December 2, 2024
Intune General Information
➤ What is Intune?
For details, please see the Microsoft Intune Landing Page on Vitals
➤ What Mass General Brigham can and cannot see?
For details, please see What Mass General Brigham Can and Can Not See on your Mobile Device
➤ Can Mass General Brigham monitor the web traffic on my phone?
No, Mass General Brigham cannot monitor or track website usage through Intune.
➤ Is MobileIron Tunnel still available on Intune?
Cisco Secure Client has replaced the VPN tunneling feature. This client provides users with the means to turn on & off MGB's VPN to access internal resources. For details, please see KB0041849 HOW TO: Configure Cisco Secure VPN in Intune
➤ I have an old iPhone or Android device. How do I know if it's compliant with Intune?
Vulnerabilities are discovered frequently in software, putting your phones, data, and the enterprise at risk. In order to stay secure and compliant with Mass General Brigham policies, ensure that you are running a current, supported Operating System (OS) and that your software applications are up to date. Please see KB0039035 Device Operating System (OS) Compliance Requirements
➤ Can I enroll in multiple MDMs at once?
No, A device can only be enrolled in a single MDM at any given time.
Attempting to enroll in a second while still enrolled in the first will produce the error. Please see KB0039592 TRBL - Profile Installation Failed. The new MDM payload does not match the old payload
➤ Can I use my phone's default or 3rd party email clients to access my MGB work email?
No, MGB no longer supports access to MGB email or calendar resources using default or 3rd party clients. Examples: Mail (iOS and MacOS), GMail (Android), etc.. MGB has standardized on Microsoft Outlook, which is available via the Company Portal.
➤ Can I use my phone's default or 3rd party calendar clients to access my MGB work calendar?
No, MGB no longer supports access to MGB email or calendar resources using default or 3rd party clients. Examples: Apple Calendar (iOS and MacOS), Google Calendar (Android), etc.. MGB has standardized on Microsoft Outlook, which is available via the Company Portal.
➤ Can I add my other accounts to Outlook so I can view them all in one place?
MGB does not restrict adding additional email accounts to Outlook. However, the 3rd party associated with the account may restrict access due to their own security policies. Please check with your 3rd parties service desk to verify.
➤ Can I sync my Contacts from Outlook to my personal phone?
Yes, Outlook offers a feature to sync your contacts. Please see KB0041833 How To: Outlook - Make MGB Contacts Visible in iOS's Contacts Ap
➤ I installed Voalte ME and can't remember my site code.
You can now find Voalte codes here: KB0041839 MGB Voalte Me Site Codes
➤ Where can I find a complete list of approved apps for work that I can use on my BYOD phone?
A complete list of approved work apps can be found on Company Portal. Please see KB0041720 INFO: Intune Company Portal Applications for BYOD Devices
➤ How do I access my Home Drive (H:\) from my phone or install Docs@Work?
Docs@Work has been retired as part of our migration to Intune and has been replaced with MGB's OneDrive for Business. OneDrive may be installed from the Company Portal.
Please see KB0041746 INFO: Ivanti Docs@Work to be retired
Intune Enrollment Issues
➤ ISSUE 1 - An error message appears during enrollment: "Profile Installation Failed. The new MDM payload does not match the old payload"
- Please see KB0039592 TRBL - Profile Installation Failed. The new MDM payload does not match the old payload
➤ ISSUE 2 - An iOS device running iOS 17 or later shows a prompt Security Delay Required to <Action>
➤ ISSUE 3 - Attempting to unenroll from Mobile Iron and can't find the remote management button.
- This indicates your device may be configured as a Supervised Phone, which will prevent your phone from removing Mobile Iron.
- At this time, supervised phones are excluded from migrating to Intune during the BYOD enrollment phase.
➤ ISSUE 4 - I enrolled my phone, but no applications are showing in the Company Portal.
- Carrier and Intune synchronization delays can cause this to occur when attempting to install apps immediately after enrollment is complete. You may need to give 30-60 minutes for applications to be enumerated in the Company Portal.
- Check to make sure your phone is compliant. Older phones that are no longer supported will cause applications not to appear due to non-compliance. Please see KB0039035 Device Operating System (OS) Compliance Requirements
- Force your phone to sync:
- Open Company Portal.
- Scroll to the bottom of the screen and click on "Devices'.
- Select your device.
- On the Device details screen, click on "Check status."
- Close the Company Portal and wait 15 minutes before checking to see if your applications are now appearing.
Mail, Calendar, Contact Synchronization Issues
➤ ISSUE 1 - My contacts are not syncing with numbers I have in my recent call logs and text messages.
- With the Microsoft Outlook mobile app, the default setup does not include synchronization with your phone's contacts.
- To enable this feature, please see KB0041833 How To: Outlook - Make MGB Contacts Visible in iOS's Contacts Ap
➤ ISSUE 2 - Calendar entries I make on my phone do not sync to my Mass General Brigham calendar.
- MGB no longer supports the synchronization of personal and work emails and calendars.
- Users are to use Microsoft Outlook, which can be installed from the MGB Company Portal.
➤ ISSUE 3 - A Misconfiguration Alert error occurs when attempting to add a second email account to the Outlook Mobile.
- MGB does not restrict adding additional email accounts to Outlook. However, the 3rd party associated with the account may restrict access due to security policies. Please check with your 3rd parties service desk to verify.
- If restricted, known workarounds include using Outlook web from the mobile device's browser or setting up native mail to use the 3rd parties exchange server.
Other
➤ ISSUE 1 - My Android phone requires me to enter my password each time I enter my work profile.
- This is a security feature on Android phones and can be modified by using the Use One Lock feature, which allows for a single password for both the device and work profile.
- Please see KB0041771 How To: Intune - Enable One Lock for Android Work Profile Devices
Escalation
If further assistance is needed, please contact the Digital Service Desk.