Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

How can we improve Microsoft Intune

← Ideas

Android for Work Device Owner mode

Is it possible to get Intune to allow Android for Work to be setup in Device Owner Mode? Possibly with the App and NFC "bump" to setup the config.

This possibly one of the requirement from within the NCSC guidance (https://www.ncsc.gov.uk/guidance/eud-security-guidance-android-6)

297 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • sso
  • facebook
  • google
    Password icon
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close
    You have left! (?) (thinking…)
    Alan Armstrong shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
    started  ·  AdminCathy Moya (Program Manager, Microsoft Intune) responded  · 

    Hi, if you caught our announcements at Ignite, we announced that we will support device owner mode for Android fully managed corporate devices. It will preview by end of year. Check out our EMS blog for more info
    https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/What-s-New-with-Microsoft-Intune-and-System-Center-Configuration/ba-p/262542
    So we’ll call this “started”. :-)

    Also, we’ve been supporting Android kiosk mode since July.

    23 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Forgot password?
      Create a password
      Signed in as (Sign out)
      Close
      Close
      Submitting...
      • Ian commented  ·   ·  Flag as inappropriate

        I turned on my test devices and the apps came straight through. Compliance and config profiles still don't work though. Seems "preview" is very alpha at the moment. Hopefully it gets fixed shortly.

      • Anonymous commented  ·   ·  Flag as inappropriate

        I've had luck with pushing out applications and most device restrictions, however I can't get the device to prompt for a password. It does lock it down, so that if you go into settings, it will only let you set a password of the complexity that you have set. However it does not prompt you to set a password when there is none, suspect this is down to no compliance policies being pushed out yet.
        Looking very promising so far though.

      • Ian commented  ·   ·  Flag as inappropriate

        Well, live it may be and you can enroll, but no apps or policies will push out.

      • Jon T commented  ·   ·  Flag as inappropriate

        Owner has been supported for a while to a degree where you can use it with Samsung Knox. Intune manages via Google DPC.

      • Mike Shakespeare commented  ·   ·  Flag as inappropriate

        Any update to when this will be available? It has been a feature on almost every other EMM for years now, currently this is stopping my company from moving across to InTune, if it's not in soon we will abandon InTune as a viable EMM and I am sure many others will do the same.

      • Mark commented  ·   ·  Flag as inappropriate

        It's crazy this still has nothing from MS about development here.

        Don't make people pick between Intune and Android... you're probably going to lose.

      • Jason commented  ·   ·  Flag as inappropriate

        Somewhat surprised that this isn't a feature that has been developed yet. I suspect that there are still a large number of organisations haven't adopted BYOD and never will.

      • Dan commented  ·   ·  Flag as inappropriate

        How do you restrict a end user from removing the MDM profile from an Android device ?

        With Apple I use the Enrollment Program which connects my Apple Business Account MDM Server containing all our devices and add a Profile to these devices, one setting being Locked Enrollment.

      • Peke12 commented  ·   ·  Flag as inappropriate

        This, together with zero-touch enrollment, would be a great improvement for Android devices managed within Intune.

      • Alex Janes commented  ·   ·  Flag as inappropriate

        We really need this. It is a much more effective management strategy for our company owned devices.

      • Anders Eklöf commented  ·   ·  Flag as inappropriate

        Since Windows Mobile is out of the picture we really need this! We only have company owned devices.

      • paulconaty commented  ·   ·  Flag as inappropriate

        Any roadmap on when this is due? It was mentioned as coming in early 2018. This is a critical differentiator for many customers who want to leverage Android Enterprise and is supported by all of the other major EMM solutions

      • John commented  ·   ·  Flag as inappropriate

        Kick it up a notch Microsoft. This needs to be a part of Intune.
        We also need system apps support inside the work profile!What happened there?

      • Dean Holland commented  ·   ·  Flag as inappropriate

        That blog references the legacy device management APIs, not the AfW "work-managed device" and "work profile" APIs.

        "Work-managed device" allowed DPCs (such as Intune) to be a device owner, taking ownership of the device through the initialisation process. Other EMMs already support this enrolment method.

        https://developers.google.com/android/work/requirements/work-managed-device

      ← Previous 1

      Ideas: Android-specfiic

      Feedback and Knowledge Base

      (thinking…)