Reflexion will be End-of-life on March 31,2023. See Sophos Reflexion EoL FAQs to learn more.
Hi Sophos Community,
yesterday we made a change to our policy which is also beeing used to deploy mail settings company wide for our android devices.
We simply wanted a specific user to be able to add another e-mail account which was initially not possible due to the policy not allowing this to happen.
We use the Samsung E-Mail App for all our Android Devices.
Screenshot1 no changes
Screenshot2 changes
Unfortunately this lead to all mailaccountconfigurations to be deleted of our devices after synchronizing the changes with sophos central.
After realizing these changes we rolled back our configuration in hopes of being able to just add the accounts to those device which had received the changes so far but, we were not able to get any auto enrollment information on the devices again. Weirdly all android devices synchronizing with sophos central kept losing their mailaccount settings too.
We tried using another policy and applied it to one of the device which lost its configuration but this got us the same result no auto configuration possible.
We tried deleting and reinstalling the Samsung Mail App that was also no solution for our problem.
After being discouraged and no solution in sight we proceeded to using a managed configuration for the application.
Screenshot3 managed configuration
With this we had the following issue. Instead of domain\username we just had \username missing the domain in front.
So we tried adding our domain in Screenshot3 using domain\$USERNAME and now we received domain\domain\$USERNAME on our test device.
How can we get this working again? We would appreaciate any insight.
Hi Marc,
Thanks for reaching out to the Sophos Community Forum.
If you are using an Exchange Server, then entering the variable %_USERNAME_% may work.
If you're using Office 365, or if your users are permitted to log in with their UPN, I suggest using the %_EMAILADDRESS_% variable for both Username as well as email address. This is explained further in the following docs page.- Email account configuration (Android device policy)
If you wish to configure multiple email accounts, using the Managed Configuration would be the best way to accomplish this. You can use the $EMAILADDRESS variable for both username and email address as well.
Hi Qoosh,
let me clarify. we use an on premise Exchange Server. So the above step you mentioned we already tried.
For the managed configuration part we would love to try that out but we are not aware of a way to deploy this setting without reconfiguring all previously deployed accounts again. Is there any way we can deploy this custom managed configuration to a single device without affecting all devices already owning a custom configuration of this app.
Thanks in Advance.
Kind Regards
Marc
I'm not currently aware of a way to test the "Managed App" configuration on a small subset of devices outside of creating a free trial for Sophos Central using a new email address to set up Sophos Mobile, which may not be ideal.
If you haven't already, I'd suggest opening a support case in relation to this issue so our team can do further testing on this.
thanks for your reply. We anticipated this already and have opened a support case with sophos.
I will relay any information concerning this issue if we have found a solution to our problem, so that it might help other people.
Marc Dostal