Forum Discussion
Managed Google Play private app not available on Corporate-owned devices with work profile
Hi community,
I'm encountering a strange issue and could use some guidance.
A Google developer account released an app to Managed Google Play (so it's automatically private and not available on the public store) and entered our organization ID in the appropriate field.
We can find the app on the iframe in our MDM (Microsoft Intune in this case), select it, and assign it to groups.
Everything looks good: BYOD deployments (Personally-owned devices with work profiles) can install the app from the Managed Google Play store. However, COPE devices (Corporate-owned devices with work profiles) cannot search for it, and it's also not visible in the app collections we've created.
Could there be a setting in the Google developer account's store listing that prevents availability for COPE devices?
I've exhausted all options in Intune, including multiple store syncs, with no success.
Intune is telling me, that the App is available to install on the specific COPE devices, but it does simply no appear.
The only thing left to check is the Google developer account that released the app for us.
Has anyone else experienced this issue?
Any hints or suggestions would be greatly appreciated.
Thanks!
Walter
Could you double check how group assignments are set? Intune is a pain for hiding assigned apps from the store
hi jason,
group assignments are set to "Available for enrolled devices" without any filters. pretty straight forward.
i have on my table 2 devices enrolled with my user (im allowed to the app, because im member of one assigned group)
BYOD -> App is visible
COPE -> App is not visible and not searchable
Are the two devices the same device type / device model?
I've seen this kind of behavior in the past when an app is restricted to certain display sizes via manifest.xml. (I am thinking of this) Such apps could be installed manually as apk, but Google Play refused to install them.
I am not aware that an app can be restricted to certain Android management modes via manifest.xml / Managed Play.
A privateApp available for an OrganizationID is generally available to the UEM. The UEM then releases the app for certain GoogleUserIDs/GoogleDeviceIDs in the background, making the apps available on the devices in Managed Play. (at least with the EMM API)
Either the app assignment is not quite right, or the app is not compatible with certain devices.
hi,
i want to make an update of my initial post, because there are new findings.
a bit late, but we found out that the app developer used the "same" App Identifier, but case-sensitive, so for example:
App 1: com.android.myapp
App 2: com.Android.MyApp
in my point of view, i was thinking google does not allow this, but also on android itself it's possible to install apps side-by-side with that App Identifier like in my example.
It seems, that "Intune App" which is the controller on COPE Devices is not able to handle case-sensitive App Identifier, while "Company Portal App" on BYOD Devices is able to handle this.
On COPE Devices, App 2 is not visible because (i guess) Intune App is thinking that App exists already. Also interesting finding -> if i set in Intune App 2 as "Uninstall" then App 1 will be uninstalled. If i set in Intune App 2 as "Required" then also App 1 will be installed.
I'm quite sure this is a 100% Microsoft (Intune App) issue, but Microsoft Support is telling me, i need to Contact Google Support, because the App is not visible in "Managed Google Play Store".
My Question now is:
Where and how can i contact Google Support regarding Managed Google Play Store?
Thanks.
Lizzie - Do you have any pointers here on how to get in contact with someone at Google support in cases like this where its related to Managed Google Play and private apps ?
Me and w4lter have had a discussion around this issue over at the Intune subreddit. Im reaching out to some of my Microsoft contacts as well and I will be looking in to reproducing this issue as well.In general i would rather recommend to really use unique bundleIDs also to be sure not creating any kind of conflicts in the background.
I wasn't even aware that the Android package names are case sensitive. I haven't found much documentation on the Internet, e.g. information on the manifest.xml: https://developer.android.com/guide/topics/manifest/manifest-element
In the past, we had apps from external devs that also used capital letters, but different versions were clearly named. (e.g. with numbers at the end) This is definitely an interesting test case. I won't be able to test it in the next two weeks, but I would like to try it out with our UEM.
In any case, I find it strange that the app works with BYOD but not with COPE.
thanks!
so, in my opinion, it should be not a problem to release for example Candy Crush with a new app identifier, for example:
official:
com.king.candycrushsaga
new one:
com.King.CandyCrushSaga
I'm quite sure, that Intune App (COPE/fully managed Devices) are not able to handle those 2 app identifiers afterwards, while Company Portal App (BYOD Devices) is able to handle this.
PS: Intune Admin Portal will find both Apps in Google iFrame. Also releasing both apps to devices will be fine. Just COPE devices will not receive the second app.
Super weird case...
Check the Google Developer Console settings to ensure COPE device support isn’t restricted. Verify the app's visibility settings for corporate-owned devices. Since Intune shows it as available, try re-syncing Managed Play settings
hi, sorry - i have no idea how i could prevent installs on COPE devices. just know how to release an app to a managed google play store.
do you have any screenshot or google guide? thanks.
