[Community tips] What to consider when choosing an enterprise mobility management solution?
Hello everyone, I hope you are having a good week. A management solution helps you to set up, secure and manage your devices in your organisation. I see it like a comfy hub for you to ensure that your devices are working as you expect (whatever size your company is). So understandably, one of the biggest decisions when getting started with Android at work is choosing the right EMM (Enterprise Mobility Management) for your needs. There is a solution out there to meet almost every need and use case, and sometimes knowing where to start can be tricky. We are lucky here in the community, that many people have already been through this decision and there is a huge amount of experience. The Solutions Directory is a useful place to explore partners and solution options, but there are also many questions and things to consider beforehand, so this got me thinking it would be great to share community tips/advice around this. What tips would you recommend to someone considering and researching EMMs management solutions? Are there any tips you wish you knew at the beginning? Perhaps you have tips on how best to research the different options? If you are currently going through the process, please do comment too, it would be great to hear from you. Looking forward to hearing from you. Thanks so much, Lizzie
HELP! Enrollment Stuck on Choose Device Category
I need help. When enrolling a device on Intune, we are getting stuck on the Choose Device category page where it does not allow us to press the OK button. We have two vendors supplying us phones and the issue is happening with both vendors (devices are Pixel 8s and 9s). Please help!
(COPE) Hide app in work profile
Hello, I have a small case I'd like to submit to the community for help please. A customer use Mobile Iron, and use Zero Touch to enroll our Android 14 products. In their DPC extras, they enabled the system apps and need to keep that way: "android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED":true, "android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE":{ "workProfileEnabled": true, "quickStart":"true" } Now after the device is enrolled, the Work profile is filled with bunch of apps including unwanted ones like Netflix, Adobe, YT kids, ... From Mobile Iron, they want to hide/disable some apps, using "setApplicationHidden" but it doesn't work. At OEM side, we tested this API with the Test DPC and it works properly. My thinking was that as we are in COPE, and the apps that the customer wants to remove are from the Personal space, then this is not working as the MDM cannot interact with Personal space content. Does this make sense? Are there a way to hide the unwanted apps from the Work profile, despite having "leave all system apps" enabled from the ZT DPC extras? Anyone has any suggestions please? Thanks!ATOK installation Failed in Corporate-owned devices with work profile
Hi, I have enrolled 2 samsung devices to intune using the Corporate-owned devices with work profile and assigned many applications to the devices. However, 1 specific application has failed to install stating the "country or region doesn't support this application." This is strange because in the same tenant I have other samsung devices enrolled as BYOD which is assigned this same application can install. I tried to reach out to intune support and they cannot do anything about this and asked me to raise ticket to google and I don't really know where I can raise the ticket to google regarding. Please help as I have to figure this out and deploy the application. PS: This application is available in the play store for the region and country. So the error message doesn't make sense. Thank you
Unable to add additional owners and administrators to Manage Google Play Store
We recently disconnected our Managed Google Play account from Intune, which was initially set up with a standard Google Account. Now, we are reconnecting Intune to our Managed Google Play account using a Managed Google account that is synchronized with our Entra ID SSO. This means we can sign in with our company domain (@mycompany.com) using our Entra ID password. We are able to enroll our Android phones into Android Enterprise and publish apps to our Managed Google Play store without issues. To ensure redundancy, Google highly recommends creating a secondary owner account in case the primary account is compromised. See Google KB . I'm following the guide on assigning roles in enterprises from the Managed Google Play Help. However, my Play Store account admin screen appears quite limited compared to what I should be seeing. Here’s a screenshot of my current view: Previously, when we used a personal Google account for our Managed Google Play Store, I could invite other users to become owners. This option seems to be missing since we switched to the managed account. Could there be additional permissions in the Google Workspace admin portal that we need to grant to the Managed Google Play account to enable the option to add additional owners?[Community tips] What guidance do you provide with new devices?
Hello everyone, I recently helped a family member set up their new phone (after their old one had a long and fruitful life 😃). It struck me how important it is to help, when needed, to guide someone through using a new device and highlight key features that they may be used to using (and any new ones). This made me think, this is a key area for work devices too and so I thought it might be interesting to hear how we do this across the community. For example, do you provide documentation with step-by-step instructions, guidance on device usage and key information, or assistance when switching device types or operating systems? It would be great to hear any tips you have for supporting colleagues with new devices, plus anything that would make your life easier when creating useful resources. Thanks so much, LizzieEnhancing Android Enterprise OS Update Management
Hi, The way the Android API implements OS update management on Android Enterprise devices is not particularly useful for devices with user affinity. Are there any upcoming API changes for EMM solutions like Microsoft Intune? From my experience with the current API: AUTOMATIC – The OS update is installed as soon as it becomes available via OTA, which is not practical for real-time scenarios. WINDOWED – Similar to AUTOMATIC but with the limitation that OS updates can only be installed within a defined maintenance window. This means that if a user needs to update their device due to a software bug fixed in the latest OS version, they may not be able to do so immediately if the maintenance window is set outside working hours. Source: https://support.google.com/work/android/answer/13791272?hl=en#zippy=%2Cmanaging-system-updates-using-system-update-policies Suggested Improvements: Provide an option to control OS updates on BYOD (Work Profile only). I understand that when enrolling a device through Work Profile, only the work container can be managed via EMM. Google may need to reconsider this approach. It would be beneficial to have an approach similar to Apple’s, where EMM admins can manage OS updates (e.g., push specific updates, set deadlines, etc.) through DDM (Declarative Device Management - Source: https://support.apple.com/en-gb/guide/deployment/depc30268577/web ), even on BYOD devices (Device Enrollment) — without requiring supervision like DO (Device Owner mode). I’m aware that Samsung Knox E-FOTA exists, but it is limited to Samsung devices. Expanding this capability to all Android devices (like Google Pixel devices) would greatly improve update management in enterprise environments. BR, Marco
Action Required: Your app is not compliant with Google Play Policies
Hello everyone, We recently received a notification from Google Play stating that our private app, which is only deployed within our organization on professional devices with our MDM, is not compliant with their policies. The message we received is as follows: Action Required: Your app is not compliant with Google Play Policies The funny thing is, we have the same app deployed on another Google Developer account, only the package name is different and this one has not been flagged by Google. We are puzzled by this as our app is only shared on professional devices within our organization. We do not distribute it publicly and we never know if we really need to take action when we receive this type of alert. Has anyone else faced a similar issue? Why would Google Play randomly flag and potentially remove our app? Any insights or advice on how to resolve this would be greatly appreciated. Thank you!
