Microsoft has confirmed today that Samsung and Google have fixed an Intune enrollment issue affecting Galaxy S22 smartphones running Android 13.
Microsoft Intune is a cloud-based service that helps enterprise admins manage Windows, Android, macOS, iOS, and iPadOS apps and devices.
Admins can also use it to easily enforce device-specific policies for users who access proprietary data using personal or company-owned devices.
Reboot required for successful enrollment
On affected S22 devices, Android users cannot complete enrollment if they create a Work Profile for Bring Your Own Device (BYOD) provisioning.
When trying to enroll the device, users will see a "Can't setup device. Contact your IT admin for help." error followed by a second "Unable to create Work Profile." message.
"S21 and S22 devices are confirmed to be affected, but impact on other models may be possible," the Intune Support Team said on Wednesday.
Admins are advised to tell users experiencing this known issue to reboot their personally-owned devices before attempting to enroll them, which should automatically download the Android Device Policy app required for the enrollment to finish successfully.
If the issue is not resolved after a device restart, users should manually install the Android Device Policy app, reboot again, and restart the enrollment process.
Issue resolved with server-side fix
Samsung has also issued a support document describing the issue and confirming that this was addressed via a server-side patch.
"A server-side fix has been provided. To resolve the issue, reboot the device before enrollment," Samsung said.
"If the issue persists after reboot, install the Android Device Policy app from the Google Play Store before proceeding with enrollment."
Microsoft is investigating another Intune enrollment bug that forces Android Enterprise fully managed Samsung Galaxy devices running Android 11 and later into non-compliant states after a device restart or a managed update is applied.
The company also resolved an issue that caused Intune-enrolled Samsung devices using a work profile to experience email and VPN connectivity problems due to missing certificates after an Android 12 upgrade.
Comments
xafase - 1 year ago
Android users cannot complete enrollment if they create a Work Profile for Bring Your Own Device (BYOD) provisioning.
If my job requires me to have a phone, they can pay for it. Work is not allowed access to any of my personal devices. They can track the websites I browse on it but that is it.
Dylan3000 - 1 year ago
We have about 700 Samsung devices in our plants. All company owned. They are enrolled as Fully Managed devices. Every single one of them will connect and as soon as it connects they lose their WiFi certificate. This "bug" has rendered them all useless. We don't have this issue out of LG, Zebra or the Pixel devices we've tested and are using now. Microsoft support and Samsung have been completely useless to help. Problem still exists.