That's a super impressive figure for 14. Congrats!
I previously mandated support based on SMR status, so on average estates would get to about 3 years old before they were locked out with a 180 day buffer, but obviously if Android 11 units are still getting SMR (they do until Q1 next year), they'd be allowed to connect.
So rather than mandating latest and greatest OS, which I had no justification for (no app or service requirements, or corporate environment restrictions to adhere to), I only ensured they were secure.
We always try to stay on the latest versions available for the devices but also need to ensure all apps are running which also includes the MDM as very often Google is restricting access even for the MDM app (even device is enrolled as fully managed - I really don't understand that! BYOD or COPE could make sense but not for COBO).
So we have mainly A12 and A13. But as we are currently looking foward to exchange devices it will switch to A13/14 i think, but A14 is yet untested as there can be very model specific issues we want to test on relevant models.
I fully agree, especially on fully managed devices i would like to have way better control over new versions available (notification in the MDM that new versions are available, able to block updates until we allow them (the specific update and then following the set update procedure like windowed etc.)).
But in general i don't understand why Google is restricting the MDM apps (on fully managed devices) more and more. This doesnt make sense from an administrator view.
Yes, for BYOD it maybe different and maybe for COPE as well but when i fully manage a device, the MDM should have all permissions needed to set all required settings, allow/disallow updates etc..
Thin of a Stand-PC managed in a company and you don't have access to the registry or filesystem as the admin... doesn'T make sense.
