This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Tech Community.
Have you read the details on Intune’s support for Android enterprise fully managed device? If not, get up to speed by reviewing the Microsoft Intune support for Android Enterprise fully managed devices is now generally available post here: https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Microsoft-Intune-support-for-Android-Enterprise-fully-managed/ba-p/862232.
First off, we are grateful for this community. You tried out the Android Enterprise fully managed previews, you gave us feedback, and you helped each other out through three distinct releases. We received over 300 comments on the preview blog posts, and in those comments and occasional subsequent support cases, you helped us deliver this generally available release. You provided over 58 pieces of actionable feature feedback based on your experience with preview. Thank you!
Second, there are still a few known limitations in managing Android Enterprise fully managed devices:
- When provisioning via Knox Mobile Enrollment, the username and password cannot be passed to the fully managed device from the portal. This is a result of a restriction on how KME interacts with the platform and credentials will need to be manually entered.
- Multi factor authentication
- During enrollment of a fully managed device, the user will not have access to the Microsoft Authenticator app or the ability to receive a call or text message on the device being enrolled. As such, the user will need to have the ability to complete the multi factor authentication via a different method.
- Intune will not be able to support the setting “Block user account changes” on Fully Managed devices as this currently causes device registration to fail. The setting will continue to be supported on Android Enterprise Dedicated devices.
- Support for PKCS certs are not available today.
As we make changes that impact these limitations, we will be updating this post. Finally, we have seen both social mentions and a few cases regarding SCEP. There’s one SCEP fix we expect shortly. There is additional complexity in some of the cases, so we appreciate your patience while we parse through logs and determine the right path forward for a few of the SCEP scenarios.