We should be able to locate a lost or stolen Android device.1,520 votes
Support for Chromebook/Chrome O/S devices so they can be managed in BYOD scenarios, i.e. setup for Wireless, mail profile, security etc...1,312 votes
On Managed Devices we cannot enabled Google Backup. Users add their own Google account in the Play store and want to create/restore backups.343 votes
Is it possible to get Intune to allow Android for Work to be setup in Device Owner Mode? Possibly with the App and NFC "bump" to setup the config.
This possibly one of the requirement from within the NCSC guidance (https://www.ncsc.gov.uk/guidance/eud-security-guidance-android-6)302 votes
Hi, if you caught our announcements at Ignite, we announced that we will support device owner mode for Android fully managed corporate devices. It will preview by end of year. Check out our EMS blog for more info
So we’ll call this “started”. :-)
Also, we’ve been supporting Android kiosk mode since July.
When a device is configured with Android Enterprise and the Microsoft Managed Home Screen in kiosk mode (as per here https://docs.microsoft.com/en-us/intune/android-kiosk-enroll), it is not possible to deploy LOB apps to these devices. If apps are sideloaded manually, they're automatically deleted by the device policy.
Being able to deploy LOB apps (or creating a whitelist) for Android Kiosk devices would allow Android Kiosk mode to be used to its full potential.284 votes
I was talking with our Android team about this one. They said “This is already supported. However LOB apps must be deployed by either uploading through the Google Play iFrame in Intune or using a dev account for Google Play.”
Does that satisfy the spirit of the request?
Would be great to add support for the Fully Managed Device with Work Profile solution set as I am seeing lots of requests for this. Intune is one of the last EMM platforms to support this.245 votes
I can confirm that work on this has started and we hope to have a public preview sometime this year. Thanks for your patience!
This doesn't currently happen and is apparently "working as designed"230 votes
We need the ability to add system apps like the system camera or phone app to the work profile. Other EMM vendors already support this feature.214 votes
We have a large Samsung deployment where enhanced control of the OS update flows are required.
Samsung EFOTA allows us to do this.
Please add support for this feature.
When having an Android device that is enrolled with Intune, enable the possibility to set a configuration policy that automatically enables Web browser access with respect to installing the management certificate on the device. This would simplify device compliance checks quite much.169 votes
When Intune Compliance or MDM policy is applied to Android Devices, pattern unlock is disabled. Please add Allow Pattern Unlock to the list of password options.147 votes
Please support setting up Android for Work with G Suite managed accounts.
Enable a way we can enforce a policy to set a PIN code on Corporate Owned Dedicated Devices (Kiosk mode) PIN at a device level.
At present we are having to get our onsite IT staff to manually set a PIN on the device after enrollment, but still the users could go in and change the lock screen method from PIN code to Swipe, thus removing the security aspect.108 votes
Our Android team says:
“We need to learn more about this scenario. Kiosk devices are typically open for use while users sign into apps separately. Would like to know why a device level PIN for a AE dedicated enrolled device provides security.”
Can you tell us more?
Disable installation from unknown sources using Intune policies on Android devices. Android OS has an option where user can disable unknown sources so they can install THIRD PARTY apps.
setting--> General--> Privacy--> security-->under Phone Administrators -->Unknown sources
Unknown sources should be disabled for security purposes.
These apps are not tested and can control viruses hence should not be allow and is NOT on the official PLAYSTORE.
We need an option from the console for Admin to disable this option so user cannot change and allow unknown sources to be install onto the company's devices.99 votes
It seems that by default on android entreprise when you ask for a password on the work profile only, android choose to have the same password on both personnal and work profile.. It is called the One Lock option.
Would it be possible to disable this option ?83 votes
It is not possible to enroll phones using qrcode or afw#setup method when user is MFA enabled. When the step “sign in to Microsoft” appear the user is MFA challenged but because the phone is in a state not accepting phone calls or SMS from MFA provider the challenge is timing out. Please don’t tell us to turn off or use bypass MFA for users to enroll.73 votes
Currently it is not possible to locate lost "android enterprise" (dedicated or fully managed) devices through the intune portal.
I dont know if this feature is in general not support on android enterprise devices (missing feature)? If so, we need another solution. Its called android ENTERPRISE and we cant find company-owned devices - no comment.70 votes
To successfully access O365 Resources via the Managed Browser when Conditional Access is in place, Android users must manually go into the Company Portal settings > and Enable Browser Access which install a Work Account certificate used to successfully pass Conditional Access via the Managed Browser (and other apps with the Intune SDK integrated, such as SAP Fiori). This is a request for administrators to have the option for this certificate to install automatically during Android enrollment (or at least prompt the user to install it during enrollment), so no manual action is required by the end user.68 votes
It would be very great if you could provide the possibility to create a devicename for android devices in the Management console. It doesn't even have to be the real devicename what is normally something like android_ab34jfjf .... . We are using a naming concept for each device we rollout, for IOS this works fine but Android enrollment now creates a real mess. It would be just enough if you create a new variable which is editable in the App ( during rollout) and shown in the management console67 votes
At the moment we (IT) have to setup android devices manually and then get the user to enrol to intune.
This is proven difficult to managed and the enrolment rate is only %75.
is there a better way to pre enrol or bulk enrol devices ?65 votes
I can confirm this is being worked on now and should be delivered sometime this year.
- Don't see your idea?