Nov 11 2021 11:25 PM
Hi together,
i set up Intune for our Company (iOS Devices).
I set up Push Certifikate, Token for Enrpllment Program and set up the Profile for Registering.
On our Macbook i send the Device from Apple Configurator 2 to Apple Business Manager and change the MDM-Server to our Intune.
On the Enrollment Program i set up the Profile and selected the option "Locked Environment = Yes".
After sync the Device from Apple Business Manager to Intune my device will be set up with all the selected Policies.
When i intsall the phone, the Remote Management Info is coming an everything works.
But when i will be uner Settings->General-> VPN/Remotemanagement i can delete the Remote Management.
By Removing the phone will be deleted and the Device will be deleted from the Business Manager.
Someone know how the Phone can be delete himself the Device from Apple Business Manager? And why the Phone can be deleted? Someone know something about the Issue?
Thanks & Best Regards,
Philip
Nov 27 2021 05:19 AM
Hi @RauschNauti,
As i understand your question correct, you want to achieve that an user cannot remove the Intune management profile of their managed iphone?
To block the unenrollment you can change the following setting in the Intune portal
Intune portal -> Tenant Administration -> Customization -> Edit settings
Change hide remove button on corporate iOS/iPadOS Devices. The end user cannot remove management within the company portal.
Also you have to set the following setting in a device restriction profile
Intune portal -> Devices -> configuration profiles -> Device restriction iOS
Add block configuration profile changes.
Please let me know if this fix your problem and mark my answer as a solution.
Kind regards,
René
Nov 28 2021 10:49 PM