Blog Post

Intune Customer Success
7 MIN READ

Intune announcing public preview for Android Enterprise corporate-owned devices with a work profile

Intune_Support_Team's avatar
Intune_Support_Team
Silver Contributor
Jul 17, 2020
By: Shanthi Thillairajah | PM | Microsoft Endpoint Manager - Intune   Updated 6/23/21 - We have received over 49 comments on this Android preview blog post, and in those comments and occasional s...
Updated Dec 01, 2023
Version 20.0
android
android enterprise
meggerz's avatar
meggerz
Copper Contributor
Feb 05, 2021

Apologies for the length, but I'm frustrated with this and not a lot of avenues for support\info since it's in Preview.  It seemed appropriate to post here for now.

I am familiar with the COPE concept and have used it since the Blackberry10 days.  Sad to see the vendors struggle with it so much these days, it's not a new concept.  Primarily still using Knox workspace, KME, and Workspace One for this as most are Android 9, but need to get more 10 and 11.  I have a few frustrations with it and haven't even gotten very deep into it yet.

 

Seen lots of weird issues with Outlook Contacts\ Calendar.  Annoying and makes me not trust the app to apply policies correctly which I have seen as a variety of quirky problems for over the years with MDM.  I'm suspecting Outlook needs to open once to get the policies AND RESTART to apply policies. Or is there a bypass somewhere?

The config - Super simple setup - No conditional access restrictions, compliance or app protection policies in place.  Just app configuration and some basic device config (passcodes, updates control, etc.).  All permissions are set to "Auto grant" in the app policy (device based, not app based, but have tried both).  Sync calendar and contacts are on.

What happens

After installing Outlook on the work side, it tells you 1 account is available.  It completes authentication using the broker.  Calendar does not sync to native app.  Option to sync calendars is not even an option in the account settings.  App permissions (toggling on and off does nothing).  BUT, if I open Outlook the first time, do not set it up, close it, and reopen Outlook and run through the setup it works. Key difference is when I open it the second time it tells me 1 account found, but also gives me the option to "Create New account", which we do not choose.  From there it syncs without issue.  Other settings seem to be fine in general, it's primarily calendar and contact issues.

What has been tried

Have attempted with and without the "configure email account settings".  Have let it sit to update policies, forced syncs, and nothing.  Have tried to make it a required and non-require app.  Change scope, tried app based app policy and device based app policy.  And many other things I can't even remember anymore.  So strange.

 

We are primarily using Android 10.  I had to setup KME in a specific way to enroll the device into InTune when it was 11, or it would enroll as device only.  It seems proper device enrollment isn't supported unless you are using KME or Google No Touch and I'm sure I read this somewhere, but can't find it again.  Wonder if this is all related and with Stevec2085 was referring to.