This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 15%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESN%3C/text%3E%3C/svg%3E)
Hi Support
I have an enrollment program with these details where i use Company portal as a gateway where the user enforced to login to CP to continue the device enrollment and get company mail,calendar,contactcs installed. All company devices are enrolled in DEP . The issue now is when we start a new iphone up then got frozen already in the wifi settings then getting not respond ... the screen touch stop working and the iPhone being does not respond. I need to restore the iPhone from Itunes to get it work.
Some iPhones freezes in the start of the process and some of them or the most of them freezes after restore from iCloud. Anybody experience the same issue please? is there any solution? or shall i change the settings in the enrollment profile?
@sarmed nazar Thanks for posting in our Q&A.
Currently, there is no person feedback this issue. From your description "when we start a new iphone up then got frozen already in the wifi settings then getting not respond", it seems not directly related to intune. Based on my research, I find that someone has the similar wifi issue posted in Apple Communities.
https://discussions.apple.com/thread/251148120
Note: Non-Microsoft link, just for the reference.
So, it is suggested to contact Apple to get more help.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 34%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMS%3C/text%3E%3C/svg%3E)
Yes, I have seen this issue. This happens when the device does not have internet access (anymore). This can happen if you restart the device during Company portal enrollment or if the device loses internet connection. Your phone will become stuck and you can only reset it with iTunes as you mentioned.
I would suggest to take a look at the internet connection or consider disabling single app mode for Company portal app during DEP enrollment.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(297.6, 61%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERV%3C/text%3E%3C/svg%3E)
Hi Guys
We recently started adding IOS devices into Intune (Automated Device Enrollment Process) and when the user starts the process, they are first asked for a language and then a valid WIFI connection.
After that, the user is forced to enter a pin code (6 digits, we force it) and during this step, the phone literally freezes and cannot be used, the screen stays on the pin code screen and you cannot manually close/reboot the device unless it runs out of battery.
Now the person above states that this issue is because the device has lost its WIFI connection.
But in fact, the phone in enrolled in Intune and i can push out a reboot command and the phone does in fact reboot and allows the user to continue the process and log into the company portal app to complete the process.
I need to find out why it freezes?
Can anyone help?
Thanks Vito
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 46%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESC%3C/text%3E%3C/svg%3E)
Our organization is also currently facing the same issue. We would like to get some support her from Microsoft Product team.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 46%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIA%3C/text%3E%3C/svg%3E)
FIX: Intune Company Portal Enrollment Issue on iOS Devices
Microsoft has already identified the root cause for the freezing issue with Intune Company Portal. Microsoft has already developed and is in the process of validating a potential fix to address this issue.
Any user signing into the Intune Company Portal app on iOS devices operating build 5.2212.0 is impacted. The validation process is completed and now waiting for Apple’s approval to update the company portal app in the Apple store.
Intune Company Portal Freeze Issue on iOS devices during sign in Fig. 2
Root Cause
Intune Company Portal Freezes during enrollment Issue Root cause is explained below. This issue happened after the Intune service update, maybe Intune 2301 version.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 15%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
In our default iOS device profile, we hid a lot of the initial setup options to speed up enrollment. One of them is setting the PIN. We also had it configured to run in single app mode until authentication. We found that if the user doesn't sign in before the lock screen comes back, the phone is bricked until we wipe it through Intune. Our solution was to create a separate profile that does not run in single app mode. That way a user can get back into the phone if it's locked. After the phone gets it's primary user assignment, we reassign it to the default profile. If the primary user doesn't log in to the comp portal for a few days, we lock the phone until they contact us.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 31%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGE%3C/text%3E%3C/svg%3E)
I experienced this issue and did resolve it (without the dual profile as suggested by @MPKRVA but that certainly did help me to my resolution).
Problem
To clarify, the process was working in the same way as the original post described. All VPP was setup and configured as desired (I had purchased InTune Company Portal via Apple Business Manager). After wiping the phone You go through a few screens, ultimately getting to 'This phone is owned by ###' and you must click enrol.
(When wiping, take care not to get caught by Activation Lock if its your first time. Make sure the phone is fully removed from any Apple IDs)
After enrolling and getting to the main screen, it was either right away or after one unlock that the screen and side buttons become unresponsive. You could wake the screen by turning it over and facing it back up but that was it. It was successfully connected as I could find the device in InTune (Devices > iOD/iPadOS), select it and select 'Wipe' to start the process again.
Resolution (with journey)
I created an Enrollment program token profile with 'Run Company Portal in Single App Mode until authentication' (SAM mode) set to 'No' and assigned the device to it. Running the process worked without the lock up but there was no guidance to log into the InTune company portal.
What I did receive is multiple messages trying to get me to sign in to an Apple ID. 'App Installation: Sign in to iTunes to allow ### to manage and install apps'.
I started looking into the App side of InTune and believe I discovered the issue. I don't have the exact screen shot of it now as its fixed however, I had previously tried to add the Intune company portal app as an iOS store app that I would assign.
When you buy and app from the Apple Business Manager, the VPP token connector syncs and the app becomes visible in InTune in iOS/iPadOS app with the type of 'iOS volume purchase program app'. I removed my previous attempt with the type of 'iOS store app' and changed the assignment of the VPP instance of the InTune company portal to be assigned and assigned it to my devices.
After this the process worked as required. I still have several other hoops to get through now, enrollment goes to InTune company portal in SAM mode until signed in, and there is no lock up.
In the below picture.
Apple Books: This is set to uninstall for all but it will do nothing as it was not installed by InTune.
Intune Company Portal and Microsoft Teams: These are assigned to tall devices and do show up on them
Microsoft Word: Is licenced with ABM > VPP but is not assigned to anything so will not show up.
I do hope this is of help.