Cannot Create Intune MDM Workspace on Samsung Note 9

Question

Note 9- Android 10, Knox 3.4.1

My company has required us to install the Intune MDM in order for us to access our corporate Outlook email.

My phone is encrypted by default, has Samsung Secure Startup enabled and requires a PIN to access.

1. After I launch Intune, it gets to the 3rd stage of creating a Company Workspace where it deals with encryption.
2. It stops and gives me the message "Set device PIN to complete encryption" with a link to Resolve.
3. Selecting the link brings me to System\Biometrics and Security\Secure Startup where I am prompted for my PIN, which I input.
4. It then reverts back to the \Biometrics and Security screen.
5. If I switch back to Intune, and hit Continue, it just hits the same error and repeats

I have removed/reinstalled Intune multiple times with same result.

My IT team is out of ideas and I can no longer access my work email.

Any help much appreciated!

Answer 1

@Abend404

To create an online support ticket, you can follow the steps as below:

1 Sign in to Microsoft Endpoint Manager admin center with Intune admin account.
2 Choose Troubleshooting + support - Help and support - Intune.

3 Enter the issue description, and press "Enter", then choose contact support icon.

4 Fill in the info on the web page. After you create the ticket, the support engineer will contact you by phone or email.

---

If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Answer 2

When you installed the Intune Company Portal, and enrolled the Android device, you may see the similar message displayed in the following screenshot. Besides set the device PIN, is there any other message on the screen?

In addition, could you please review the guide by clicking the link below, and make sure you have enabled the device encryption correctly?

Encrypting your Android device

Answer 3

Here is what I see when it fails. The MDM security settings prevent me from taking a screen shot so I took a picture using another phone. Secure Startup is enabled, using a PIN.

Answer 4

Please see initial post above, Secure Startup is enabled.
However, I have also tried the following-

• As you mention instead of hitting Resolve, I switched windows to Biometrics and Security, selected Secure Startup, hit Apply and entered my PIN
• The PIN was accepted and it then reverted back to Biometrics and Security
• I switched back to Intune, hit Continue and the same error came back

Then

• After uninstalling Intune and rebooting, on System\Lock Screen\Screen Lock Type, I changed from PIN to SWIPE
• I reinstalled and ran Intune; after completing the first two steps, it stopped at above "Update Device Settings" with same message.
• I hit Resolve and changed Screen Lock Type back to PIN and entered my PIN
• Unfortunately same result

Answer 5

Thanks, your response was very helpful.

I followed the instructions and processed the debug log which I believe is uploaded to MS. I never got the option to create an email, possibly because my work Outlook had been disabled by MDM. I did save the Incident IDs.

I provided the link above to my IT team along with the Incident IDs but they seemed completely unfamiliar with the process and how they would go about reaching Intune support about my specific issue.

Can you give me a brief description of the steps they should take?

Thanks!