your device’s provider. All data on the device will be deleted. Your device will automatically reset in 2 hour.” The config in ZT and the one in Intune match (token is correct and the DPC extras are fine). This profile was working up until 2 weeks ago. We’re stumped. We recreated a different COPE profiles with the required DPC extras as per Microsoft’s documentation, tried removing compliance policies and device configurations to make it a plain profile. No luck, still receives the reset notification. Phones tested: Samsung A15, Samsung A16 all running the latest Android 16OS with the latest security patch. Any help would be appreciated, thank you!2FA sign in error at Android Zero Touch portal
I am the IT admin/owner of our Android Zero Touch instance, and I am trying to log into the portal to view and interact with devices associated with our organization. Our zero touch instance is linked with our Intune tenant, and is working correctly. I keep getting the error that my sign in was rejected because it doesn't meet my organization's 2 step verification policy and to contact my IT admin for more information. I am that IT admin, and I can't login. My login information is correct, I have our account ID, and I'm just trying to get in touch with someone to help with the login. I can't even login to support portal to get help, so I had to use my personal Google account to post this.
We have all our devices on Samsung Knox; I would like to try using Android Zero-Touch enrollment as well. Is that possible?
We got all our new company Samsung phones added into Samsung Knox. None of the distributors we work with are Android Zero Touch partners; we've asked them to join and they probably won't any time soon. I read that there's been some effort to unify Samsung Knox and Android Zero Touch, although in many cases it still seems like EMMs have better support for Android Zero Touch whereas Samsung would prefer you use their in-house EMM. We would like to try using the Android Zero Touch enrollment as well. Unlike Samsung, it seems like I can't even register my own customer account. So my questions: is there any possible way to get just a Zero Touch customer account set up, with no devices added, when none of the resellers I actually bought a device from are Android partners? Also, is there some way I could get some of our Knox enrolled devices to use Zero Touch?
**LAST CALL**[Survey] End of Year Customer Success Programs Feedback
Hello everyone, As 2025 comes to a close and we look toward a new year, this is often an excellent time for reflection. It has been a busy year, and we've so enjoyed speaking with you and seeing the interact with other community members. The Android Enterprise Customer Success team is dedicated to ensuring that our programs and resources—including the Customer Community, The CAFE, and Advisory Services—are useful, enjoyable, and impactful for you and your teams. As we head into 2026, we’d love to hear directly from you! Would you mind sparing less than 5 minutes (I’ve been assured it won’t take a minute more 😀) to complete our Customer Success Products CSAT survey and share your overall experience please? The survey contains multiple sections for each customer programs. Please only select 'Yes' for the area(s) relevant to you. Your honest feedback is vital and will directly influence the improvements and new features we prioritise. The Customer Community is a collective space, so it’s really important to us that you help to shape the direction. Thank you so much and let me know if you have any questions or thoughts you’d like to share with everyone, below. Lizzie (and the whole AE team) Click the link below to start the survey. (Or to open this in a new tab and display it larger, click here). Loading…
