Add a policy to prevent device unenrollment from Company portal
Companies provide devices to their employees and generally wants to make sure that these devices will always remain managed through Intune. It could be interesting to have a policy that prevent users to unenroll a device identified as a company device from the Intune company portal.
I can confirm that we have this on our plan for early in 2020/ Thanks for your patience!
"on our plan for early 2020" It's late 2021... where's the feature???
Any word here? we still have employees offboarding themselves. Hiding the accounts page is not really an option in case their work school account needs attention
James Read commented
Mårtin W commented
Policy seems to be there but unfortunately not working yet:
It possible to assign the Company Portal App to users and setting it with an option to not be removable. Unfortunately it's removable on iOS 12.x nevertheless.
Is it for just working for newer releases? Or is there a different place to set up this functionality rather then in the App assignments section?
Salih Zengin commented
We have 2021. Btw
[Deleted User] commented
still waiting for this.... basic stuff really..
can't understand why this is still not fixed
seems more like late 2020..
To uninstall or deactivate the account from this app is really frustrating..
How to do that to use new company"s account with it???
It is possible for iOS and iPadOS ind Intune 2003 Service Release (March 2020) - https://docs.microsoft.com/en-us/mem/intune/apps/company-portal-app#device-enrollment-setting-options
But why not for Android?!
Janet Stam commented
Any update on this one? Is there a new expected release date?
Aaron Couch commented
I saw that new Company Portal device enrollment settings were added as part of the Intune 2003 Service Release (March 2020) - https://docs.microsoft.com/en-us/mem/intune/apps/company-portal-app#device-enrollment-setting-options
However, this new Comp Portal setting equally impacts the Company Portal on both iOS + Android. Would it be possible for Microsoft to allow distinct Company Portal settings for Android vs. iOS?
Checkout this new MDM tool we are using, they have 1000s of built in policies including preventing user to unenroll.
Vadivelu Balusamy commented
Cathy, We didn't find any roadmap in MS portal as of now.
i'm very happy that you put this functionality in the app/ intune policy's. honestly i didn't expect a reply on this topic after 4.5 years :-)
This is a must have feature! Please take this seriously.
Davide Gatti commented
4 years and no certainty if this features will ever be created ......
As already mentioned this is available in AirWatch. We desperately need to be able to prevent users from un-enrolling devices.
For supervised iOS devices, we should be able to see the status of the Company Portal installation and initiate the installation of Company Portal if the app has been removed.
We use DEP and VPP to manage devices and push the Company Portal installation when a phone has completed setup assistant.
Once a user has been enrolled in Company Portal and receives the profiles (Restrictions, Mail, Wifi, etc), if Company Portal is later uninstalled, those profiles should be removed.
Michael van Ee commented
This would save a lot of time and irritation in the ICT department. There are always users who don't like "ICT" or need extra space on there smartphone, and just delete the company / work-apps. And sometimes updates can also cause problems with the membership of Intune. This policy would be a nice gift for the holidays.
Agree this prevention is required, and concur this needs to be implemented for supervised corporate devices.
In addition to the comments already made, as I can't see this specific item mentioned (specific to iOS):
There also needs to be a policy to prevent a user from removing the Comp Portal app at all. We can stop icons from being re-arranged but not uninstalled. System apps such as Messages & Photos can't be removed (General > iP* Storage > Comp Portal > Delete app)
In our example, we remove the ability to factory reset, so if the user removes the portal app, the device can no longer be reset (or at least not very easily). For some of our kiosk devices this effectively bricks a device.
Please include this as part of the above functionality.