Can not login with Googleworkspace account under ristricting Poersonal google account on Intune
I am considering the introduction of Android Enterprise in my company and am testing the distribution of configuration policies from Intune. The enrollment profile is set to COBO (Android Enterprise corporate owned fully managed). I do not want users to log in with their personal Google accounts, so I want them to log in to apps like Google Meet with the Google Workspace account managed by the company. However, when I set the "Restrict personal accounts" policy in Intune to block, no Google accounts can be added at all. Conversely, if I disable this setting, both personal and Google Workspace accounts can be logged in. Does anyone know a solution to this?
Unable to start AE (Android Enterprise) Enrollment in Microsoft Intune MDM
We are currently using Microsoft Intune Mobile Device management solution to manage Android mobile devices, and these devices are currently enrolled in the mode of Android Device Administrator in Microsoft Intune. Google has deprecated Android device administrator management, continues to remove management capabilities, and no longer provides fixes or improvements. Intune will be ending support for Android device administrator management on devices with access to Google Mobile Services GMS beginning December 31, 2024. Hence, we're trying to setup Android Enterprise method of enrollment in Microsoft Intune. As part of pre-requisites in Intune, it's essential to connect Microsoft Intune account to managed Google play account. As per Microsoft recommendation, we are using Microsoft Entra account to connect to Google Play. After entering the Entra account username & password, authentication is redirecting to Google sign-in page and ending with below error. Someone at ABCD.com domain has already signed up Microsoft Intune Reference Article: https://learn.microsoft.com/en-us/mem/intune/enrollment/connect-intune-android-enterprise#connect-accounts Note: ABCD.com should be referred as domain name registered & verified in Microsoft Entra.
Issue with Web Token in Google Managed Play JavaScript API
Hi everyone, We’re using the Managed Google Play JavaScript API to generate a Web UI by passing the web token obtained from Enterprises.createWebToken. However, we are encountering issues when trying to use the token in the iframe. According to the documentation ( https://developers.google.com/android/work/play/emm-api/managed-play-iframe ) , all pages in the iframe should be enabled by default. But in our case, the expected functionality is not working as intended. Has anyone else facing similar issues with the web token? Are there any known limitations or recent changes that might affect this?
Silent installation of applications on TELPO devices using Android Enterprise
I have an Android application that I want to use on TELPO devices, but in a way that updates are downloaded silently on the device, meaning the user does not have to intervene to update or install an application. I understand that with the configurations offered by Android Enterprise, it is possible to set up a device to allow the actions I require.
requirements for provisioning an app on android 13
I have an app that I designed private for my company .... which gets permissions imei android ID block the use of factory restore unlock OEM unlock lock and unlock screen kiosk mode , and I install it by adb command and work perfect with all devices I have more than 170 devices made in this way and takes a lot of time , I would like to provision my app and placed as device owner through the QR the problem is that I do not know how to do it correctly try many things I saw on the internet , like for example the signed app get the sha256 from the apk and pass it to base64 make the json but I don't understand if I have to configure something else in the app for the provisioning I tried to scan a generated qr with everything correct and it didn't work it says contact your IT support for more information if someone can guide me it would be great, android 12+ a friend sent me some java and kt files for provisioning that worked for him, but for my app it doesn't work. my app has no icon because I need to pass silently and already does but as I say the problem is that I do not know if I am missing a file or a specific configuration I am missing only this and I would be grateful if someone can help complete it or guide me, I saw options like google workspace but I could not modify the block screen to be customized, try with the api google managament android and also does not let you create the company by command then I'm desperate and do not know what to do Thanks for readWidgets on COPE - MS Intune
Hey, Unfortunately there are no settings and/or no chance configure Widgets on COPE in MS Intune. There is specific setting in Intune restrictions config profile to allow/disallow Widgets for BYOD method. Is this problem tied only MS Intune or is this something for Google? Majority of our 10k fleet enrolled as COPE and it's a big gap not having widgets available for Work Apps. Thanks JarmoDebunking 12 Android Enterprise myths
