Workprofile creation failure using CUSTOM DPC
We use a custom DPC to create work profiles. On certain devices, profile creation fails with errors like STORAGE_UNAVAILABLE or work profile already exists. From bug reports, we can confirm the failure cause, but is there a way to detect these conditions directly in our app and handle them gracefully?”
Bug? G-board removes additional languages post BYOD Enrollment?
We noticed a strange behaviour, If G-board has additional languages added apart from English like Polish or German, post enrolling into a work profile, the additional languages disappear from the keyboard. I was able to reproduce with Intune, WorkspaceOne and even TestDPC app. This is true even if no Device Restrictions are applied. It seems like a bug. Has anyone else seen this issue?
Only one managed account is allowed
Hi Team, Can we add multiple managed accounts in Work Profile ? I was trying to achieve the same but I am getting error saying "A managed account already exists. Only one managed account is allowed for this device. If you have questions, contact your organization’s admin". If it is not possible, do we have any official document for the same. Regards Rahul Kumar
Not able to restrict personal email from logging into Work GMAIL app for BYOD enrolled devices
I wanted to restrict personal emails (with gmail account) from logging into Work GMAIL app for BYOD enrolled devices. I however want workspace accounts to be able to login. When I set modifyAccountsDisabled to true in AMAPI policy, no account can be added (including workspace account). Same problem happens when I specify com.google for accountTypesWithManagementDisabled - no account can log into GMAIL. Is there any solution to this ? Thanks in advance.Seeing spike in HARDWARE_BACKED_EVALUATION_FAILED for Android 16 devices.
We are seeing a spike in HARDWARE_BACKED_EVALUATION_FAILED in https://developers.google.com/android/management/reference/rest/v1/enterprises.devices#securityrisk field in AMA Device response. We are seeing this mostly in the Android 16 customers and for some users it went away without any change on their side. So it does not seem anything wrong with the devices and seems random. Anyone else facing this with AMA or play integrity?
AMAPI Provisioning Stuck on Registration Screen
I'm facing an issue with AMAPI device provisioning. I created a policy, generated a token, built a QR code, and scanned it on a tablet. The device successfully got added under my enterprise (I verified this using the API). However, for the past 2–3 days, while the QR code scanning works, the device gets stuck on the registration screen with a large circular loader for at least 15–20 minutes. After that, I get an option to factory reset the device. Even after the failure message, when I run my script to check for new devices, I can see that the failed device appears under my enterprise. The device's state from the AMAPI response is PROVISIONING. Despite being stuck on the failed screen, I tested sending commands to the device (like reboot and wipe), and surprisingly, they work. This has left me very confused if the device setup failed, how are commands still working? Initially, I thought it might be a device-specific issue, but I tried it on another device (which was never enrolled before), and I’m seeing the same behavior. For reference, here's the structure of the QR payload I’m using: { "android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE": { "com.google.android.apps.work.clouddpc.EXTRA_ENROLLMENT_TOKEN": "20Characters" }, "android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME": "com.google.android.apps.work.clouddpc/.receivers.CloudDeviceAdminReceiver", "android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION": "https://play.google.com/managed/downloadManagingApp?identifier=setup", "android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM": "I5YvS0O5hXY46mb01BlRjq4oJJGs2kuUcHvVkAPEXlg" }
Android Enterprise BYOD not honoring auto-connect setting for WiFi
Hi, We have an issue in our tenant with BYOD device enrollment (Personally owned with Work Profile). We use Intune as EMM. We want to push a WiFi policy to our devices but we do not want to preconfigure auto-connection for our users. Our users must manually connect to the network. The problem is that this setting is not supported for BYOD in Intune, so we have no control over it. In addition, the default behaviour of the devices (tested in Realme, Xiaomi, Nokia, Google, Samsung phones) is that autoconnect is enabled by default. Even if the user disables it, next Intune sync enables it back. Finally, I checked the policy via graph API and I see that: "connectAutomatically": false, "connectWhenNetworkNameIsHidden": false, "wiFiSecurityType": "wpaEnterprise", Is this setting not honored by the OS? Is there anything we can do about it?
