Your Samsung work phone may stop performing its duties after a problematic update to Microsoft Intune. Two days ago, business users started to report that their Samsung work phones were unable to access corporate networks.
As it turns out, a flaw inside the Microsoft Intune software is the culprit, rendering the Samsung phones unusable and “non-compliant.” In effect, people are locked out of their work environments and can’t do their job.
What is Microsoft Intune?
Microsoft Intune is a cloud-based platform for the administration of work devices, especially smartphones and smartphone applications. When devices are enrolled and managed in Intune, administrators can:
See the devices enrolled and get an inventory of devices accessing organization resources.
Configure devices, so they meet your security and health standards. For example, you probably want to block jailbroken devices.
Push certificates to devices so users can easily access your Wi-Fi network or use a VPN to connect to your network.
See reports on users and devices compliance.
Remove organization data if a device is lost, stolen, or not used anymore.
Microsoft Intune issue
It appears that the issue manifests itself on Samsung phones running Android 9 or later, and it’s happening after an automatic restart or after a managed update. Microsoft acknowledged the problem in a blog post, stating that:
“We are aware of an issue where some Samsung devices show as non-compliant after an automatic restart or after a managed update is applied. This could potentially affect access to corporate resources, depending on the Conditional Access policies set by the IT administrator. We are working to resolve this issue with Samsung, but in the meantime, we wanted to give you more information and workaround instructions to help you bring devices back into compliance.”
The issue is affecting Samsung phones with Android device administrator (DA) management or Android Enterprise personally-owned work profiles but there are workarounds to make these devices compliant again in Microsoft Intune.
How to fix the Microsoft Intune non-compliance problem?
According to Microsoft, a manual sync will alleviate the issue. "A manual sync forces your device to connect with Intune to get the latest updates, requirements, and communications from your organization. Company Portal regularly syncs devices as long as you're connected to Wi-Fi. If you've been disconnected from Wi-Fi for an extended period of time, you can use the manual sync feature to get any policies and updates you missed," reads the description on the official blog.
There are two ways to do this. For Samsung phones with Android Device administrators (DA) follow these steps:
Unlock your Samsung work phone
Launch Company Portal
Sign in to the Company Portal app.
Tap the menu.
Tap Settings.
Scroll down to Management Policy and tap Sync.
Wait while Company Portal syncs your device. When complete, the screen will show the timestamp of the last successful sync.
After the successful sync, the phone should be again compliant with Intune
For Android Enterprise fully managed Samsung devices you need to do the following:
Recommended Stories
Unlock your Samsung work phone
Launch the Device Policy Controller app
Tap the menu.
Tap Settings.
Scroll down to Management Policy and tap Sync.
After the successful sync, the phone should be again compliant with Intune
Microsoft says that the company is working to resolve the issue but at the time of writing this article, there’s no official patch or solution, aside from the aforementioned workarounds.
Mariyan, a tech enthusiast with a background in Nuclear Physics and Journalism, brings a unique perspective to PhoneArena. His childhood curiosity for gadgets evolved into a professional passion for technology, leading him to the role of Editor-in-Chief at PCWorld Bulgaria before joining PhoneArena. Mariyan's interests range from mainstream Android and iPhone debates to fringe technologies like graphene batteries and nanotechnology. Off-duty, he enjoys playing his electric guitar, practicing Japanese, and revisiting his love for video games and Haruki Murakami's works.
Recommended Stories
Loading Comments...
COMMENT
All comments need to comply with our
Community Guidelines
Phonearena comments rules
A discussion is a place, where people can voice their opinion, no matter if it
is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some
random thoughts, which are not directly related to the matter.
Things that are NOT allowed:
Off-topic talk - you must stick to the subject of discussion
Offensive, hate speech - if you want to say something, say it politely
Spam/Advertisements - these posts are deleted
Multiple accounts - one person can have only one account
Impersonations and offensive nicknames - these accounts get banned
Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a
post should be moderated - please, report it.
Have a question about the rules or why you have been moderated/limited/banned? Please,
contact us.
FCC OKs Cingular\'s purchase of AT&T Wireless
Things that are NOT allowed: