@DoBongSoon Thanks for posting in our Q&A.
Generally, we can deploy policies and apps to any users, the user doesn't need to be the Primary user. If you met this the situation that you said, we need to deal with it on a case-by-case basis to find the cause.
For these questions, I will share you some information that I know:
For Q1&2: Based on my understanding, the primary user can distinguish if the device is a "Shared Device". When there's no primary user assigned, the device is referred to as a "Shared Device".
For Q3: With the limitation resource, I didn't find any information about this.
For Q4: I have done the test in my lab. When I deleted the Primary user account, the Primary user field show none . When I use the account to login the Company Portal app, the action for the device greyed out.
Before:
After:
Hope the above information will help.
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.