Unable to unenroll user on logout

[sandeep-kumar-eptura]

Intune Android App SDK Policy Enforcement Issue

Questions to Ask Before Submission

1. Have you completed the exit criteria for each phase in the Intune App SDK for Android Integration Guide? Y
2. Have you checked the Microsoft Intune App SDK for Android repository for similar issues? Y
3. Are you using the latest version of the SDK? Y

Summary

I'm trying to unenroll user on logout but policies are still being delivered to app.

override fun onMAMunEnrollment(upn: String, aadId: String) {
        val thread = Thread {
            try {
                MSALUtil.signOutAccount(requireContext(), aadId)
            } catch (e: MsalException) {
                LOGGER.log(Level.SEVERE, "Failed to sign out user ", e)
            } catch (e: InterruptedException) {
                LOGGER.log(Level.SEVERE, "Failed to sign out user ", e)
            }
            val primaryUser = MAMComponents.get(MAMUserInfo::class.java)?.primaryUser ?: upn
            mEnrollmentManager?.unregisterAccountForMAM(primaryUser)
        }
        thread.start()
    }

Logs

2024-06-13 00:38:10.320 22440-23479 AMEnrollmentManagerImpl com.condecosoftware.condeco.develop  W 
unregisterAccountForMAM called without valid OI
D; identity may be ambiguous.
2024-06-13 00:38:10.324 22440-23479 AMEnrollmentManagerImpl com.condecosoftware.condeco.develop  I  unregisterAccountForMAM attempting unenrollment for removed account: aOS@Eptura749.onmicrosoft.com;b9f78416-5ba0-4318-8182-9b446898e3f0
2024-06-13 00:38:10.346 22440-23479 MAMAppConfigManagerImpl com.condecosoftware.condeco.develop  I  Updated App Config cache for user User1931126298.2088628670
2024-06-13 00:38:10.346 22440-23479 MAMAppConfigManagerImpl com.condecosoftware.condeco.develop  I  Found cached app config data, returning it.
2024-06-13 00:38:10.352 22440-23479 MAMWEAccountRegistry    com.condecosoftware.condeco.develop  I  removing account aOS@Eptura749.onmicrosoft.com;b9f78416-5ba0-4318-8182-9b446898e3f0
2024-06-13 00:38:10.358 22440-23479 MAMWERetrySchedulerImpl com.condecosoftware.condeco.develop  I  removing any remaining scheduled tasks for aOS@Eptura749.onmicrosoft.com;b9f78416-5ba0-4318-8182-9b446898e3f0
2024-06-13 00:38:10.361 22440-23479 AMEnrollmentManagerImpl com.condecosoftware.condeco.develop  I  Unenrolling application for identity aOS@Eptura749.onmicrosoft.com;b9f78416-5ba0-4318-8182-9b446898e3f0, wipe reason APP_UNENROLLMENT.
2024-06-13 00:38:10.362 22440-23479 SessionDurationStore    com.condecosoftware.condeco.develop  I  Setting telemetry session [f4a63d1f-89e1-43e3-928c-8fba1c201585] start time: 639948169
2024-06-13 00:38:10.392 22440-22550 UserDataWiper           com.condecosoftware.condeco.develop  I  Call Wipe from internal for identity aOS@Eptura749.onmicrosoft.com;b9f78416-5ba0-4318-8182-9b446898e3f0, wipe reason APP_UNENROLLMENT.
2024-06-13 00:38:10.393 22440-22550 AMEnrollmentStatusCache com.condecosoftware.condeco.develop  I  MAM enrollment status found for identity aOS@Eptura749.onmicrosoft.com;<null>
2024-06-13 00:38:10.395 22440-22550 AMEnrollmentStatusCache com.condecosoftware.condeco.develop  I  Clearing MAM enrollment status for identity aOS@Eptura749.onmicrosoft.com;<null>
2024-06-13 00:38:10.401 22440-22550 AMEnrollmentStatusCache com.condecosoftware.condeco.develop  I  Clearing Company Portal required.
2024-06-13 00:38:10.406 22440-22550 MAMWEAccountRegistry    com.condecosoftware.condeco.develop  I  getAccountInfo() called for account that is not registered: aOS@Eptura749.onmicrosoft.com;b9f78416-5ba0-4318-8182-9b446898e3f0
2024-06-13 00:38:10.407 22440-22550 MAMWEAccountRegistry    com.condecosoftware.condeco.develop  I  removeAccount() called for account that is not registered: aOS@Eptura749.onmicrosoft.com;b9f78416-5ba0-4318-8182-9b446898e3f0
2024-06-13 00:38:10.408 22440-22550 WipeAppDataHelper       com.condecosoftware.condeco.develop  I  Starting a full wipe.
2024-06-13 00:38:10.417 22440-22550 TelemetryLoggerImpl     com.condecosoftware.condeco.develop  I  {"DEVICE_SDK_PREVIEW_INT":0,"CORP_TAGGED_FILES_WIPED":true,"DEVICE_SDK_INT":34,"IS_MULTI_IDENTITY_WIPE":false,"MAM_APP_ID":"com.condecosoftware.condeco.develop","SUCCEEDED":true,"MAM_APP_VERSION":"4.0.4-develop","WIPE_REASON":"APP_UNENROLLMENT","EVENT_CLASS":"com.microsoft.intune.mam.client.telemetry.events.SelectiveWipeEvent","DEVICE_BRAND":"google"}

Please reference the specific exit criteria scenario that is failing.

Repro Steps

Please provide concrete steps to reproduce the issue you are encountering.

1.

Expectation:

Clear MAM policies on unenrollment

Observation:

• on unenroll we are getting wipe out notification, user data wipes out
• get log Clearing Company Portal required.
• unregisterAccountForMAM attempting unenrollment for removed account: aOS@Eptura749.onmicrosoft.com;b9f78416-5ba0-4318-8182-9b446898e3f0

Logs Found cached app config data, returning it. removing account aOS@Eptura749.onmicrosoft.com;b9f78416-5ba0-4318-8182-9b446898e3f0 Unenrolling application for identity aOS@Eptura749.onmicrosoft.com;b9f78416-5ba0-4318-8182-9b446898e3f0, wipe reason APP_UNENROLLMENT. Clearing MAM enrollment status for identity aOS@Eptura749.onmicrosoft.com; Clearing Company Portal required.

Details

• Intune Android App SDK Version: 10.2.1
• Android Device Make and Model: Samsung S23
• Android Device OS Version: 14
• Android Studio Version: Android Studio Jellyfish | 2023.3.1 Patch 2

Logs

Company Portal Logs

Incident ID: DAQTFN7S For guidance, see Report a problem in Company Portal or Intune app for Android.

Screenshots and Recordings

If screenshots and/or recordings would help explain the behavior, please include them here.

AndroidX Dependencies

If your app includes any AndroidX libraries, please list them here, along with the version info:

• NA

Third-Party Library Dependencies

If your app includes any third-party libraries, please list them here, along with the version info:

• NA

[kanishkaBagga]

We are Looking into this.

[sandeep-kumar-eptura]

@kanishkaBagga any updates?