Forum Discussion
Android Fully managed enrollment
Hi, i am trying to enrol Android devices as Enterprise Corporate owned fully managed. I have successfully managed this using the Samsung A10, A32 and A33 devices but some users in the field using the...
Hi,
I would start checking two parts:
- Is there a Conditional Access policy that checks for Intune enrollment, you can search the Conditional Sign in logs to see if and what Policy is applied to the devices: https://learn.microsoft.com/en-us/entra/identity/monitoring-health/how-to-view-applied-conditional-access-policies#view-conditional-access-policies-in-microsoft-entra-sign-in-logs
- Are they hitting the right Platfrom restriction Policy that allows Android Enterprise? You can find this Device > Android >Android Enrollment > Enrollment Restrictions.
I would start checking two parts:
- Is there a Conditional Access policy that checks for Intune enrollment, you can search the Conditional Sign in logs to see if and what Policy is applied to the devices: https://learn.microsoft.com/en-us/entra/identity/monitoring-health/how-to-view-applied-conditional-access-policies#view-conditional-access-policies-in-microsoft-entra-sign-in-logs
- Are they hitting the right Platfrom restriction Policy that allows Android Enterprise? You can find this Device > Android >Android Enrollment > Enrollment Restrictions.
Hi
I don't believe any conditional access policy exists yet but i'll need to reach out to someone who can confirm that, but there are no Android Enrolment restrictions - just the default all user for Android as well as the others.
Another note, i checked under devices > monitor > enrolment failures and i can't see anything relating to the user or their device in there either.
I don't believe any conditional access policy exists yet but i'll need to reach out to someone who can confirm that, but there are no Android Enrolment restrictions - just the default all user for Android as well as the others.
Another note, i checked under devices > monitor > enrolment failures and i can't see anything relating to the user or their device in there either.
- I would definitetly make sure no CA Policy is getting in the way. It is happening after authentication (successful means the username password is accepted but there are more conditions that is blocking) so CA is suspect.
But you never encountered this problem yourself, this is only for users that are in the field?SebastiaanSmits that's correct, works perfectly fine on my test devices and some users in the field, whilst other run into this problem. Just waiting for an admin to jump on and check the CA.
- Hi, just checked and my admin has told me that no conditional access policies exist.