Forum Discussion
Device Owner Provisioning
Not as far as i know of as the enrollment token/id/url or whatever the MDM expects is pointing to the relvant enrollment rule to be used (because in each MDM you can have several).
Otherwise the MDM doesn't know how to proceed forward with the device (which settings to deploy, is it COPE, fully managed or just BYOD, and so on).
You need this always:
"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE":{
"enrollmentId":"IDorURL_used_for_enrollment",
"PROVISIONING_MODE":"MANAGED_PROFILE"
}
Is there any way to move to device owner without enrollment token?
Not as far as i know of as the enrollment token/id/url or whatever the MDM expects is pointing to the relvant enrollment rule to be used (because in each MDM you can have several).
Otherwise the MDM doesn't know how to proceed forward with the device (which settings to deploy, is it COPE, fully managed or just BYOD, and so on).
HI,
To create an Enrollment token using Android Management Api, I am following this method
EnrollmentToken enrollment_token = androidManagement.enterprises().enrollmentTokens().create(enterpriseID, token).execute();
In the above snippet the enterpriseID which I am using is the organization ID which I get in google console, and using it in this format
String enterpriseID =enterprises/{DUOsdy871}.
but with this I am getting the following error
{
"error": {
"code": 401,
"message": "Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.",
"status": "UNAUTHENTICATED",
"details": [
{
"@type": "type.googleapis.com/google.rpc.ErrorInfo",
"reason": "CREDENTIALS_MISSING",
"domain": "googleapis.com",
"metadata": {
"method": "google.android.devicemanagement.v1.DeviceManagementService.ListEnterprises",
"service": "androidmanagement.googleapis.com"
}
}
]
}
}
what OAuth access Token it is expecting.
In Google cloud console I have created an OAuth credentials and downloaded one Json file. How to use it. what login it is expecting. Where am I going wrong? Please guide me.could you please suggest me one online QR generator tool?
And just for your information, the extras are MDM related and can be different. jasonbayton has some nice listing here: https://bayton.org/android/android-enterprise-zero-touch-dpc-extras-collection/#intune
{
"android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME": "com.android.client/com.android.utils.AdminReceiver",
"android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM": "3OEI4RjlEMDA4QjcyOUUyN0U0N0JCQkRDMkVCOERCRTA0MEZDMDA1RjMyNDI1MNg",
"android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION": "https://Android-android-central-1.com/Android-V7.apk",
"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE":{
"com.google.android.apps.work.clouddpc.EXTRA_ENROLLMENT_TOKEN": "{ds4VLNcI5FGVW0PcUVkKoqEbrOyGw_VqEUh1uhgM}"
}
}
Am I using in a correct format? please correct me if I am doing anything wrong here. What all I need to handle in my android application?
Signature checksum: I have encoded my SHA256 value (example: 85:78:B8:F9:D0:08:04:B9:A8:1A:D9) to URL safe using base64encode.
and the enrollment tokent : I generated using AMAPIEnrollmentToken enrollment_token = androidManagement.enterprises().enrollmentTokens().create(enterpriseID, token).execute();
