Hello I have problem with MS Intune Portal. I have fairphone 3+ I installed e-os latest version on it, but intune company portal can not register the device. While creating profile of the company I get message connection interrupted and process can not be finished. I red the App Unternehmensportal thread where there is same problem with no solution. Company support told me that FP has no suport for android business which is required for running MS intune company portal. Can you help what can be done? This is quite crutial for me. Thank you
I guess it won’t help you much, but I’m successfully using Intune on my FP3 with stock ROM.
I don’t know about “android business” but either the FP3 (with stock) has it or my company has fewer requirements than yours (not sure if this is something than can be configured in different ways with a company policy or if it’s “baked into” Intune).
From another phone (FP2 with lineage, opengapps, rooted plus magisk hide) my impression was that MS intune is really good at detecting when there’s “something wrong” with the phone (from their perspective). So at some point I simply gave up, i.e. couldn’t use company resources with that phone.
Hello, thank you very much for the reply. Whah does it mean “stock ROM”? I boght FP 3+ found that preinstalled rom is too tight to google services including sms, phone app etc so I decided to intall supported version of e-os for fairphone. ( just to be clear what OS I am using) thank you.
“Stock ROM” is (in this case) the system delivered by Fairphone with their phones (i.e. FPOS).
I think, as I mentioned in my thread you’ve linked, that MS Intune company portal runs fine on stock ROM as this contains Google framework but probably does not run on /e/OS as this “only” contains microG mimicking functions of Google framework but probably missing some functions necessary for “Unternehmensportal”…
Thank you, if there is any way how to make Intune work on e-os I appreciate the advice.
I tried this process and also failed, but at slightly later stage.
It seems that the profile gets created, an additional userspace is created but then within that userspace there is no internet connection provided and it fails to re-authenticate to enable operation of anything inside it.
Sound like something that maybe too strict privacy and ants-spying features of e/OS might do.
I’d love to get it working. Can offer some debug info if anyone technical can interpret it…
Few days after I got myself a Murena FP4, my company decides to increase security through Company Portal app. My error sounds like what @strugk got. Did anyone have any luck in making it work on /e/OS?
On the first run I get the error on the left:
But, every time I try to sign in after the first I get the one on the right!
To make things worse, it is not possible to uninstall the app normally and as soon as I remove it from the list of device admins - it disappears, but the App Lounge thinks that the Corporate Portal is still installed and I can’t reinstall without a factory reset.
I try every few months with the same result.
There are ways to remove the company account without factory reset. Have you tried going into settings->accounts and removing the work profile that is being created by IntuneCP?
Ok, the only company app I wanted to work was Teams, and after a number of mails exchanged with IT support we finally made it!
Here’s what they told me:
- download Authenticator and add your account
- download Teams
- download Company Portal but never open it (you don’t need to login, the app just needs to be downloaded)
Open Teams, select your account and login > if asked to register device click register > it should register the device, show you that the app is protected > ask to setup pin > and you should have access.
It may depend on the way Teams is setup by the company, but for me - it works.
Unfortunately, getting Microsoft Intune to work is rather hard. Please refer to the GitLab issue for current technical challenges.
Since creating a Work Profile is not possible at the moment, it could be an alternative to configure the device with Device Administrator access. This can be decided by your company, which can configure it in their Microsoft Intune admin center by enabling Device Administrator enrollment (look for “Personal and corporate-owned devices with device administrator privileges” under “Devices → Android → Android Enrollment”, and by then creating a policy that prevents your device from signing up through Android Enterprise. For the latter, please refer to Microsoft’s platform restrictions documentation.
If you allow both platforms for the same group, and then refine it for specific and non-overlapping versions, devices are sent through the Android enrollment flow that’s picked for their version.