Have you ever heard statements like “Android just isn’t secure” or been asked whether BYOD is too risky for enterprise? These concerns, often based on outdated perceptions, can prevent businesses from fully realizing the benefits of Android Enterprise. So, let’s cut through the noise. Here we’ll address 12 common misconceptions and explore the realities of deploying and managing Android devices in today’s modern workplace. Myth 1: Is Android really less secure? Reality: Always-on security. Android offers proven, multi-layered, proactive security With a zero-trust approach to security, Android operates under the principle of "never trust, always verify." It continuously assesses the security posture of devices and applications, and grants access based on real-time risk assessments. Built-in security at every level includes hardware-level safeguards like verified boot and encryption, software-level protections such as application sandboxing, and proactive threat detection with Google Play Protect. The result is robust defense. Combined with granular control organizations maintain a high level of security while empowering employees with the flexibility of mobile work. Want to dive deeper? Enjoy a cup of tea while you explore our security paper. Myth 2: Android Enterprise is only suitable for large enterprises Reality: Designed for scalability, Android Enterprise can be effectively deployed by businesses of all sizes Android Enterprise offers a range of options to deploy and manage Android devices, so businesses of all sizes can choose the model that best suits their needs and budget. For smaller businesses, BYOD can significantly reduce upfront costs associated with purchasing and managing a fleet of company-owned devices. Plus, the Google Admin console provides a user-friendly interface, simplifying tasks like device provisioning and policy enforcement, making it easier for businesses with limited IT resources to manage their mobile workforce effectively. By offering a range of deployment options, simplified management tools, and cost-effective solutions, Android Enterprise empowers businesses of all sizes to leverage effective device management. Myth 3: BYOD is too risky for enterprise environments Reality: With the right approach, Bring-Your-Own-Device (BYOD) can be a secure and cost-effective strategy Android Work Profile provides a self-contained profile on an Android device that isolates work apps and data from personal apps and data, enabling businesses to safely implement BYOD policies. This secure container safeguards sensitive company data through robust encryption and remote wipe capabilities, even if personal apps are compromised. Work Profile also empowers organizations with enhanced app management capabilities. Businesses can implement approved app lists, ensuring only necessary applications are used for work, without impacting personal app usage. Additionally, they can enforce restrictions on specific app functionalities within the work environment. With these advanced security and management features, Work Profile empowers organizations to securely embrace the flexibility of BYOD. For more detail explore this Work Profile Security on Company Owned Devices paper. Myth 4: Android Enterprise is too complex to implement and manage Reality: Android Enterprise simplifies device management with powerful tools designed for businesses Android Enterprise has significantly simplified management with features like zero-touch enrollment for easy device setup and streamlined policies for controlling work apps and data. Managed Google Play empowers IT administrators with granular control over app distribution and management, ensuring only approved applications are installed on company devices, including tailored company apps. By integrating with leading EMM providers to leverage these tools, businesses can easily customize devices to meet their specific needs, enforce security policies, and manage their mobile workforce efficiently. Myth 5: Android devices are more susceptible to malware Reality: All mobile devices can be targets for malware, but Android has implemented robust security measures to protect against threats Google Play Protect leverages machine learning to proactively detect and combat malware, phishing attacks, and ransomware. It scans apps both before and after installation, even monitoring them for suspicious behavior after download. This proactive approach, combined with regular security updates, provides a robust defense against malicious software, significantly reducing the risk of installing and running harmful apps on Android devices. See for yourself with our Transparency Report. It highlights just how rare downloading potentially harmful applications on an Enterprise device really is. Myth 6: BYOD makes it difficult to achieve a good work-life balance Reality: Android Work Profile allows employees to easily switch between work and personal profiles, enabling them to disconnect from work when they need to By separating work and personal data and apps, Work Profile helps employees maintain a clear boundary between work and personal life, reducing stress and enhancing well-being. Employees can seamlessly switch between the Work Profile, and their personal profile, enjoying a familiar device environment while empowered to toggle off work notifications and fully disconnect for a better work-life balance, increased productivity and employee wellbeing. Myth 7: Android Enterprise is not suitable for highly regulated industries Reality: Android Enterprise provides the robust security and compliance features necessary for highly regulated industries Highly regulated industries require robust mobility management solutions with exceptional flexibility and control. Android Enterprise delivers strong security, powerful device management, and innovative solutions to manage and deploy devices seamlessly across diverse use cases. Continuously evolving to address dynamic compliance requirements, Android 15 introduced enhanced security logging aligned with the latest NIAP regulations. Plus, the