I am having an issue when Android phones are unable to get correct WiFi configuration policy from Intune. Intune is in 'cloud mode' (non-hybrid)
I have the following polices configured in Intune:
- Deploy root CA certificate (works OK)
- Deploy SCEP certificate (works OK)
- Deploy WiFi configuration (this is where the problem is)
Things to note:
- Exactly the same configuration for iOS devices works perfectly. So configuration of Intune and WiFi is OK and it seems to be an issue configuring Android device WiFi policy.
- I tried using PFX certificate instead of SCEP, hoping it will help in solving issue. It did not
- Android is able to receive SCEP certificate from Intune, but it is placed in System store but not in WiFi store. Hence Android is not able to use the certificate for WiFi authentication
The following blog post provides solution for Intune hybrid-setup. Unfortunately, it could not be implemented for cloud-based Intune deployment. So I ended up creating OMA-URI config for Android devices based on the information from the blog (thanks goes to Scott Breen for his blog post).
Important: replace the following values in OMA-URI config
Corporate WiFi
: should be the name of your WiFi SSID name1234567890ABCDEF
: should be hex of your WiFi SSID name (hex exact case of SSID name)00 11 22 33 44 55 66 77 88 99 00 AA BB CC DD EE FF 00 11 22
: SHA-1 hash of Root CA certificateOMA-URI config
Setting name:
Corporate WiFi
(replace this with your SSID)Date type:
String
OMA-URI (case sensitive):
./Vendor/MSFT/WiFi/Profile/Corporate WiFi/Settings
(replaceCorporate WiFi
with your SSID)Value: (replace values mentioned previously)