New policy implementation and web enrollment for Android personally owned work profile

So in principle, this sounds really good! But in practice, it's not been a good experience for me on iOS, so I'm hoping it's not as bad of an experience.

On iOS devices, the enrollment of the device works fine... it downloads the profile, applies my config profiles, and installs required apps just fine. The problem is that it's only partial, because all of the MAM App Protection and App Configuration profiles do not get applied correctly. I also experience issues where the Intune device appears but is linked to an "all zero" Entra device object ID that obviously doesn't exist. I even re-ran the entirety of the current learn.microsoft.com instructions to validate that I had things configured correctly including the SSO sign-in pieces.

It's possible that my own implementation is a factor here, I don't intend to suggest otherwise, but I'm just pointing out that it's not been working as I would expect. My current configuration is device enrollment with company portal, and it successfully allows for both MAM-only for Edge, Outlook, and Teams (that blocks everything else) on personal devices but also enforces Intune enrollment into MDM for anything beyond those 3 apps, and always requires enrollment for Company owned devices.

So, bottom line, I hope the Android implementation is better than the current iOS implementation.