Copy-paste issue (COPE)
Hello Everyone, I have a slight issue with copy-paste on Corporate owned, personal enabled devices (COPE) managed via Intune. To put it simple - people can copy text from work profile to personal. Happy to be pointed to the basics if I missed something obvious, but I feel stuck. Intune configuration for COPE devices has 2 values: "allow" or "not configured" (not helpful). I had support cases open with Microsoft and Samsung, but former blames OS defaults, while latter blames Intune (not helpful). I couldn't identify the setting in OEMConfig (Knox Service Plugin), so got Google Enterprise account, configured it for Zero Touch enrolment using Intune token and realised that I was looking into "crossProfileCopyPaste" control and don't have a clue how to use it in DPC extras and if that's even possible. Is it possible to use AMAPI with Intune management? If yes, does anyone have any examples? What are other ways to restrict copy-paste from work profile to personal? I find it difficult to believe I'm the only one having the issue. Thank you in advance
Widgets on COPE - MS Intune
Hey, Unfortunately there are no settings and/or no chance configure Widgets on COPE in MS Intune. There is specific setting in Intune restrictions config profile to allow/disallow Widgets for BYOD method. Is this problem tied only MS Intune or is this something for Google? Majority of our 10k fleet enrolled as COPE and it's a big gap not having widgets available for Work Apps. Thanks JarmoSamsung Secure Folder and DUAL messenger features - not available in COPE
Dear community, hope everyone had lovely Christmas time! I just wanted to raise one issue you also might been run into. It's about Samsung Secure Folder and Dual Messenger features on COPE enrolled devices. Unfortunately these features are not available in COPE enrolled Samsung devices. We used to have all 10k fleet enrolled as BYOD and Secure Folder/Dual Messenger features were/are available. Now only personal owned devices are enrolled as BYOD and corporate owned devices are enrolled as COPE method. Unfortunately there is no setting available for us to make this work on the COPE enrolled devices on EMM side. According to Samsung, they have not updated Secure Folder software in 5 years and and don't necessarily expect we will get any update. The "error message" is very misleading: "Security policy prevents the installation of Secure Folder". Because there is no security policy setup in EMM (Microsoft Intune) for this feature. It's just pure Samsung thing. As mentioned... Samsung Secure Folder solution does not work on COPE enrolled Samsung devices but nice surprise is that on ThinkPhone (Motorola) , Secure Folder works even on COPE. This also implies that Samsung really could make it work if they wanted to put in the development effort, as it is not totally restricted by the Android Enterprise architecture of COPE since the ThinkPhone is able to do it. But so far Samsung does not seem to still support this app much. More on this topic from here: https://communities.vmware.com/t5/Workspace-ONE-Discussions/Android-Samsung-Impossible-to-enable-Dual-Messenger-feature-or/td-p/2260737 -jarmoblokking apps on private section using COPE profile with Intune
We have a use case where we use Android devices that are corporate-owned but also personally-enabled. Within our ogranisation, we want the capability to trace and block apps. However, this is currently not possible because the apps are installed in the private section. Is there a way to achieve this in the private section? We are using Microsoft Intune as our MDM (Mobile Device Management) environment.
Intune COPE Device - Google Calendar crashes
Hello everyone, We have the problem that when I want to make the Google Calendar app available on a COPE device, it crashes after the welcome screen with the message "action not allowed". On Work Profile Only/BYOD it works without any problems. Are you aware of this problem? Could this be related to Intune automatically/default blocking the Google accounts in COPE? Thanks, Regards, Daniel
SMS in Work Profile Error
I have COPE setup with Intune and getting an error when opening the native Samsung messages app (work profile). The app does not open and only encounters the following error: messages can only be used by the owner of the device. This Google article states that it should work by sending through the default sms app in personal profile. Has anyone come across this?