eSudo.com

Phone

408-216-5800

Are You Safe?
Book A Call
Menu

408-216-5800

Contact Us
Are You Safe?
Menu

Android Intune “no available apps” error app protection policy

Situation

I recently deployed some applications using Intune MAM for managing BYOD Android personal devices. Two applications were Keeper Password Manager or Zoom had a problem signing because it use SSO via Microsoft Azure AD and Google.

When the user enters an email address to sign in, goes to SSO Connect and gets “No available apps. There are no apps on this device that your organization allows to open this content. Contact your IT administrator for help.

Android-No-Available-Apps

Microsoft Documentation Error messages and dialogs on Android

When you read the error on MS website link above, you see the cause: 

The user tried to open work or school data with another app, but Intune cannot find any other managed apps that are allowed to open the data

Remediation

However, the remediation does not tell how to fix or is not very clear what to do.

Make sure an Android app protection policy is deployed to the user’s security group and targets at least one other MAM-enabled app that can open the data in question.

Problem

The problem is the Intune App Protection policy does not allow the app to send data to other apps, as a result, it does not allow to sign via SSO.

Solution

To allow apps like Keeper Password Manager and Zoom to pass data to another app, such SSO Connect, you have to exempt the app Intune App Protection.

  • Go Endpoint Manager Admin Center
  • Go to Apps > App Protection policies
  • Select and Edit the Properties of your Android MAM Policy
  • Edit “data protection” section
  • Select Apps to Exempt

Intune-App-Protection-Properties

  • In Exempt Apps, I added MS Authenticator and Keeper Password Manager
  • For Name, it can be anything and for the Value or package ID, you can this from the Google Play store

Intune-App-Protection-Exempt-Apps-1024x426

  • Go to Google Play Store, find the app URL, and look for the value after ID, e.g., com.callpod.android_apps.keeper

Keeper-Password-Google-Play-Store-App-ID-1024x394

  • Click OK to save and confirm it there.
  • Wait for 20-60 mins for the policy to take effect and test it

Summary

The application protection policy is good to keep data more secure, however, it is important to test the impact of the policy.

You can learn more on Android app protection policy settings – Microsoft Intune |  Microsoft Docs.

Updated: Jan 22, 2022

If this article is helpful, please provide your comments or feedback and if you like help for your organization, contact us below.

Leave a Reply

Your email address will not be published. Required fields are marked *