Support for Chromebook/Chrome O/S devices so they can be managed in BYOD scenarios, i.e. setup for Wireless, mail profile, security etc...

Is it possible to get Intune to allow Android for Work to be setup in Device Owner Mode? Possibly with the App and NFC "bump" to setup the config.

This possibly one of the requirement from within the NCSC guidance (https://www.ncsc.gov.uk/guidance/eud-security-guidance-android-6)

This doesn't currently happen and is apparently "working as designed"

We should be able to locate a lost or stolen Android device.

Disable installation from unknown sources using Intune policies on Android devices. Android OS has an option where user can disable unknown sources so they can install THIRD PARTY apps.

setting--> General--> Privacy--> security-->under Phone Administrators -->Unknown sources

Unknown sources should be disabled for security purposes.

These apps are not tested and can control viruses hence should not be allow and is NOT on the official PLAYSTORE.

We need an option from the console for Admin to disable this option so user cannot change and allow unknown sources to be install onto the company's devices.

When Intune Compliance or MDM policy is applied to Android Devices, pattern unlock is disabled. Please add Allow Pattern Unlock to the list of password options.

https://docs.microsoft.com/en-us/intune-classic/deploy-use/android-policy-settings-in-microsoft-intune

Android devices must be able to have their proxy setting set when a wifi profile is rolled out.

We need ability for each user to reset their Android for work (workspace) through portal.manage.microsoft.com. If this can't be done, there should be a way to set up automatically in portal.azure.com.

Please support setting up Android for Work with G Suite managed accounts.
https://support.google.com/work/android/answer/6174046?hl=en&ref_topic=6174026#bind_third_party
https://developers.google.com/android/work/setup#google_accounts

At the moment we (IT) have to setup android devices manually and then get the user to enrol to intune.

This is proven difficult to managed and the enrolment rate is only %75.

is there a better way to pre enrol or bulk enrol devices ?

To successfully access O365 Resources via the Managed Browser when Conditional Access is in place, Android users must manually go into the Company Portal settings > and Enable Browser Access which install a Work Account certificate used to successfully pass Conditional Access via the Managed Browser (and other apps with the Intune SDK integrated, such as SAP Fiori). This is a request for administrators to have the option for this certificate to install automatically during Android enrollment (or at least prompt the user to install it during enrollment), so no manual action is required by the end user.

New Knox version imposes changes:

1. Cannot drag out any icons to the home screen from the Workspace folder.
2. Cannot change the name of the Workspace folder. Could change name of the folder in Knox 3.0.
3. Company portal running on the phone. When I download and try to install the Google Gboard keyboard it would download but blocked from installing. See below. Other keyboards the same thing.

It would be very great if you could provide the possibility to create a devicename for android devices in the Management console. It doesn't even have to be the real devicename what is normally something like android_ab34jfjf .... . We are using a naming concept for each device we rollout, for IOS this works fine but Android enrollment now creates a real mess. It would be just enough if you create a new variable which is editable in the App ( during rollout) and shown in the management console

Widgets are not available on our BYOD managed Intune devices. There does not seem to be settings in the restriction profile to manage widgets. Our users have been very vocal about the loss of mail and calendar widgets unde Android Enterprise Management.

Thank you

Hi All,
I have discovered using a custom Android Policy I cannot block certain android apps / packages on devices that do not support Samsung Knox.
Does anyone else have this issue? I have recently moved from another MDM solution where I could and very disappointed to find I cannot do this?

Please support my request for this to be added.

Thank you

When you reset a passcode on an Android device, the new temporary passcode is WAY too complex: 15 characters and multiple special characters. It is just a temporary passcode for a mobile device, not a passcode to launch nuclear missiles! :-)

Make this temporary passcode much less complex. You could use e.g. the same mechanism that AAD uses for passwords to new user accounts:

Pass1234

(A capital letter + 3 small letters + 4 numbers).

This kind of temporary passcode is so much easier to enter to a mobile device.

Outlook is great but the native Android email profiles allow great contact integration. Would love to offer up the option and support selective wipe for Android.