Enrollment failing - Could not update Webview
We have reports of devices no longer being able to enroll. Our policy has a FORCE_INSTALL of Android Webview (com.google.android.webview), with a minimum version set to 593815300. Reproduced here with an Acer ACTAB10KB24. If I remove the minimum version requirement, I can enroll the device, and also update the webview to 139.0.7258.158. Why isn't the configuration with minimumVersionCode set working? We have previously enrolled many of these, but from our logs the latest successful enrollment was on the 16th of August (2025).
Activating Device Owner in Android 16
I’m building a parental control app that relies on Device Owner mode. This worked fine on older devices (e.g. Samsung Galaxy S8 running Android 8/9), but it fails on a Pixel 10 Pro running Android 16. Process: I factory reset the Pixel. At the welcome screen, I scan a QR provisioning code. The QR downloads my signed APK, installs it, and should activate it as the Device Owner. Problem: On Android 16, the app is installed but Device Owner is not activated. In Settings > Device Admin, my app is listed, but the toggle is off. My MyDeviceAdminReceiver never fires — I see no provisioning broadcast (PROVISIONING_COMPLETE or PROVISIONING_SUCCESSFUL) and no debug logs. Here is my provisioning json as a starter - juyst in case I am doing something stupid!! { "android.app.extra.PROVISIONING_MODE": "device_owner", "android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME": "com.xxxx.yyyy/.MyDeviceAdminReceiver", "android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION": "https://test.app.com/app-release.apk", "android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_CHECKSUM": "rePWsxWwsW2wycUDiE_hVHSczS3qaJIdk7fnzDMPDV0", "android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED": false, "android.app.extra.PROVISIONING_SHOULD_LAUNCH_RESULT_INTENT": true, "android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE": { "provision_token": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx......." } }[Feedback] App installs: share your experiences & suggestions
Hello everyone, Our team is always interested to hear your insights around the current employee experience on managed Android devices and profiles (Work Profile). One specific area of focus is the application installation experience, particularly for apps installs that happen while the device is in use (not part of initial setup). The installation experience can vary depending on a variety of factors - the device model and Android version, configuration of your EMM’s DPC client, management mode of the device (fully managed vs. Work Profile), the permissions required by the app, the source of installation, permission policies, etc. Based on your setup, it would be fantastic to hear some of your user experiences and what improvements you’d potentially like to see? I know this is an interesting topic for many of you, so I'm looking forward to hearing your thoughts, feedback and having a good conversation. Massive thanks in advance, Lizzie
Managed Google Play API Error
We manage our mobile device through Intune; we also manage multiple tenants. I didn't know when I did this, but I made the mistake of signing into a new tenant with our Managed Google Play account that we use for our main tenant. Still, unaware of my error, I decided to disconnect the Managed Google Play account from the new tenant and create a new Google Play account for them. The new tenant works fine. I'm able to enroll Android devices and manage apps. However, in our main tenant, under Tenant Administration | Tenant Status for Managed Google Play, it shows a warning: Management Service Error. If I try to go to Android Apps to add an app, I get the following message: "It looks like your tenant has been unbound via the Google Play console. To browse Managed Google Play, your Intune account needs to be connected to your Android Enterprise account." But, in Devices | Android | Android Enrollment | Managed Google Play, it shows the account as Setup (with the green check). I'm also unable to create a new Corporate-Owned, Fully-Managed profile. I get an error. I reached out to Microsoft and they say this is a Google issue. I've tried to find ways to contact Google without success. So, we're kind of stuck in the mud. Is there a way to fix this?Paid apps in Managed Google Play store
Has anyone able to purchase (paid) apps in the Managed Google Play store? I assume we still have the following limitation in 2025? "Managed Google Play no longer supports the ability to purchase app licenses. Your organization can still manage the app licenses it already owns. However, it won't be possible to purchase any additional licenses." OP: https://support.google.com/googleplay/work/answer/6150398?hl=en The paid app we're trying to purchase:
Custom app installation with AMAPI
Thanks to the keen eye of jasonbayton for spotting this update in the documentation: https://developers.google.com/android/management/manage-custom-apps The lack of this feature has been a key reason I've avoided any AMAPI based EMM (looking at you Intune!) for fully managed device deployments. This is certainly a welcome enhancement to AMAPI and one that I'm honestly surprised Google delivered on. I think I can finally see the writing on the wall that Custom DPC will eventually now die given that AMAPI is finally catching up. I still need file system push and pull for it to truly be a replacement but this is a major step in the right direction. What are the community thoughts on the matter?
Need explaination of following feature implementation for AER -3.19. Application track management
I have implemented the following feature and I can set application track from my emm console but not understand what to show for validation or how it will further works after set app track info. Thanks in advance.
Not able to restrict personal email from logging into Work GMAIL app for BYOD enrolled devices
I wanted to restrict personal emails (with gmail account) from logging into Work GMAIL app for BYOD enrolled devices. I however want workspace accounts to be able to login. When I set modifyAccountsDisabled to true in AMAPI policy, no account can be added (including workspace account). Same problem happens when I specify com.google for accountTypesWithManagementDisabled - no account can log into GMAIL. Is there any solution to this ? Thanks in advance.Play Store number of downloads counter
Hi all, Just had a question which might seem quite easy, but couldn't find the answer. I wonder how the number of downloads accompanying an application in the Play store compares to the number of downloads not done manually by a user, but downloads based on apps pushed from an EMM. For several applications, I see relatively low numbers of downloads in the Play store. Based on these low numbers, I can practically guarantee that downloads via Managed Google Play are not included here. In itself plausible, but I have not been able to read anywhere in documentation whether or not this is correct, can anyone confirm this. At the same time if MGP downloads do not count towards the number of downloads listed in the Play Store with the app, are MGP downloads counted separately somewhere? Thank you in advance, Tom
