Forum Discussion
MAM Broker Apps - Android & iOS
I recently tested the behavior of broker apps for MAM policies in both Android and iOS.
Android:
Initially, I started with no policy applied to the user, installed Outlook, and logged in with my corp credentials. after some time I deployed the policy to the user profile and waited for it to sync so that it would prompt to install the company portal as expected behavior, but it didn't then I installed Teams and logged in as soon as I did that policy kicks in and prompted me to Install company portal and policy deployed to the device.
iOS:
I followed the same steps as Android, however as soon as I installed Teams policy started to kick in but it didn't prompt me to install Microsoft Authenticator as a broker app.
Is this an ideal scenario? MS Authenticator is not required to push MAM policies to iOS Devices.
In both cases, The device didn't get registered and the device entry was not shown under the user's devices.
- micheleariisSteel Contributor
Lokesh_Kalidasan Hi, yes, the behavior you observed with Mobile Application Management (MAM) policies on Android and iOS devices is aligned with how Microsoft Endpoint Manager (Intune) typically manages MAM scenarios.
Android: Requires the Company Portal app as a broker for MAM policies to apply. The behavior you saw is consistent with how MAM policies are triggered.
iOS: Does not always require Microsoft Authenticator as a broker for MAM policies, as MAM policies can be directly applied to supported apps like Teams or Outlook.
Device Registration: MAM policies do not register the device in Intune; they only manage app-level data protection and settings.
- Lokesh_KalidasanCopper ContributorBut in both the categories, the device didn't get registered, at least here in Android it should be registered right, but that also not happening here
- rahuljindal-MVPBronze Contributordidn’t get registered where? Intune? Devices won’t register in Intune under MAM.
- johnm650Copper Contributor
what are the challenges that you encounted
- Lokesh_KalidasanCopper ContributorI saw the above behavior in my PRD but it's not identical between the environments, If MAM devices are registering in PRD what causing them to do it?
And also I have this behavior of Making Outlook as a Device Admin app in my production env (Maybe a policy / Setting from Exchange can do it)
What are the factors that can cause the device to be registered in Intune, when they utilize MAM?