ATOK installation Failed in Corporate-owned devices with work profile
Hi, I have enrolled 2 samsung devices to intune using the Corporate-owned devices with work profile and assigned many applications to the devices. However, 1 specific application has failed to install stating the "country or region doesn't support this application." This is strange because in the same tenant I have other samsung devices enrolled as BYOD which is assigned this same application can install. I tried to reach out to intune support and they cannot do anything about this and asked me to raise ticket to google and I don't really know where I can raise the ticket to google regarding. Please help as I have to figure this out and deploy the application. PS: This application is available in the play store for the region and country. So the error message doesn't make sense. Thank you
Can we set beta channel of public app in policy?
We have an application published on the play store that is used as require for setup app, I have different channels in play console, production and beta/closed. In AMAPI policy, we can set "accessibleTrackIds": [ string ] so that a particular channel is used to download the application. Here is the issue, when we go to the advanced settings in the play console for the app and turn on Managed Google Play, it shows that the app will become private and this can not be undone. Is this the way or we can use the public application's testing channel by specifying its track id in the policy and it will download for eg. if beta is added then it will download the beta channel app and if there is no track id mentioned then it will default to the production application? Another thing is that, how to get the track id in case we can do this?Common identifier between AMAPI & Require for setup app for validation
We are enrolling devices using AMAPI by generating a QR code with an assigned policy either for work profile or fully managed enrollment. During enrollment, the device prompts for a require for setup app, which, after configuration, returns RESULT_OK, marking the setup as complete and finalizing the device enrollment. Before returning RESULT_OK, To identify the enrolling device, the backend gets the device ID and enterprise ID from the Pub/Sub provisioning notification. The device ID (which matches the GSF ID) is then sent by the require for setup app to the backend for validation. This identifier is also used to enforce enrollment limits based on the enterprise license count. The Issue: Up to Android 14, retrieving the GSF ID was possible. However, in Android 15, it now returns null. Question: Is there an alternative identifier that can be used to identify the enrolling device—one that the backend can retrieve and that the setup app can also access during enrollment? Below is the information we receive from Pub/Sub when a device is enrolled: { "name": [*Hidden for privacy reasons] "managementMode": "PROFILE_OWNER", "state": "PROVISIONING", "enrollmentTime": "2025-04-04T06:17:02.751Z", "lastPolicySyncTime": "2025-04-04T06:17:02.817Z", "softwareInfo": { "androidVersion": "15", "androidDevicePolicyVersionCode": 10323580, "androidDevicePolicyVersionName": "128.32.3 (10323580)", "androidBuildNumber": "AP3A.240905.015.A2", "deviceKernelVersion": "5.15.149-android13-8-00010-gc2e0ba41ba85-ab12040008", "bootloaderVersion": "unknown", "androidBuildTime": "2025-03-11T13:26:50Z", "securityPatchLevel": "2025-03-01", "primaryLanguageCode": "en-IN", "deviceBuildSignature": "c9009d01ebf9f5d0302bc71b2fe9aa9a47a432bba17308a3111b75d7b2143456", "systemUpdateInfo": { "updateStatus": "UP_TO_DATE" } }, "hardwareInfo": { "brand": "Redmi", "hardware": "mt6835", "deviceBasebandVersion": "MOLY.NR17.R1.TC8.PR2.SP.V1.P51,MOLY.NR17.R1.TC8.PR2.SP.V1.P51", "manufacturer": "Xiaomi", "serialNumber": [*Hidden for privacy reasons] "model": "23124RN87I", "enterpriseSpecificId": [*Hidden for privacy reasons] }, "policyName": [*Hidden for privacy reasons] "memoryInfo": { "totalRam": "5865836544", "totalInternalStorage": "806965248" }, "userName": [*Hidden for privacy reasons] "enrollmentTokenName": [*Hidden for privacy reasons] "securityPosture": { }, "ownership": "PERSONALLY_OWNED" } *Updated by Community admin - removed due to privacy reasons 4 April
Managed Google Play private app not available on Corporate-owned devices with work profile
Hi community, I'm encountering a strange issue and could use some guidance. A Google developer account released an app to Managed Google Play (so it's automatically private and not available on the public store) and entered our organization ID in the appropriate field. We can find the app on the iframe in our MDM (Microsoft Intune in this case), select it, and assign it to groups. Everything looks good: BYOD deployments (Personally-owned devices with work profiles) can install the app from the Managed Google Play store. However, COPE devices (Corporate-owned devices with work profiles) cannot search for it, and it's also not visible in the app collections we've created. Could there be a setting in the Google developer account's store listing that prevents availability for COPE devices? I've exhausted all options in Intune, including multiple store syncs, with no success. Intune is telling me, that the App is available to install on the specific COPE devices, but it does simply no appear. The only thing left to check is the Google developer account that released the app for us. Has anyone else experienced this issue? Any hints or suggestions would be greatly appreciated. Thanks! Walter[Community tips] What guidance do you provide with new devices?
