none
Can't set password policy for android enterprise devices RRS feed

  • Question

  • Currently trialing Intune to see if it’s a viable replacement for our current Workspace One\Airwatch service.

    We will be setting up both BYOD and corporate owned devices, initially testing corporate owned devices. We want to use Android enterprise (or Android for work). Haven't got far and already pulling my hair out. 

    I have set passcode policy in device config profile

    Device enrolls fine using the "afw#setup" user to download the ADP and kick of the Android Enterprise setup. Log in with users email/password , but the passcode is not enforced. When checking the device status logs there is “error” listed next to these settings “Number of signing failure before wiping device, Minimum password length and Require password type”

    I have tried just about every combination of these settings and read every help file I can, can’t get this setting to stick during enrollment.

    This is a make or break feature for us, what am I doing wrong, or is this just not a feature of Intune.


    • Edited by IR44 Tuesday, February 12, 2019 5:38 AM Spelling
    Tuesday, February 12, 2019 5:35 AM

All replies

  • Hello,

    Just in case, firstly, please make sure you have set up Android for Work enrollment correctly in Intune. Especially, please make sure you have enabled Android for Work profile in Enrollment Restriction. Please refer to the following article for more details.

    https://docs.microsoft.com/en-us/intune/android-work-profile-enroll

    After then, please review the enrollment guide for Android for work. Please make sure you have followed the steps in the guide.

    https://docs.microsoft.com/en-us/intune-user-help/create-a-work-profile-and-enroll-your-device-in-intune-android

    Basically, only the device has already been enrolled successfully in Intune, then the policy can be received on the client device. Would you please navigate to Devices > All devices? The Android device should be show up with compliant if it's enrolled correctly.

    Additionally, Intune provides a troubleshooting portal, which can give you more info about failure. Please refer here for how to use the portal.

    https://docs.microsoft.com/en-us/intune/help-desk-operators

    Best regards,

    Andy Liu


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, February 12, 2019 6:18 AM
  • Hi Andy,

    Thanks for the info, but hit a snag here. Is it my understanding that the following features are unavailable for "Corporate-owned, fully managed user devices" (IE, android enterprise) preview.

    • Use of the Intune Company Portal app isn't supported

    Therefore we can not use "work profiles" to enforce passcode

    Instead I have configured required passcode under: Device Configuration -> Test Profile (Set as Platform = Android Enterprise, and Profile type = Device Restrictions) -> settings -> Device Password -> 

    • Requite Password Type: At least numeric
    • Minimum Password Length: 4
    • Number of sign-in failures before wiping device : 5

    And have assigned above profile to the a group which contains the user that is enrolling the device

    However, still, after enrolling the device via scanning Enrollment token QR code and entering user log in credentials. Passcode is still not enforced

    Is there something here I'm missing. Or can a passcode simply not be enforced on Android Enterprise devices using Intune


    • Edited by IR44 Friday, February 22, 2019 3:14 AM
    Friday, February 22, 2019 2:47 AM
  • Any update?
    Tuesday, February 26, 2019 12:30 AM
  • Hi Andy , 

    Did you get this sorted eventually?

    Same issue here...

    Regards!

    JJ

    Sunday, October 20, 2019 10:13 AM