Share via

Android USB Transfer profile

Dean Hoile 61 Reputation points
2023-06-19T14:55:47.9066667+00:00

I have a curious question for those of you who may know the answer to my question (even if it is a NO)

So we have come to realise that some of our developers using Android Studio (ADB/ADK) to interact with a physically connected android device, and they are experiencing issues when trying to transfer files to the device using ADB via Studio to the device (with Studio the Windows device level storage can be bypassed) so you should be able to transfer the files as well as record the screen of the connected device.

From what I have now confirmed after testing this on my test Android device and Windows with Android Studio, the policy/profile that was blocking it was for the Android devices and it is specifically the USB File Transfer setting, I created a copy of this profile and set USB File Transfer as not configured.

I then tested with an Android device connected to Android Studio and I was able to transfer files with Studio itself and record the screen.

Current production profile

r/Intune - Android configuration - USB Transfer

Testing profile

r/Intune - Android configuration - USB Transfer

So I have a solution in theory but this would allow any dev to take their devices that have this setting removed and connect to any device and transfer data to it, is there another way to approach this to allow it at a granular level - kind of like when you mass block removable storage/media (USB etc.) and can set an allowed storage list of attachable devices (or allow full storage access to a device itself)

Is there another way around this?

Thanks.

Microsoft Security | Intune | Other
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Crystal-MSFT 53,986 Reputation points Microsoft External Staff
    2023-06-20T05:27:03.85+00:00

    @Dean Hoile, Thanks for posting in Q&A. Based on my checking, currently, there's no setting in Intune to controls what files and data can be transferred via USB.

    https://learn.microsoft.com/en-us/mem/intune/configuration/device-restrictions-android-for-work

    You can feedback to Intune voice to see if we can get this in the future:

    https://feedbackportal.microsoft.com/feedback/forum/ef1d6d38-fd1b-ec11-b6e7-0022481f8472

    Thanks for your understanding.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.