Hello everyone, I recently helped a family member set up their new phone (after their old one had a long and fruitful life 😃). It struck me how important it is to help, when needed, to guide someone through using a new device and highlight key features that they may be used to using (and any new ones). This made me think, this is a key area for work devices too and so I thought it might be interesting to hear how we do this across the community. For example, do you provide documentation with step-by-step instructions, guidance on device usage and key information, or assistance when switching device types or operating systems? It would be great to hear any tips you have for supporting colleagues with new devices, plus anything that would make your life easier when creating useful resources. Thanks so much, Lizzie
[Community survey] Android App Management features and security
Hello everyone, We've had a couple of surveys this month, so I hope you don't mind another. Here in the Customer Community, one of our most popular topic areas is on app management, so I'm hoping this survey is an interesting one for you all. 🤞 It would be great to hear your thoughts and ideas on ways you would like application management features and security to develop further. If you have a spare moment, please take the short survey below and if you have any additional questions, please to reply to this topic below (by clicking 'Reply'). All of the feedback will be passed over to our Product team. Feel free to share this with any colleagues or others working in this area, as it would be great to get a good amount of feedback around this. Thank you in advance for taking the time to do this. 😀 Lizzie Loading… Interested in other surveys? It would be great to hear your feedback on AE secure logs.[Product Update] Android App Bundle support in Managed Google Play
Hey everyone, For those of you using private apps, I’m pleased to let you know that the Managed Google Play iframe now supports Android App Bundle uploads - enabling larger app sizes and the full benefits of app bundles. With this update, you can now create new private apps using app bundles (with Google generated signing key) and can migrate existing apps to the app bundle by enrolling in Play App signing. For full details on how this works please visit this Help Center article with information on migration of an existing APK to an app bundle. You can also find more information about using app bundles in this FAQ. We know many of you have requested this feature before and so we hope you find it useful. It would be great to hear your feedback. Thanks so much, LizzieIssue with G Suite Apps Being Marked as Disabled in Play Store
Hi everyone, We are facing an issue where G Suite apps like Google Sheets, Google Drive, and Google Docs are installed on our managed devices, but when we check them in the Google Play Store, they appear as disabled. In some cases, the apps are randomly disabled, requiring manual re-enabling. We have verified: Google Device Policy settings Apps are approved and allowed in the managed Play Store Despite these checks, the issue persists across multiple devices with G Suite apps. Has anyone else experienced this issue? If so, do you know of any workarounds or if there is an ongoing Google-side issue causing this? For reference, I have attached a screenshot showing the issue. Looking forward to insights from the community! Thanks, RupeshHow to Handle Delisted Apps in Google EMM During or After Device Provisioning?
Hi everyone, We’re facing an issue where managed Android devices get stuck, preventing app installations when an app included in a policy is delisted from the Play Store. For example, we had the package “com.Xplayer” in a device policy, but when calling Products: get, it returned: “googleapi: Error 404: No product was found for the given ID., notFound.” However, this app was available earlier, and despite its removal, using the Devices: update API still updates the policy without any error or warning. Additionally, there’s a possibility that an app is present on the Play Store when it is approved and added to the policy but later gets removed or delisted by Google. This could lead to installation failures and devices getting stuck. Has anyone encountered this before? How can we prevent devices from getting stuck when an app is delisted? Does EMM automatically remove such apps from policies, or do we need to handle it manually by checking each package ID? Is there any way to get notified when an app is removed from the Play Store? Without a proactive mechanism, devices remain in a stuck state, making large-scale device management challenging. Any insights or best practices would be greatly appreciated! Thanks!
