EMM
11 TopicsEnhancing Android Enterprise OS Update Management
Hi, The way the Android API implements OS update management on Android Enterprise devices is not particularly useful for devices with user affinity. Are there any upcoming API changes for EMM solutions like Microsoft Intune? From my experience with the current API: AUTOMATIC – The OS update is installed as soon as it becomes available via OTA, which is not practical for real-time scenarios. WINDOWED – Similar to AUTOMATIC but with the limitation that OS updates can only be installed within a defined maintenance window. This means that if a user needs to update their device due to a software bug fixed in the latest OS version, they may not be able to do so immediately if the maintenance window is set outside working hours. Source: https://support.google.com/work/android/answer/13791272?hl=en#zippy=%2Cmanaging-system-updates-using-system-update-policies Suggested Improvements: Provide an option to control OS updates on BYOD (Work Profile only). I understand that when enrolling a device through Work Profile, only the work container can be managed via EMM. Google may need to reconsider this approach. It would be beneficial to have an approach similar to Apple’s, where EMM admins can manage OS updates (e.g., push specific updates, set deadlines, etc.) through DDM (Declarative Device Management - Source: https://support.apple.com/en-gb/guide/deployment/depc30268577/web ), even on BYOD devices (Device Enrollment) — without requiring supervision like DO (Device Owner mode). I’m aware that Samsung Knox E-FOTA exists, but it is limited to Samsung devices. Expanding this capability to all Android devices (like Google Pixel devices) would greatly improve update management in enterprise environments. BR, Marco11Views0likes0CommentsIssue with G Suite Apps Being Marked as Disabled in Play Store
Hi everyone, We are facing an issue where G Suite apps like Google Sheets, Google Drive, and Google Docs are installed on our managed devices, but when we check them in the Google Play Store, they appear as disabled. In some cases, the apps are randomly disabled, requiring manual re-enabling. We have verified: Google Device Policy settings Apps are approved and allowed in the managed Play Store Despite these checks, the issue persists across multiple devices with G Suite apps. Has anyone else experienced this issue? If so, do you know of any workarounds or if there is an ongoing Google-side issue causing this? For reference, I have attached a screenshot showing the issue. Looking forward to insights from the community! Thanks, Rupesh19Views0likes1CommentHow to allow Android Enterprise Org ID can access opentest (or internal test) version of OEMConfig on Google Play?
We are trying to test OEMConfig with testing track (internal testing or closed testing) before make it public release new version to Google Play. However, the account with Enterprise Org ID is not able to access these versions. The account can only access Google Play App, private Apps. Is there any method to allow us accessing the testing track version apk in order to get the Schema of new version apk in order to submit to devices for configuration change. Attached screenshot show the managed Play iframe. It only show the public version of this app. Thanks Angus15Views0likes1CommentHow to Handle Delisted Apps in Google EMM During or After Device Provisioning?
Hi everyone, We’re facing an issue where managed Android devices get stuck, preventing app installations when an app included in a policy is delisted from the Play Store. For example, we had the package “com.Xplayer” in a device policy, but when calling Products: get, it returned: “googleapi: Error 404: No product was found for the given ID., notFound.” However, this app was available earlier, and despite its removal, using the Devices: update API still updates the policy without any error or warning. Additionally, there’s a possibility that an app is present on the Play Store when it is approved and added to the policy but later gets removed or delisted by Google. This could lead to installation failures and devices getting stuck. Has anyone encountered this before? How can we prevent devices from getting stuck when an app is delisted? Does EMM automatically remove such apps from policies, or do we need to handle it manually by checking each package ID? Is there any way to get notified when an app is removed from the Play Store? Without a proactive mechanism, devices remain in a stuck state, making large-scale device management challenging. Any insights or best practices would be greatly appreciated! Thanks!46Views0likes4CommentsHELP! Enrollment Stuck on Choose Device Category
I need help. When enrolling a device on Intune, we are getting stuck on the Choose Device category page where it does not allow us to press the OK button. We have two vendors supplying us phones and the issue is happening with both vendors (devices are Pixel 8s and 9s). Please help!135Views0likes4CommentsMigration from Airwatch to Android Management API
One of our customers is currently onboarded to Airwatch to manage their devices, but they want to move to our Android Management API (AMA) based device management solution. Is there any support available to silently migrate these devices? Or is the only way to wipe the devices and onboard AMA. I see there is support if we own the custom DPC application. But in this case since its owned by Airwatch its out of our control.41Views0likes1CommentAction Required: Your app is not compliant with Google Play Policies
Hello everyone, We recently received a notification from Google Play stating that our private app, which is only deployed within our organization on professional devices with our MDM, is not compliant with their policies. The message we received is as follows: Action Required: Your app is not compliant with Google Play Policies The funny thing is, we have the same app deployed on another Google Developer account, only the package name is different and this one has not been flagged by Google. We are puzzled by this as our app is only shared on professional devices within our organization. We do not distribute it publicly and we never know if we really need to take action when we receive this type of alert. Has anyone else faced a similar issue? Why would Google Play randomly flag and potentially remove our app? Any insights or advice on how to resolve this would be greatly appreciated. Thank you!124Views0likes5CommentsDeleting and Erasing Device Using the AMA API
When I use the Android Management API to delete a device from an enterprise, the device is deleted but the physical device is not wiped, I can still see that the Physical device is connected to the enterprise from the device it self. The device is in fully managed mood. I want to ask if this is the normal behavior, because I'm expecting that when I delete a device from an enterprise with AMA API, the physical device should be cleared and factory resetted?52Views0likes5CommentsCan't open Samsung tablet default camera from the EMM application.
I have a EMM application where I want to configure the profile with some application like Play Seppo or Zoom. 1. From EMM application I have open a application like zoom or Play seppo 2. Now zoom or Play seppo need default camera [Samsung tablet camera] 3. When try to open camera application throw some error log like below Note: Also I can't open default camera app directly with the package name but others application I can. -> How can I get camera access for EMM application for secondary user and the others application? Error: Sending non-protected broadcast com.samsung.intent.action.MDE_SUGGESTION_NOTIFY from system 1207:system/1000 pkg android Is there any security issue to open camera or how can I use samsung default camera in EMM application ?Solved55Views0likes3Comments(COPE) Hide app in work profile
Hello, I have a small case I'd like to submit to the community for help please. A customer use Mobile Iron, and use Zero Touch to enroll our Android 14 products. In their DPC extras, they enabled the system apps and need to keep that way: "android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED":true, "android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE":{ "workProfileEnabled": true, "quickStart":"true" } Now after the device is enrolled, the Work profile is filled with bunch of apps including unwanted ones like Netflix, Adobe, YT kids, ... From Mobile Iron, they want to hide/disable some apps, using "setApplicationHidden" but it doesn't work. At OEM side, we tested this API with the Test DPC and it works properly. My thinking was that as we are in COPE, and the apps that the customer wants to remove are from the Personal space, then this is not working as the MDM cannot interact with Personal space content. Does this make sense? Are there a way to hide the unwanted apps from the Work profile, despite having "leave all system apps" enabled from the ZT DPC extras? Anyone has any suggestions please? Thanks!165Views3likes13Comments