Android Management API empowers businesses with the agility to adapt policies and ensure compliance with developing industry regulations and security standards. Discover how Android Enterprise empowers financial services in our customer stories, or explore exactly how we comply with industry standards and Android’s certifications in our security paper. Myth 8: Android is fragmented and updates are slow Reality: Android ensures a smooth and consistent user experience alongside simple and robust management capabilities While Android's open nature has historically presented challenges in terms of device fragmentation and update consistency, this view is outdated. As an open-source platform, Android benefits from rigorous scrutiny by a diverse community, including developers, security researchers, and even government agencies. This constant feedback accelerates security advancements. Initiatives like Project Treble have revolutionized the update process by decoupling core Android components from device-specific software. This allows manufacturers to deliver the latest security patches and feature updates more quickly and efficiently. The Android Enterprise Recommended program prioritizes timely security updates and OS upgrades for participating devices, ensuring a more consistent and secure user experience. More widely, Google releases monthly security updates to the platform, the details of which can be found on the Android Security Bulletin. Recommended EMM partners provide essential tools for managing these device updates, ensuring timely patching to maintain a secure mobile environment. Myth 9: Android devices aren't premium Reality: The Android ecosystem boasts a wide range of devices, from budget-friendly options to high-end flagships that rival the best in the industry Premium Android devices offer cutting-edge features like powerful processors, high-resolution displays, and advanced camera features, and innovative designs for a premium user experience. To ensure a consistent and high-quality experience for businesses, the Android Enterprise Recommended program certifies devices and solutions that meet Google's strict enterprise requirements, giving businesses confidence in their chosen devices. Myth 10: The Play Store is limited Reality: The Google Play Store is a vast marketplace with millions of apps, including a wide range of enterprise-grade solutions. From productivity tools and communication apps to industry-specific solutions, the Play Store offers a diverse range of applications to meet the unique needs of any business. Plus, the Play Store empowers businesses to develop and distribute custom applications. By leveraging Android developer tools, businesses can create tailored solutions and securely distribute them to their employees through Managed Google Play. This effectively creates a custom app store while benefiting from the built-in security and robust infrastructure of Google Play Protect. Myth 11: Android Enterprise devices are separate to regular Android devices Reality: The hardware remains the same Android Enterprise is not a separate operating system. It's a suite of tools that enhances the core Android OS with enterprise-grade features and management capabilities. This means any Android device can leverage Android Enterprise, providing businesses with the flexibility and control to meet their specific mobility requirements while maintaining the familiar Android user experience. Myth 12: You can only use Android Enterprise with Google's products and services Reality: While Google offers a robust suite of productivity and collaboration tools, Android Enterprise is designed to be highly interoperable Android Enterprise is only supported on Play protect certified devices. These devices often come pre-installed with popular Google services like Chrome, Google Play Store, and Google Maps (GMS). However, this does not limit users to Google's ecosystem. Android Enterprise seamlessly integrates with a wide range of third-party enterprise applications and services, including those from Microsoft, Salesforce, and others. This flexibility empowers businesses to choose the best software solutions for their specific needs, regardless of their preferred technology stack. Were you surprised by any of these myths? Have you encountered similar challenges or misconceptions in your own experiences? Let us know in the comments below.Work profile and start intent
If an Android device has work profile (user 10), user 0 have an app can be logged in by a 3rd app which installed in both user 0 and user 10. When i start the app and call 3rd app to login, how can i to start the ResoverActivity with 3rd app in user0 and 3rd app in user 10?
Stop factor data reset after deleting device from android managment device delete api
I have enrolled a fully managed device using the Android Management API. However, when I delete the device from my enterprise using the enterprise.device.delete API, it factory resets the data. I want to preserve the user's data instead of performing a factory reset. I also tried creating a personal use device, but then it didn't allow me to launch an app in KIOSK mode. I want both features: running an app in KIOSK mode and preserving the data when I delete the device. I'm not sure how to achieve this.BYOD AE Work Profile - Samsung Device with Android 12, 13 - Sharing Serial no/IMEI details with Intune MDM
We are observing, Intune started displaying the Serial no's /IMEI's of Samsung Android 12, 13 device and device type is BYOD -> Work Profile. did you see this in your environment? Model affected are SM-A,G,S,G,M SERIES.
