Android for Work Device Owner mode
Is it possible to get Intune to allow Android for Work to be setup in Device Owner Mode? Possibly with the App and NFC "bump" to setup the config.
This possibly one of the requirement from within the NCSC guidance (https://www.ncsc.gov.uk/guidance/eud-security-guidance-android-6)
Alan Armstrong
shared this idea
Hi, if you caught our announcements at Ignite, we announced that we will support device owner mode for Android fully managed corporate devices. It will preview by end of year. Check out our EMS blog for more info
https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/What-s-New-with-Microsoft-Intune-and-System-Center-Configuration/ba-p/262542
So we’ll call this “started”. :-)
Also, we’ve been supporting Android kiosk mode since July.
16 comments
-
Andrew Dawson
commented
Thanks Cathy,
Will COPE (corporate-owned, personally enabled) also be supported at the same time?
(https://developers.google.com/android/work/terminology#fully_managed_device_with_a_work_profile)
-
dave
commented
Finally, we have been waiting for months!!
-
Mark
commented
It's crazy this still has nothing from MS about development here.
Don't make people pick between Intune and Android... you're probably going to lose.
-
Jason
commented
Somewhat surprised that this isn't a feature that has been developed yet. I suspect that there are still a large number of organisations haven't adopted BYOD and never will.
-
Dan
commented
How do you restrict a end user from removing the MDM profile from an Android device ?
With Apple I use the Enrollment Program which connects my Apple Business Account MDM Server containing all our devices and add a Profile to these devices, one setting being Locked Enrollment.
-
Jeffery Kozera
commented
This is a MUST HAVE for any organization using android.
-
Peke12
commented
This, together with zero-touch enrollment, would be a great improvement for Android devices managed within Intune.
-
Alex Janes
commented
We really need this. It is a much more effective management strategy for our company owned devices.
-
Anders Eklöf
commented
Since Windows Mobile is out of the picture we really need this! We only have company owned devices.
-
paulconaty
commented
Any roadmap on when this is due? It was mentioned as coming in early 2018. This is a critical differentiator for many customers who want to leverage Android Enterprise and is supported by all of the other major EMM solutions
-
Jörgen Nilsson
commented
Yes, we need this!
-
John
commented
Kick it up a notch Microsoft. This needs to be a part of Intune.
We also need system apps support inside the work profile!What happened there? -
Dean Holland
commented
That blog references the legacy device management APIs, not the AfW "work-managed device" and "work profile" APIs.
"Work-managed device" allowed DPCs (such as Intune) to be a device owner, taking ownership of the device through the initialisation process. Other EMMs already support this enrolment method.
https://developers.google.com/android/work/requirements/work-managed-device
-
Andrew Dawson
commented
In December Google announced the continued deprecation of Device Administrator based API's in future Android OS releases. I do not believe this request will get the same number of votes an iOS feature and may not make it into the InTune development cycle's.
Early development in this area will prevent future device redeployment's while providing a more secure and feature rich Android end-user experience.
-
Andrew Dawson
commented
This feature is too important not to include in Intune, most new Android features will come out with Android Enterprise in mind.
-
Stuart Cameron
commented
Lack of this device owner mode is likely pushing us to leave InTune and start using an alternative MDM solution.