Forum Discussion
Enable third-party Android mobile management
Hey Android Enterprise community,
I'm trying to understand what the "Enable third-party Android mobile management" checkbox in Google Admin does.
How does this affect situations where multiple Android Enterprises are bound to multiple EMM solutions? Will both Android Enterprise continue working if they are bound to different EMM solutions, even if only one is selected on the screen above?
If I use the Enrollment token link method to provision a device and have no users in my Google Workspace, will switching the EMM provider in the dropdown below the checkbox have any effect?
Also, does Authenticate Using Google affect provisioning if there are no users in Google Workspace?
Thanks,
Marko
Hi markolisica
I've asked our internal team for their advice on your query and here's what they said:
The "Enable third-party Android mobile management” checkbox setting acts as a switch for user-based enrolments.
If enabled, it tells Google to hand off management duties to the third-party EMM selected in the dropdown for users in this Organizational Unit.
If disabled, the Google Endpoint Management acts as the management authority, or the device remains unmanaged.
Answering your second question, both EMM solutions continue to work simultaneously.The dropdown menu determines which EMM is the active provider for user-driven enrollments (like setting up a Work Profile on a personal device) for the specific users in that Organizational Unit. You can have EMM "A" selected for your Sales team and EMM "B" for your IT team by changing this setting at the Organisational Unit level.
You can check more information regarding enrolment here: https://developers.google.com/android/management/provision-deviceAnd if you enable Authenticate Using Google, the device requires a valid Google Workspace user to sign in during the setup wizard.
If you have no users created in your Google Workspace, you will be unable to complete provisioning because the device will be at the login screen waiting for an account that does not exist.
I hope this is helpful - please let us know how you get on and if we can help any further :)
Speak soon,
Emilie
6 Replies
Hi markolisica
I've asked our internal team for their advice on your query and here's what they said:
The "Enable third-party Android mobile management” checkbox setting acts as a switch for user-based enrolments.
If enabled, it tells Google to hand off management duties to the third-party EMM selected in the dropdown for users in this Organizational Unit.
If disabled, the Google Endpoint Management acts as the management authority, or the device remains unmanaged.
Answering your second question, both EMM solutions continue to work simultaneously.The dropdown menu determines which EMM is the active provider for user-driven enrollments (like setting up a Work Profile on a personal device) for the specific users in that Organizational Unit. You can have EMM "A" selected for your Sales team and EMM "B" for your IT team by changing this setting at the Organisational Unit level.
You can check more information regarding enrolment here: https://developers.google.com/android/management/provision-deviceAnd if you enable Authenticate Using Google, the device requires a valid Google Workspace user to sign in during the setup wizard.
If you have no users created in your Google Workspace, you will be unable to complete provisioning because the device will be at the login screen waiting for an account that does not exist.
I hope this is helpful - please let us know how you get on and if we can help any further :)
Speak soon,
Emilie
Hi Emilie_B,
Thank you for the detailed explanation! This is very helpful.
Currently, we provision devices with the enrollment token link method. "Enable third-party Android mobile management” is enabled, and our users get prompted to provide a Google account during enrollment. Google login can be skipped, but we would like to avoid that prompt since we don't use Google Workspace for user management.If I disable Enable third-party Android mobile management and turn off Google Endpoint Management (advanced), will this stop the Google login prompt during enrollment? If I understand this guide correctly, it should be possible. Can you please confirm this?
Thanks,
MarkoHi markolisica
I believe so but, let's check with some of our most experienced members so they can confirm - jasonbayton, Moombas, Michel, Rakib, Alex_Muc, Kris, jeremy could you guys confirm the above-mentioned is the correct way to stop the login prompt during enrolment?
Thanks in advance 😉
I think you should disable the 3rd party Android Device Management as you don’t need this for your use case. Also your MDM can (should) provide enrollment Token for dedicated devices so that you’re not prompt to login during enrollment.
I think when you access the details of your 3rd party EMM on Google workspace you have a toggle to switch the Google sign in on/off
jeremy, thanks for the answer. Google sign-in is toggled off, but it still shows the Google login page (which can be skipped).
Currently, we use managed Google Play Accounts because we skip login. I'm wondering if this account type will be deprecated, since it's documented that Google encourages the use of Managed Google accounts, and managed Google Play Accounts are called "fallback".
Emilie_B I would like an official response regarding the managed Google Play Accounts (fallback), if possible. Are there any plans to deprecate them, requiring us to migrate, similar to what happened with custom DPC when ADP was introduced?
