Intune - Swapping Managed Google Play Account with Devices enrolled in Device Administrator and AOSP
Hi All, My Intune environment is connected with an old-school gmail.com account - i access the managed store page by going to https://play.google.com/work to approved apps / etc. - This was an old solution that saw little to no use. We're now looking at requiring Intune enrollment on our android devices and it'll get a ton of use once we do that. I'd like to upgrade my account to an Android Enterprise account, but it looks like to do that I'll need to disconnect the Managed Google Play account from Intune. My understanding is that I will need to un-enroll all my android devices from the tenant before doing that. For personally owned devices with work profiles, that's not a problem - we only have 3 PoC users that I can unenroll. The only other two enrollment options we use are Device Administrator (For Yealink teams phones...) and AOSP (For.. newer.. Yealink teams phones). Will disconnecting Managed Google Play affect the enrollment of Device Administrator or AOSP? Thanks!Issues Intune and okta enrollment
Hi all, I could use some help or guidance from someone who has experience with using Okta as IDP and Intune as MDM. The problem: When going trough enrollment (COPE), the Intune login page shows up. When entering the email, it forwards to Okta as it should. But after verifying with Okta, you should get back to a Microsoft confirmation but instead it shows a page not found error. It used to work, nothing has changed as far as we know and the issue is present on devices ranging from Android 13 to 15, different brands but mostly Samsung. Apple and Windows enrollment work as expected, no issues there. I can't find any related logging details in Intune and lack the knowledge of Okta (will add a support ticket there as well). So i'm kind of lost as to what is happening. Where do I need to look for the return URL for example? There are multiple Azure enterprise apps but i'm not sure which one to check and don't want to mess to much with this. Thanks!
ANDROID 15: Problem with unlock code expiry in COPE mode
Hello, Our users' Samsung smartphones are enrolled in Intune in COPE mode. We have a configuration profile that requires a device unlock code with an expiration time. We haven't configured a code for the work profile, so the One Lock setting is enabled by default. In Android 15, following the expiration of the unlock code, the user is now required to change the unlock code. However, once they do so, when they launch an app in the work profile, the smartphone also asks them to change the work profile code. I don't understand why the smartphone is asking to change the work profile code when the One Lock setting is enabled. Is anyone else having the same problem? Benjamin
Android Enterprise work profile does not support wearOS yet
Hi, We recently moved to android enterprise with work profile (using Intune) for all of our android users. And we just found out that with android enterprise with work profile does not support wearOS yet so that our users cannot add their corporate email account (O365) to the outlook app on their samsung watch or pixel watch. we tried to contact microsoft about this and microsoft said that this is not up to Microsoft but it is up to Google Android whether they would like to support wearOS for work profile. Can Google confirm if they would like to provide some support for work profile in the future for wearOS as well? I know that any development of newly feature in android system are fully confidential but it would be good for android end users to know if Google has a plan to support this in the future or not.
Tenant has been unbound from Google Play console (Intune)
Hey @Community, we have a strange issue with out MDM (Intune) - It seems like, the link between Intune and Google has broken. Trying to enroll new devices are failing with "Invalid code". Trying to add new applications via "Managed Google Play" fails also with the message "Tenant has been unbound from Google Play console". Intune-Support says, that we need to contact Google, but there is no option for creating a case. So we decided to write you here (and hopefully you can help us ;) ). We still have the access to the used Google-Account.
DPC Extras issues
Hello, I hope you're doing well. I'm reaching out for assistance on an issue I'm experiencing with DPC extras on ZTE devices. Is there a method to implement DPC extras without using a QR code? It appears that even when configuring ZTE with DPC extras, some functionalities do not activate. Additionally, several design elements seem less than optimal. For instance, if you do not use a QR code before selecting the language—which, ideally, should be sourced from the DPC—there's an option presented to transfer data from another device. This option seems inappropriate for a company-owned device. Could this be improved? The next screen prompts a WiFi connection. Using a QR code skips this step, but users still need to manually confirm the WiFi connection. Could this be streamlined? Is it possible to enroll a device as an admin, reset it, and have the DPC extras from the QR code persist on the device until it connects to WiFi and verifies its management status? It seems everyone is adding devices to ZTE for security reasons, particularly for stolen devices, yet the reliance on QR codes adds unnecessary complexity. Could this process be made more user-friendly?Intune - Cannot change screen lock timeout
Hello community, I'm writing this post 'cause I'm facing a strange issue with the lock screen setting on our AE devices managed from Intune. The configuration policy was created by my predecessor years ago, and was configured for lock teh screen after one minute. Everything working and all happy. Then I got the request for create an exception group for that, and everything I tried failed. I tried to change the global policy to 5 mins, but it did not worked, and the maximum lock screen time is still one minute. Also remove the setting at all and left it Not Configured didn't had any effect. Then I tried to disable One Lock. With this I was able to change the system lock screen settings but on Settings - Security and Privacy - More Security Settings - Work Profile Security - Use one lock I cannot set anything longer than one minute. Pretty sure this is coming from somewhere in Intune, but also involving Microsoft and sending them the verbose logs wasn't enough. Did any of you ever encountered a similar issue and found a solution? Many thanks in advance for everyone that will try to help.
Known issues with Android System WebView 139.0.7258.160?
Hi everyone we have some reports about OAuth2 Login issues on Android devices with Microsoft Conditional Access rules. Some device (very small amount) are not able to login to some specific apps where the OAuth Login is being made with an embedded Browser session. During investigation we found out, that all users are on Android System WebView version 139.0.7258.160. Users without issues are running 139.0.7258.158. We don't know whether this is the issue but I wanted you asked whether other admins here are having similar issues in the last couple of weeks. Are there any known issues about certificate based logins with Android System WebView currently? Thank you! Kind Regards Daniel
