Enhancing Android Enterprise OS Update Management
Hi, The way the Android API implements OS update management on Android Enterprise devices is not particularly useful for devices with user affinity. Are there any upcoming API changes for EMM solutions like Microsoft Intune? From my experience with the current API: AUTOMATIC – The OS update is installed as soon as it becomes available via OTA, which is not practical for real-time scenarios. WINDOWED – Similar to AUTOMATIC but with the limitation that OS updates can only be installed within a defined maintenance window. This means that if a user needs to update their device due to a software bug fixed in the latest OS version, they may not be able to do so immediately if the maintenance window is set outside working hours. Source: https://support.google.com/work/android/answer/13791272?hl=en#zippy=%2Cmanaging-system-updates-using-system-update-policies Suggested Improvements: Provide an option to control OS updates on BYOD (Work Profile only). I understand that when enrolling a device through Work Profile, only the work container can be managed via EMM. Google may need to reconsider this approach. It would be beneficial to have an approach similar to Apple’s, where EMM admins can manage OS updates (e.g., push specific updates, set deadlines, etc.) through DDM (Declarative Device Management - Source: https://support.apple.com/en-gb/guide/deployment/depc30268577/web ), even on BYOD devices (Device Enrollment) — without requiring supervision like DO (Device Owner mode). I’m aware that Samsung Knox E-FOTA exists, but it is limited to Samsung devices. Expanding this capability to all Android devices (like Google Pixel devices) would greatly improve update management in enterprise environments. BR, Marco
Problem Joining Work Profile From Android Device
I created an enrollment token for an enterprise for work profile, and I ensured that setAllowPersonalUsage("PERSONAL_USAGE_ALLOWED"); was set for the token. How ever when I try to join from my android 11(tecno) and android 14(google pixel 7) device with work profile via the ADP app, I get : Can't add work Profile A work profile can't be added to this Pixel. If you have questions, contact your IT admin. However from my emulator device running Android 15, I could join the enterprise using work profile.
Non-work app in the Work profile
I have a work profile and I have company apps installed from intune. I also have 'personal' apps in the Work profile. These were added by me using the Work profile version of the Google Play store. As a result, I have work and non-work apps co-existing in the Work profile. My question is if my Employer can see those non-work apps and the app data which are in the Work profile?
