First let me start of by saying that almost all android phones are different in respect to enrollment. These screenshots are taken on a Sony Device. The most complicated part with Android is that the End User have to fix the compliance settings yourself.
How good are your users?
e.g. as seen here the end user need to set the pin-code him/herself to be compliant. Make sure that your users can do this themselves before you start.
Picture by picture guide
Here is how you as a end user will experience Intune in your organization
If you need device info, the Intune MDM agent will pull information from the device and display some of it here in the general info tab just right to the health status
There are many different Android phones out there. They all provide info to Intune MDM differently. Here Sony is not able to convey the OS name correctly to Intune.
In the device list you can see and sort the list of devices on most of the general information.
When the end user enrolled this Sony Android Device he was prompted to group his device himself into a group. This group is displayed here. I have named this group myeself in the Intune portal. You could name it anything other than personal if you want to.
Management channel should be set to intune or intune and EAS when your device is enrolled. We should also se the Compliant status. If it is not compliant, check your compliance policies in intune policy tab or make sure that you have made the device compliant e.g. enabled PIN or encryption/screen lock +++
If your device is not compliant it will be blocked from exchange when you run Conditional Access.
If you want to use Microsoft Intune to deploy a MSI file it needs to be signed by a Code Signing Certificate. Most MSI’s from software vendors are signed already, but if you created a custom MSI (e.g. Office 365) by wrapping an EXE then you need to sign that MSI.
Using a MSI will enable Intune to push that software using the MDM channel. All MDM joined PC’s will be able to recieve this software.
Scenario this covers: I want to use Microsoft Intune to deploy apps and exe files to PC’s e.g. Office 2016/Custom Software
Step 2 – Download and Install Windows 7 SDK to get the signtool.exe get the SDK from here: https://www.microsoft.com/en-us/download/confirmation.aspx?id=8279 ->Accept all defaults and do not change anything. It will prompt errors
->Check that you have the signtool.exe in this folder: C:\Program Files\Microsoft SDKs\Windows\v7.1\Bin
Step 3 – Get your certificate exported in a PXF file. and put it in the same folder as your MSI file.
Step 4 – Run CMD as administrator and input this command: