search

microsoftconnect / ms-intune-app-sdk-android

Intune App SDK for Android enables data protection features and mobile app management via Microsoft Intune
43 stars 17 forks source link

[.NET MAUI] Multi-identity changes in Android Manifest are not being recognized by SDK #209

Closed kendallhester closed 7 months ago

kendallhester commented 8 months ago

Intune Android App SDK Policy Enforcement Issue

Questions to Ask Before Submission

  1. Have you completed the exit criteria for each phase in the [Intune App SDK for Android Integration Guide]? Yes

  2. Have you checked the [Microsoft Intune App SDK for Android] repository for similar issues? Yes

  3. Are you using the latest version of the [SDK]? Yes, v10.0.0

Summary

After following Phase 5: Multi-Identity of the integration guide, Intune-supported multi-identity is not working in my app. With StrictMode enabled, any attempt to set the Intune context identity results in a MAMStrictCheck.SEVERE_EVENT being thrown, with the following message:

com.microsoft.intune.mam.client.strict.MAMStrictModeCheckFailedError: MAM Strict Mode check SEVERE_EVENT failed. MultiIdentity needs to be enabled in AndroidManifest to call multi-identity API: <MAMIGNORE>setUIPolicyIdentity</MAMIGNORE>

I have verified that the suggested changes were made in the manifest file.

Repro Steps

Please provide concrete steps to reproduce the issue you are encountering.

  1. Create an app with the multi-identity flag set to True in the manifest file. Ensure that MAM strict mode is enabled, and that the check for SEVERE_EVENT is not disabled.
  2. In Debug mode, try setting the Intune context identity by calling MAMPolicyManager.SetUIPolicyIdentity(Context context, String identity, MAMSetUIIdentityCallbackmam SetUIIdentityCallback)
  3. Notice exception thrown. The MAMStrictCheck type will be SEVERE_EVENT, with a stacktrace mentioning that MultiIdentity needs to be enabled in AndroidManifest to call multi-identity API.

Expectation:

The Intune context identity is set successfully after calling MAMPolicyManager.SetUIPolicyIdentity.

Observation:

A SEVERE_EVENT throws mentioning that a change is required in the manifest file, although the change has already been made.

Details

Logs

Company Portal Logs

Incident ID: B7TU7X3P

kendallhester commented 7 months ago

My app listed metadata both inside and outside of the Application subsection of the manifest file. I applied the Intune changes in the wrong subsection. After moving the necessary multi-identity metadata to the Application subsection of the manifest file, the issue has resolved.