Forum Discussion
Android - Corporate-owned devices with work profile - Screen lockout time
Hi, I have an issue with some Android devices managed via Intune. These devices are enrolled as "Corporate-owned devices with work profile". Initially, the devices have been enrolled with a spe...
Hi Ruud,
Initially I have adjusted the existing settings.
This, however, didn't do anything.
I have then created a new configuration profile with the desired settings.
Excluded the devices I'm testing with from the initial configutation profile and assigned it to the new profile.
I can clearly see that the devices have this new configuration profile applied. Not the old one. Only the new profile.
Clicking on it shows all green checkmarks and each setting is applied.
I obviously did sync the policies in the Intune app. But as this is already going on for weeks there is also a lot of time passed in between 🙂
What does work though is if I wipe the device and onboard it from scratch with the same configuration profile and same policies. Here I do see the desired options in the Security settings.
The settings are just not "unlocked" on devices that are already onboarded. The policy is exactly the same.
I can even reproduce the issue.
I have created a new enrollment profile, created a dynamic Azure AD group to add devices to which are onboarded with that profile.
Set the device restriction to how I don't want it to be. (as before).
Then, after device is onboarded I changed the same policy to my desired configuration, but nothing changes on the devices.
If I would onboard again with the desired settings in place, the options would show correctly.
So, as far as I can see, in the testing I've done in the last couple of weeks...
Once onboarded and once the settings are applied, you can pretty much do whatever you want with the configuration profile (device restrictions). Nothing will be applied to the devices already onboarded.
I have even opened a Premer Support ticket with Microsoft. They found it odd, but at the end said that they cannot guarantee that Intune will work on all Android devices.
To mee this seems like one of the most basic features that should just work.
If this doesn't work, you basically don't have any management capabilities.
Yes, you have the option to wipe the devices. And that's about it.
That is why I opened this community post in hopes that someone has more experience with it than me and might push me in the right direction.
I can't imagine that such a basic thing doesn't work.
Initially I have adjusted the existing settings.
This, however, didn't do anything.
I have then created a new configuration profile with the desired settings.
Excluded the devices I'm testing with from the initial configutation profile and assigned it to the new profile.
I can clearly see that the devices have this new configuration profile applied. Not the old one. Only the new profile.
Clicking on it shows all green checkmarks and each setting is applied.
I obviously did sync the policies in the Intune app. But as this is already going on for weeks there is also a lot of time passed in between 🙂
What does work though is if I wipe the device and onboard it from scratch with the same configuration profile and same policies. Here I do see the desired options in the Security settings.
The settings are just not "unlocked" on devices that are already onboarded. The policy is exactly the same.
I can even reproduce the issue.
I have created a new enrollment profile, created a dynamic Azure AD group to add devices to which are onboarded with that profile.
Set the device restriction to how I don't want it to be. (as before).
Then, after device is onboarded I changed the same policy to my desired configuration, but nothing changes on the devices.
If I would onboard again with the desired settings in place, the options would show correctly.
So, as far as I can see, in the testing I've done in the last couple of weeks...
Once onboarded and once the settings are applied, you can pretty much do whatever you want with the configuration profile (device restrictions). Nothing will be applied to the devices already onboarded.
I have even opened a Premer Support ticket with Microsoft. They found it odd, but at the end said that they cannot guarantee that Intune will work on all Android devices.
To mee this seems like one of the most basic features that should just work.
If this doesn't work, you basically don't have any management capabilities.
Yes, you have the option to wipe the devices. And that's about it.
That is why I opened this community post in hopes that someone has more experience with it than me and might push me in the right direction.
I can't imagine that such a basic thing doesn't work.
Hi Aldin,
hopefully someone else has some additional insights. Unfortunately, I don't have any extensive experience with CAT devices.
Regards,
Ruud
hopefully someone else has some additional insights. Unfortunately, I don't have any extensive experience with CAT devices.
Regards,
Ruud