08/11/2025
Android / Microsoft Intune / What's New in Microsoft Intune

What’s New for Android in Microsoft Intune 2510: October 2025 Highlights

Nicky De Westelinckby Nicky De Westelinck

The Microsoft Intune October 2025 (2510) service release introduces a range of enhancements for Android device management, making it easier than ever for IT administrators to fine-tune policies, streamline enrollment workflows, and enhance device security. From expanded settings in the Android Enterprise catalog to new controls for USB access and private space restrictions, this update empowers organizations to manage Android devices with greater precision and flexibility. In this post, we’ll explore the most impactful Android-specific changes in the 2510 service release and how they can benefit your Microsoft Intune environment.

Before you explore the new additions in Microsoft Intune for your Android Devices, verify and make sure your tenant is on the new 2510 (October 2025) service release.

Go to Tenant Administration | Tenant Status and in the Tenant details tab, check if Service release is on 2510.

Device Enrollment

The Managed Google Play Organization name can now be edited from the Microsoft Intune admin center. By changing the organization name, it will also have an effect on messages shown on enrolled/managed Android Enterprise devices.

Go to Microsoft Intune admin center | Devices | Android | Enrollment | Managed Google Play and choose Change Organization Name.

Settings Catalog

In the Microsoft Intune 2510 Service Release, there are some new Settings available in the Settings Catalog. To create a Configuration Policy with Settings Catalog, you go to Devices | Android | Configuration and choose Create, and New Policy. Choose Android Enterprise as the Platform and Settings Catalog as the Profile type.

Overview

  • Block Wi-Fi Direct: disable devices from connecting directly to each other via Wi-Fi without needing a wireless access point.
  • Hide organization name: hides the organization name on the device’s lockscreen, work profile setup screens.

The above settings apply now to Android Enterprise Corporate-owned devices with a work profile, fully managed, and dedicated devices. The Hide organization name was only supported for corporate-owned devices with a work profile and fully managed devices.

Settings added to the Settings Catalog, which were only available in Templates, All these applies to all Android Enterprise devices.

  • USB Access: Control data transfer via USB by allowing it or disabling it for file transfer or data transfer.
  • Block private space: Preventing users from creating private spaces on the device and making sure all corporate data is stored within the Work profile.
  • Allow copy and paste between work and personal profiles: Enables users to copy and paste text between apps in the work profile and personal profile. Useful for productivity, but may pose a data leakage risk if sensitive information is involved.
  • Allow network escape hatch: Let users temporarily connect to a network during device boot if no suitable network is available. This helps refresh device policies, especially in kiosk or locked-down scenarios.
  • Allow USB storage: Grants access to USB storage devices. Useful for file transfers, but can be restricted to prevent unauthorized data movement.
  • Block access to status bar: Prevents users from pulling down the status bar, hiding notifications, and quick settings. Ideal for kiosk or dedicated devices to reduce distractions and tampering.
  • Block date and time changes: Stops users from manually changing the device’s date and time. Helps maintain consistency for logging, compliance, and scheduled tasks.
  • Block location: Disables location services on the device. Useful for privacy or when location tracking is not needed, but it also disables features like remote device location.
  • Block microphone adjustment: Prevents users from unmuting or adjusting microphone volume. It can be used to enforce audio restrictions in secure environments.
  • Block mounting of external media: Stops users from connecting external storage like SD cards or USB drives. Helps prevent data exfiltration or malware introduction.
  • Block notification windows: Disables pop-up notifications (toasts, alerts, calls). Useful for kiosk mode or focused-use devices where interruptions are undesirable.
  • Block screen capture (work profile-level): Prevents screenshots or screen recordings within the work profile. Protects sensitive corporate data from being captured and shared.
  • Block Wi-Fi setting changes: Stops users from modifying Wi-Fi configurations set by the device owner. Ensures devices stay connected to approved networks only.

Monitoring & Reporting

Enrollment Time Grouping failure reports are now available for Android Enterprise devices in Microsoft Intune. These reports show failures on devices that failed to become members of the specific group during enrollment of Android Enterprise devices (fully managed, corporate-owned work profile, and dedicated devices.

Go to Microsoft Intune admin center | Devices | Monitor, and you’ll get an overview of all available Reports in Microsoft Intune.

INFORMATION: During this writing, I noticed that the Enrollment time grouping failures report wasn’t available in my tenant. So after mentioning it to the IntuneSupport account on X, the one and only Mister MDM (Rudy Ooms) noticed it also and went on an adventure. Thanks to his tips (ReactView), I was able to figure out the correct URL.

You can find the link to the Enrollment time grouping failures report here.

So this was an overview of the “What’s New in Microsoft Intune” in service release 2510 for Android Enterprise devices. If you want to stay up-to-date with new Android Enterprise features in Microsoft Intune, make sure to follow me on my socials and blog posts.

Nicky De Westelinck

Nicky De Westelinck is a Modern Workplace Consultant at Wortell with several years of experience in Microsoft 365. His main focus is Microsoft Intune and Microsoft 365 Administration. He is also a Microsoft Certified Trainer since 2021.

View all posts by Nicky De Westelinck →

You might also like

The Android Tales: A Full Comprehensive Guide on Managing Android devices with Microsoft Intune

Silence the Noise: Configure Quiet Time with Intune for notifications on Android and iOS/iPadOS

Person seated at a wooden desk using a laptop displaying a black-and-white "NO ACCESS" illustration, surrounded by bookshelves, clouds, and a clipboard. The desk holds a coffee cup, potted plant, lamp, pen, and notebooks. A leather couch and patterned rug are visible in the cozy background.

Locking Down Access: How to Block Specific User Groups from signing-in on Microsoft Intune-Managed Devices