Move to Setup Assistant with Modern Authentication for Automated Device Enrollment

---

Here's the scenario: User’s automated device enrollment (ADE) through the Company Portal isn't enforcing Single App Mode for devices running iOS/iPadOS 14.6 and later. What this means is that if you select single app mode, and the device runs into this issue, instead of just showing the Company Portal during enrollment, it’s allowing full access to the device, such as the Home Screen and App Library. Users could go to a browser, for example, and access web resources. Any user-targeted settings will not be applied until the user authenticates using the Company Portal. If devices go to sleep while in this state, they may appear to freeze by no longer accepting input through touch or button press.

---

Intune_Support_Team I am currently experiencing this exact issue even though people say it has been fixed with later iOS version. Running iOS 16.4.1 and still getting the freezing / single app mode not automatically running unless force restart. Is there something that needs to be configured in order for this to work?

I am torn because the 'Setup Assistant w/modern auth' method works great, but Zero-touch onboarding of MS Defender app does not work with this authentication method. So if I can get the Company Portal method working properly I will switch back so I can have Defender onboard silently. Please let me know if how to fix this freezing/single app mode issue.