[.NET MAUI] - Account Enrollment does not working as expected

[leoslima1]

Microsoft Intune App SDK for MAUI.iOS Issue

Summary

Describe the bug: We have an app using MS Intune SDK and it worked great on previous iOS versions like 17.0 and 17.2. Unfortunately it stopped working in versions greater than or equal to 17.4. Our process is: We ask the user for username and password, then authenticate them through the MSAL library. After that, we will register the authenticated account, using the RegisterAndEnrollAccount method, this seems to work well, as I detected in my logs, the return status "MAMEnrollmentStatusNewPoliciesReceived", however we have a policy for the user to define a PIN or use biometrics to continue accessing the application. In previous versions of iOS, this process worked normally, but after updating to the latest iOS, the application, instead of displaying the screen for entering the PIN or using biometrics, the app simply goes to the background, and this did not generate a crash, as I did not detect any crash report logs on my devices. A curious fact is that this process works in simulators in all versions, we can also see how it works on any physical device when we compile the application in DEBUG mode. So when I realized this, I used the same RELEASE settings in DEBUG mode, and even so in DEBUG mode everything works normally, but when we change to RELEASE mode, it only works in the simulators. Link is enabled as SDKOnly and we have a Linker.xml file to avoid deleting MS Intune SDK references.

To Reproduce Steps to reproduce the behavior: Using a iOS device with version greater or equal to 17.4 in release mode, and also have a policy defined requiring a PIN or biometrics: 1- Authenticate the user using the MSAL Library (Microsoft.Identity.Client v4.61.3) 2- Call the RegisterAndEnrollAccount with the identifier returned by MSAL Library 3- Wait for the PIN/Biometrics page to appear (it never happens)

Expected behavior: PIN/Biometrics page should appear after the RegisterAndEnrollAccount completes successfully

Intune App SDK for iOS (please complete the following information):

• For errors during build, does the app build without Intune SDK integration? YES

• For errors post build, does the app launch without being Intune SDK integrated? YES

• Who is the customer? All of them

• Do you see a trend with it only being reproduced on a specific device? Any iOS/iPad with version greater or equal to 17.4

Details

• Device: any iPhone or iPad
• iOS Version: >= 17.4
• Microsoft.Intune.Maui.Essentials.iOS Version: 19.4.0
• Build Operating System (Mac, Windows) and Version: Mac OS Sonoma
• Visual Studio Version: N/A

Screenshots and logs

• I have logs collected from iOS System using the console from XCode - I would like to share it private, because have some sensitive user informations
• Also have internal logs of my application, containing all the steps - I would like to share it private, because have some sensitive user informations
• And also we have the reference log generated by Intune SDK which is: 78CCD4

Questions to Ask Before Submission

1. Does the app build and launch without including the Microsoft.Intune.Maui.Essentials.iOS package? YES
2. Does the issue reproduce if you rebuild after deleting the bin and obj output folders? YES
3. Have you checked the .NET MAUI repository for similar issues? If so, please follow the guidance there or add that information to this issue. - No similar issues
4. Are you using the latest Microsoft.Intune.Maui.Essentials.iOS NuGet package version? 19.4.0

[wangxiaoms]

Hi could you set linker behavior to "No Link" and try if that works for release build on physical device? A reference here https://github.com/microsoftconnect/ms-intune-app-sdk-ios/issues/408#issuecomment-2055556555

[leoslima1]

@wangxiaoms it works with No Link behavior, but we cannot use that configuration, it increases a lot out app size. I saw the reference that you posted, but I can't use the same process, we have a pipeline on azure DevOps that generate the build for us automatically.

That's my Linker file trying to prevent Intune SDK to be removed:

`

`

[wangxiaoms]

@leoslima1 can you try this Preserve assemblies https://learn.microsoft.com/en-us/dotnet/maui/ios/linking?view=net-maui-8.0&tabs=vs#preserve-assemblies

[leoslima1]

@wangxiaoms I already did it, the only assembly that MS Intune Sdk references is "Microsoft.Intune.Maui.Essentials.iOS", so I have this on my .csproj file:

<ItemGroup Condition="$(TargetFramework.Contains('-android')) != true">
        <Compile Remove="**\**\*.Android.cs"/>
        <None Include="**\**\*.Android.cs" Exclude="$(DefaultItemExcludes);$(DefaultExcludesInProjectFolder)"/>
        <Compile Remove="**\Android\**\*.cs"/>
        <None Include="**\Android\**\*.cs" Exclude="$(DefaultItemExcludes);$(DefaultExcludesInProjectFolder)"/>
        <TrimmerRootDescriptor Include="Platforms/iOS/LinkerConfig.xml" />
</ItemGroup>

And that's my Linker.Config.xml file:

<linker>
    <assembly fullname="Microsoft.Intune.Maui.Essentials.iOS" preserve="all" />
</linker>

[wangxiaoms]

"Platforms/iOS/LinkerConfig.xml" vs "Linker.Config.xml", assume the dot is a typo. Besides "TrimmerRootDescriptor" can you also try "TrimmerRootAssembly".

[leoslima1]

@wangxiaoms didn't work either, I could only make it work making the build manually as described here https://github.com/microsoftconnect/ms-intune-app-sdk-ios/issues/408#issuecomment-2055556555

[wangxiaoms]

@leoslima1 could you try adding the following to csproj file to see if this resolves the issue? If it does work, can you also confirm if the app size impact is acceptable?

<ItemGroup>
  <TrimmerRootAssembly Include="mscorlib" />
</ItemGroup>