question

JimmyWinberg-4723 avatar image
0 Votes"
JimmyWinberg-4723 asked JimmyWinberg-4723 answered

Enrollment not working correctly

Hi

This is a mix of questions but it all relates back to the same issue.


Issue: User enrolls corporate iPhone using the Company portal application. Device shows as personal and Assignment profile returns empty value even if it's assigned, causing filters not to work for right applications.


  • Device is assigned to Intune in ABM.

  • Device is assigned to a enrollment profile in Intune.

  • User installs Company Portal app and signs in.

  • User gets all the prompts of installing management profile etc.

  • Device gets application and the status says compliant.


User does not get applications that uses dynamics membership groups.
Rule syntax used: (device.deviceOSType -eq "IPhone") and (device.enrollmentProfileName -eq "My Demo Test")


So I check the device and see the following issues.

  • Device says personal owned not corporate.

  • Validating Rule syntax shows that the device receives an empty name in the enrollementProfileName.

  • Checking the device in Intune/devices it will say the Assigned Profile: My Demo Test.

  • Checking the device in the enrollment profile it says State: Not Contacted and Supervised No.


I have tried setting the device to corporate manual, nothing changes, I tried to sync the phone again nothing happens.


If I wipe the phone and enroll it from the start then everything works.

I can't ask 200+ users to wipe there phones.

I have waited 8 hours and will check tomorrow again to see if it's something with the sync.

If you have any thoughts on what I can try or test please let me know.

122567-2021-08-09-20-57-22-window.png

122605-2021-08-09-20-56-29-window.png

122651-2021-08-09-20-50-28-window.png


mem-intune-enrollment
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JarvisSun-MSFT avatar image
0 Votes"
JarvisSun-MSFT answered JarvisSun-MSFT commented

@JimmyWinberg-4723 Thanks for posting in our Q&A.
It looks like we are using ADE enrollment and assign profile to our device, but it doesn’t work. As far as I know, device that's been activated needs to be wiped before it can enroll properly using ADE in Intune. After it's been wiped but before activating it again, you can apply the enrollment profile. Please refer to: https://docs.microsoft.com/en-us/mem/intune/enrollment/device-enrollment-program-enroll-ios#distribute-devices

If users install and run the Company Portal app to enroll their personal devices for Intune management, know as "bring your own device" or BYOD, It doesn't need to be wiped. Please refer to: https://docs.microsoft.com/en-us/mem/intune/enrollment/ios-enroll#user-owned-iosipados-and-ipados-devices-byod

Hope the above information can help.



If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@JimmyWinberg-4723 How are things going on? We are waiting to see if our problem is resolved. If there is anything update, please feel free to let us know.

0 Votes 0 ·
JimmyWinberg-4723 avatar image
0 Votes"
JimmyWinberg-4723 answered

Thank you for answering.

I will use add corporate identifiers to solve the issue.

I just thought that the logic when a device comes from ABM it is always corporate. So when the users enrolls it using company portal it should not turn into personal.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.