Android 15 - Cannot set default password app
We use Microsoft Intune to manage devices. For the devices which have upgraded to Android 15, the end users can no longer select Microsoft Authenticator as their default application for auto filling passwords. I cannot find any settings in Intune to allow it. All devices are fully managed corporate owned devices. The devices are all Google Pixel 8 or 8a devices. Is this a bug in 15 or am I missing something?Sporadic problems with Managed Google Play after enrollment
Hi! We had problems with a few devices after enrollment today. The Managed Play Store did not work properly. Restarting and waiting seems to help. Symptoms Empty collection in Managed Google Play Spaceship error, because supposedly no apps were made available Installation commands from the UEM did not work in some cases Apps assigned in UEM cannot be found in Play I was only able to reproduce the problem in one of 3 attempts. A few automatic app installations worked for me. However, it was not possible to search for the apps manually. Restarting the device and then waiting a while seems to help. However, a colleague had a strange error in Managed Google Play after a restart when he tried to install an app manually. "The item you want to buy could not be found." However, it is not a purchased app or an app with in-app purchases. Is anyone else currently having problems with Managed Google Play?
Recent Android change regarding Wifi configuration
Hi everyone, I just want to share the current situation we are leaving in my company and that could be interesting for other Android customers as well. With the Android security update released in May 2023, Google has changed some requirements to connect on a corporate Wifi. The "domain" value has now to be filled in the Wifi profile that is pushed on the device, otherwise the profile will not install on the device and the wifi connection will fail: https://developer.android.com/guide/topics/connectivity/wifi-suggest "The framework enforces security requirements on TLS-based Enterprise suggestions (EAP-TLS, EAP-TTLS, and EAP-PEAP); suggestions to such networks must set a Root CA certificate and a server domain name." This change was not communicated to our EMM vendor or to us and we started to have a lot of device that were impacted. Moreover our EMM vendor was not supporting this additional parameter in the console UI and we are in the way to upgrade our platform to finally have this support in the very last version released this week. I don't know if we could be warned in advance regarding such kind of change in the community because it has very huge impact for us and I guess for other customers. Luc
Play Protect Blocking Custom DPC Apps — How to Get Approval or Alternatives?
Hi everyone, I'm a developer who helps enterprises build custom DPC (Device Policy Controller) Reference Documentation apps to manage Android devices based on their unique requirements. Recently, Play Protect has started blocking the installation of custom DPC apps, even when these apps are signed and used internally. The warning claims the app may pose a risk due to access to sensitive data - even though it's strictly for enterprise use. To make things more difficult: Google is no longer accepting registration of custom DPC apps with Android Enterprise, which limits official distribution and management options. Android Management APIs don’t support all use cases, and also have quote limit. I’ve applied twice to join the Android Enterprise portal to build a SaaS-based device management platform, but both requests were rejected without a clear reason. My questions for the community: Is there any official way to get a custom DPC app approved or whitelisted by Play Protect? Are there any alternative ways to manage Android devices at scale (outside of AMAPI or legacy EMM)? How can new developers or startups gain access to Android Enterprise features when onboarding is currently restricted? Any help, direction, or shared experience would be greatly appreciated. Thanks, KulwinderManaged Play Store keeps asking for Google Play services Update
Hey! I noticed a little bug today and wanted to ask if anyone else is experiencing this. With the update to Play Store 46.1.37-31 [0] [PR] 755161904, a push message informs you that Google Play Services must be updated. With a COPE device, this only occurs in the work profile. Even if Google Play Services is updated to the latest version (25.18.33 (190400-756823100)), the message appears as soon as you open the Managed Play Store. Lizzie Is there anything known here? The Managed Play Store works normally despite the warning in the push message. I would also have logs if required.[Community survey] Android App Management features and security
Hello everyone, We've had a couple of surveys this month, so I hope you don't mind another. Here in the Customer Community, one of our most popular topic areas is on app management, so I'm hoping this survey is an interesting one for you all. 🤞 It would be great to hear your thoughts and ideas on ways you would like application management features and security to develop further. If you have a spare moment, please take the short survey below and if you have any additional questions, please to reply to this topic below (by clicking 'Reply'). All of the feedback will be passed over to our Product team. Feel free to share this with any colleagues or others working in this area, as it would be great to get a good amount of feedback around this. Thank you in advance for taking the time to do this. 😀 Lizzie Loading… Interested in other surveys? It would be great to hear your feedback on AE secure logs.[Enhancement Request] Allow push notifications during OOBE setup process
Android does not allow any push notifications during the OOBE (out of box experience) setup process. This presents challenges during Intune enrollment because we require users to satisfy MFA (SMS or MS Authenticator) in order to complete Entra AD device registration and device enrollment. The inability to receive push notifications on the new Android they are configuring requires users to configure their MFA on a secondary device before starting the setup of the new device, or obtain a temporary access pass from our Security Team. If OOBE supported push notifications it would resolve this and provide a much simpler and easier enrollment/user experience.
(COPE) Hide app in work profile
Hello, I have a small case I'd like to submit to the community for help please. A customer use Mobile Iron, and use Zero Touch to enroll our Android 14 products. In their DPC extras, they enabled the system apps and need to keep that way: "android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED":true, "android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE":{ "workProfileEnabled": true, "quickStart":"true" } Now after the device is enrolled, the Work profile is filled with bunch of apps including unwanted ones like Netflix, Adobe, YT kids, ... From Mobile Iron, they want to hide/disable some apps, using "setApplicationHidden" but it doesn't work. At OEM side, we tested this API with the Test DPC and it works properly. My thinking was that as we are in COPE, and the apps that the customer wants to remove are from the Personal space, then this is not working as the MDM cannot interact with Personal space content. Does this make sense? Are there a way to hide the unwanted apps from the Work profile, despite having "leave all system apps" enabled from the ZT DPC extras? Anyone has any suggestions please? Thanks!
