Jan 13 2020 09:38 AM
Hi All
On a recent UAT, it is noticed that:
User's can delete Company Portal app on DEP / ABM Supervised Devices.
Is this by design? Any way to prevent this?
Regards
Jan 14 2020 11:30 AM
@StuartK73 You can configure "Block app removal" in the restrictions policy to block the removal of apps, but this takes effect for all apps on the device. Instead, I've configured Comp Portal as a required VPP app (device license), so if it's removed by the end-user it will reinstall. This has been the better option for our organization.
Jan 14 2020 12:29 PM
Hi Buddy
The Block App removal may be ok.
Anytime I set the Intune CP VPP app to auto deploy from Intune a "Guided access unavailable" error appears on the device. Remove Intune CP VPP assignment and it goes away.
Any ideas?
Jan 14 2020 05:56 PM
Hi @StuartK73,
Do you have "Run Company Portal in single app mode until authentication= YES"? Change it to NO and see if you still see the error.
In addition to Block app removal, use lock enrollment to disable users from removing Management profiles from Setting.
Moe
Jan 16 2020 01:14 PM
Unfortunately the CP in Single App Mode is a client requirement as well as the CP not being removed from the device.
Does enabling the CP in Single App Mode and a Required deployment of the CP VPP app work nice together? Does the "Guided Access Unavailable" message eventually go away?
Jan 17 2020 11:39 AM
Solution@StuartK73 Having Company Portal set as a required VPP app works well for enforcing automatic app updates. According to Microsoft the message should go away after about 45-60 seconds. Apparently they have a feature request in with Apple to customize the message (last updated 9/21/18).
Jan 17 2020 11:39 AM
Solution@StuartK73 Having Company Portal set as a required VPP app works well for enforcing automatic app updates. According to Microsoft the message should go away after about 45-60 seconds. Apparently they have a feature request in with Apple to customize the message (last updated 9/21/18).