Samsung phones managed by Intune dropping out of compliance • The Register | #microsoft | #hacking | #cybersecurity


Some Samsung phones managed by Microsoft Intune are dropping out of compliance after an automatic restart or update, the Windows giant has admitted.

Samsung Galaxy kit running Android 9 (or later) with Android Device Administrator management or an Android Enterprise personally owned work profile are affected as well as Samsung Android 11 hardware provisioned as Android Enterprise fully managed devices.

The former can drop out of compliance after an auto-restart while a managed update can do for the latter.

Intune is Microsoft’s take on Mobile Device Management (MDM) and Mobile Application Management (MAM). The theory goes that administrators can use the cloud-based service to control how an organisation’s devices are used, including smartphones.

The company faces stiff competition in the MDM arena, not least from Apple and Jamf, making the issue all the more awkward. Particularly since the workaround requires some manual intervention on behalf of the user, somewhat defeating the point of a device management platform.

Afflicted Samsung devices show as noncompliant, which could potentially block access to corporate resources. Getting round the issue requires a user to manually unlock the phone and trigger a sync in order to regain compliancy.

Microsoft’s admission comes amid growing rumbles of discontent from users finding devices in their fleets dropping out of compliance unexpectedly. One responded to Microsoft’s post: “I had a bunch of Samsung devices go non-compliant with a password remediation failed error for no reason.”

In recent weeks, Intune customers have found devices dropping out due to password policy enforcement changes. Android 11 work profile devices or device administrator enrolled devices were affected.

The Intune team assured customers they are “working to resolve this issue with Samsung,” but still found time to trumpet the arrival of Feedback for Microsoft 365 apps and services.

We imagine there aren’t many administrators out there who would describe a device dropping out of compliance and the subsequent support ticket as a “feature you love.” ®





Original Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

three + two =