Android 15 - Cannot set default password app
We use Microsoft Intune to manage devices. For the devices which have upgraded to Android 15, the end users can no longer select Microsoft Authenticator as their default application for auto filling passwords. I cannot find any settings in Intune to allow it. All devices are fully managed corporate owned devices. The devices are all Google Pixel 8 or 8a devices. Is this a bug in 15 or am I missing something?
Play Protect Blocking Custom DPC Apps — How to Get Approval or Alternatives?
Hi everyone, I'm a developer who helps enterprises build custom DPC (Device Policy Controller) Reference Documentation apps to manage Android devices based on their unique requirements. Recently, Play Protect has started blocking the installation of custom DPC apps, even when these apps are signed and used internally. The warning claims the app may pose a risk due to access to sensitive data - even though it's strictly for enterprise use. To make things more difficult: Google is no longer accepting registration of custom DPC apps with Android Enterprise, which limits official distribution and management options. Android Management APIs don’t support all use cases, and also have quote limit. I’ve applied twice to join the Android Enterprise portal to build a SaaS-based device management platform, but both requests were rejected without a clear reason. My questions for the community: Is there any official way to get a custom DPC app approved or whitelisted by Play Protect? Are there any alternative ways to manage Android devices at scale (outside of AMAPI or legacy EMM)? How can new developers or startups gain access to Android Enterprise features when onboarding is currently restricted? Any help, direction, or shared experience would be greatly appreciated. Thanks, Kulwinder
[EMM] My Android EMM Registered account is forced to re-register Android Enterprise.
Hello all, I have my business account registered with Android EMM Registration for about 5 years. About a month ago, there was a problem with API connection with an error message 'UNAUTHENTICATED' reason 'CREDENTIALS_MISSING' which impact on device enrollment and app push service. I have no luck finding ways to fix it and I cannot open any support case with my free account. I decided to reconfigure Android EMM Registration with the same account. Google directed me to newly register enterprise account ended up with same account but different 'Client ID' and 'Google Service Account Email Address'. All my apps in private store and previous managed app are missing. Is there any way to bind my email account back to Google Client ID? so I don't have to separate manage apps and devices on my EMM system. Note When I login to Play Work, I still can see my previous 'Client ID' profile. However, on EMM system, it shows my new client profile. Regards, BKP
(COPE) Hide app in work profile
Hello, I have a small case I'd like to submit to the community for help please. A customer use Mobile Iron, and use Zero Touch to enroll our Android 14 products. In their DPC extras, they enabled the system apps and need to keep that way: "android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED":true, "android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE":{ "workProfileEnabled": true, "quickStart":"true" } Now after the device is enrolled, the Work profile is filled with bunch of apps including unwanted ones like Netflix, Adobe, YT kids, ... From Mobile Iron, they want to hide/disable some apps, using "setApplicationHidden" but it doesn't work. At OEM side, we tested this API with the Test DPC and it works properly. My thinking was that as we are in COPE, and the apps that the customer wants to remove are from the Personal space, then this is not working as the MDM cannot interact with Personal space content. Does this make sense? Are there a way to hide the unwanted apps from the Work profile, despite having "leave all system apps" enabled from the ZT DPC extras? Anyone has any suggestions please? Thanks!
Google Advertising- ID ( AD-ID)
Hi i´m looking for an option to disable/clear the Advertising-ID (AD-ID) on a fully managed Device, i found the KB https://support.google.com/googleplay/android-developer/answer/6048248?hl=en Is there any option to remove or clear the AD-ID from EMM/MDM side without a User action? and is there any more detail information how AD-ID is working on an managed Device? Appreciate your feedback BjoernIntune not adding PROVISIONING EXTRAS - Zero-Touch
Hi, Have an issue when linking Intune to Zero-touch. When connecting the 2, it does not add any "PROVISIONING EXTRAS" I can create it manualy, with the EMM DPC and DPC extras. When i asign it manualy it work, but when it's set to "Enterprise Default Profile" it will look at the DPC extras from intune (That is Empty) and then just ask for QR or code to the Profile. The Intune profile that is selected as default is a "Corporat-owned, fully managed user device" profile in ZT Have been in contact with Microsoft regarding this for 3 months, and they cannot help me, they only thing they can say is "The profile maybe Corrupt" and we need to create a new one. We have 250 devices added to ZT by this point Have tried unlinking, and linking after waiting 24 hours, and so on. But nothing have worked. I was hoping that someone in here can help me with this 🙃
Enhancing Android Enterprise OS Update Management
Hi, The way the Android API implements OS update management on Android Enterprise devices is not particularly useful for devices with user affinity. Are there any upcoming API changes for EMM solutions like Microsoft Intune? From my experience with the current API: AUTOMATIC – The OS update is installed as soon as it becomes available via OTA, which is not practical for real-time scenarios. WINDOWED – Similar to AUTOMATIC but with the limitation that OS updates can only be installed within a defined maintenance window. This means that if a user needs to update their device due to a software bug fixed in the latest OS version, they may not be able to do so immediately if the maintenance window is set outside working hours. Source: https://support.google.com/work/android/answer/13791272?hl=en#zippy=%2Cmanaging-system-updates-using-system-update-policies Suggested Improvements: Provide an option to control OS updates on BYOD (Work Profile only). I understand that when enrolling a device through Work Profile, only the work container can be managed via EMM. Google may need to reconsider this approach. It would be beneficial to have an approach similar to Apple’s, where EMM admins can manage OS updates (e.g., push specific updates, set deadlines, etc.) through DDM (Declarative Device Management - Source: https://support.apple.com/en-gb/guide/deployment/depc30268577/web ), even on BYOD devices (Device Enrollment) — without requiring supervision like DO (Device Owner mode). I’m aware that Samsung Knox E-FOTA exists, but it is limited to Samsung devices. Expanding this capability to all Android devices (like Google Pixel devices) would greatly improve update management in enterprise environments. BR, Marco
HELP! Enrollment Stuck on Choose Device Category
I need help. When enrolling a device on Intune, we are getting stuck on the Choose Device category page where it does not allow us to press the OK button. We have two vendors supplying us phones and the issue is happening with both vendors (devices are Pixel 8s and 9s). Please help!
