Forum Discussion

PatrickF11's avatar
PatrickF11
Steel Contributor
Apr 18, 2019

force enrollment on android device

Hello,

 

i'm facing the following behavior and try to understand why this happens.

When a special user is signing in to Outlook for Android the following message appears:

 

"Help us to ensure the safety of your device.

To continue, you need to install the Intune Enterprise Portal App and register your device. This app helps you better protect organizational data."

 

I have no idea, why the device seems to be enforced to register in Intune. All the other devices in our company behave normal. (normal in my understanding ;)

Normal means: App Protection Policies are applied when using e.g. Outlook on an unregistered device.

 

Any idea is appreciated. :-)

Patrick

  • PatrickF11  You can sign-in to the Company Portal app on a device to register it, just don't complete the enrollment. There should be an option to "postpone" after signing-in. The Authenticator app is no longer required on iOS to enforce app protection policies, it is enforced by the mobile apps themselves.

    • PatrickF11's avatar
      PatrickF11
      Steel Contributor

      eglockling Just to make it clear to me:

      When i use an Android device and i did not have the Company Portal app installed, no app protection policy is applied? And: To apply the app protection policy the user is forced to install the intune company portal app. (no need to register within the app, right?)

      So that means, once i have app protection policies set up for android devices, no user is able to use e.g. outlook, until he/she has the intune company portal app installed, because the Outlook app is covered by an app protection policy, right?

  • That is confusion reported to Microsoft log time ago.
    On iOS user will be asked to install MS Authenticator ap which is ok.

    But on Android they asked to use Company portal which is confusing. I already faced an issue with users who saw message to install Intune app an just aborted configuration because they didn't want to enroll phone. So on Android it is really essential to explain difference between Device Registration and Device Enrollment.

    • PatrickF11's avatar
      PatrickF11
      Steel Contributor

      Alexander Vanyurikhin You're right, that is really confusing..

      What do you mean with "difference between Device Registration and Device Enrollment."

      How can i register a android device without enrollment? Or do you mean: When the user only has the company portal app installed and not configured, this is registration. When the user has signed in to company portal app and went through the process, the device is enrolled.

      • eglockling's avatar
        eglockling
        Steel Contributor

        PatrickF11  You can sign-in to the Company Portal app on a device to register it, just don't complete the enrollment. There should be an option to "postpone" after signing-in. The Authenticator app is no longer required on iOS to enforce app protection policies, it is enforced by the mobile apps themselves.

Resources