T
tetto

  • a day ago
  • Joined 9 days ago
  • In MS Intune company portal with work profile not working

    tetto Mind sharing what commends you used?

    I used the following commands when the system was waiting for the "next" prompt:

    pm install-existing --user 18 app.grapheneos.gmscompat
    pm install-existing --user 18 app.grapheneos.gmscompat.lib
    pm install-existing --user 18 app.grapheneos.gmscompat.config
    pm install-existing --user 18 com.google.android.gms
    pm install-existing --user 18 com.android.vending
    pm install-existing --user 18 com.microsoft.office.outlook
    pm install-existing --user 18 com.microsoft.office.onenote
    pm install-existing --user 18 com.microsoft.office.excel
    pm install-existing --user 18 com.microsoft.teams
    pm install-existing --user 18 app.vanadium.browser

    Note that the user 18 was my specific user associated with the work profile. I don't recall the command I used to discover the user. I copied part of the instructions from another post and took a while to understand that the user would be different.

    All of the apps were installed in my main profile, this was to avoid having to send an APK from another source.

    In the meantime, I confirmed that the apps are updated in the work profile when the app in the main profile is updated. So that solves that security concern.

    Note that I installed the play store but in the end I disabled it due to the errors of not being allowed due to the work policy. This was really annoying because Intune was trying to install more apps.

    I did not have any issues with having Vanadium installed, don't know if this is due to being managed by the App Store or if I could install any app this way without the Intune policy complaining of unauthorised applications installed.

    • In MS Intune company portal with work profile not working

      tetto

      This seems to be working!

      The 'Blocked by Work Policy' error is coming up where GOS normally gives to option for network permissions. If there was a way to change that to always on, for a few minutes, I think we would be home free.

      P

      • In MS Intune company portal with work profile not working

        tetto I managed to have Intune with this steps.

        When configuring the work profile via intune, after the profile is created you reach a step where you need to press next.

        At this step, use adb to install all the apps you need, for example Outlook and Teams. Don't forget any, because after you press next you will not be able to install any other app (remember to install keyboard with your language for example).

        After pressing next, you won't be able to update any app via the play store due to the work policy. I disabled the app to avoid having notifications of failed updates.

        Have been using this for a week, both Outlook and Teams work. The big downside of this is that the apps will become outdated fast but I think I read somewhere that if the owner profile updates the app, then the other profiles also update it? Is that true?

        Edit: forgot to mentioned that I did not disabled any exploit protection or activated any option. I also had the apps installed in the owner profile, so while installing via adb, I was installing from an already present app.