BlackBerry UEM Client for Android known issues
BlackBerry UEM Client
for Android
known issuesIssues that are new in this release are noted with an asterisk (*).
* On devices activated with the Work space only (Android Enterprise ) activation type, the BlackBerry Dynamics Launcher is briefly visible during the conditional access enrollment even though it is not enabled by the administrator. (EMA-18479) |
* When the "Validate end-user installed certificates" IT policy rule is assigned, the UEM Client also tries to validate certificates from the BlackBerry UEM server which are not end-user installed. In some circumstances, if the server certificates are received and validated out of their intended order, the validation is not successful and therefore the certificates are not installed. (EMA-18374) |
* After deactivating a Samsung device that was activated with the MDM controls activation type (with the Samsung Knox option enabled), and you try to reactivate it, a "Unknown error: 4025" error message appears if the administrator had assigned a system certificate that's typically pre-installed on the device (such as DigiCert Global Root CA) prior to activation. (EMA-18302) Workaround : In the device Settings > View security certificates menu, enable the system certificates (such as DigiCert Global Root CA). |
When activating a device in a dark site environment with the Work space only ( Android Enterprise ) activation type, if the device uses the Samsung SVPN application, it does not activate successfully. (EMA-17497) |
On some Samsung devices that were activated on Android 12, the IT policy that is assigned to the device is not correctly applied after upgrading to Android 13. (EMA-17465) Workaround : Reactivate the device. |
If a device that is configured for Entra ID conditional access is removed from the Entra endpoint portal by an administrator, and the device is unregistered from the Microsoft Authenticator app, the user is not prompted to authenticate when they switch back to the BlackBerry UEM Client app. (UES-9561)Workaround : Force close the UEM Client and reopen it, or tap the icon > Settings > Enroll Conditional Access . Follow the instructions on the screen to authenticate the device. |
After upgrading the UEM Client for Android from version 12.40.x to 12.41.x, the "Enroll Conditional Access" option is not immediately available in the BlackBerry Dynamics Launcher settings menu, even though the feature is enabled for the device. (SIS-18326) Workaround : Try again later. It may take several minutes for feature entitlements to be synced to your device. |
You might not be able to use Knox Mobile Enrollment to activate Samsung Galaxy A52 or Samsung Galaxy XCover devices running Android 11. (EMA-17342) |
On some devices, when the "Specify work space password and lock" command is sent to the device, the password is successfully changed but the work space doesn't lock properly. (EMA-16954) |
On Samsung devices running Android 11 activated with the Work space only (Android Enterprise ) activation type, Wi-Fi profiles that are configured with a shared certificate are not saved to the device. (EMA-16909) |
On Samsung devices running Android 12, if the "Send usage and diagnostic data" setting is enabled on the device but your administrator assigned a policy rule to disable it, the "Based on the admin policy set for your phone, the following policy has been withdrawn: Sending of Diagnostic Data." warning message appears. (EMA-16746) |
In dark site environments, on Samsung Galaxy S 20 devices running Android 10 activated with the Work and personal - user privacy or Work and personal - full control (Android Enterprise ) activation types, the VPN profile is not created on the device. (EMA-16739) |
In dark site environments, when activating a Samsung Galaxy S 20 device running Android 11 with the Work and personal - full control (Android Enterprise ) activation type with the premium option enabled, the device activates with the Android Enterprise workspace instead of the Knox workspace. (EMA-16736) |
During activation, the user must set a complex password for the work space even though the IT policy is set to numeric or alphanumeric. (EMA-16254) |
When activating a Samsung Knox device, if the screen times out at the Knox license activation screen, the activation is not successful when you try to continue. (EMA-16046) |
On some European models of Samsung devices running Android 11, the device Welcome screen appears during activation when using the Work and personal - full control (Android Enterprise fully managed device with a work profile) activation type. The device is activated correctly and the user can follow device setup screens. (EMA-16014) |
On some Samsung devices that are activated using the Work and personal - full control (Android Enterprise fully managed device with a work profile) activation type, after upgrading to Android 11, the compliance profile incorrectly restricts apps in the personal space. (EMA-15960) |
On Samsung devices activated with the Work and personal - full control (Android Enterprise fully managed device) non-premium activation type, when an administrator unassigns an app, the app isn’t uninstalled but is instead grayed out and cannot be opened. (EMA-14851)Workaround : On the device, manually uninstall the app. |