Enroll Android Devices

Enrolling Devices is the first stage in managing a mobile device, this document will explain you in detail about various steps involved in enrolling the device.

    1. Enrolling Devices

    2. Enroll Additional devices for same user

    3. Bulk Enrollment

    4. Enrollment Process on Android devices

    5. Remove Android agent from Mobile Device
      Self Enrollment

    6. FAQs

Follow the steps mentioned below to enroll the devices.

Enrolling Devices

  1. Click  MDM tab on the Desktop Central Console

  2. Under Settings click on Enrollment

  3. Click  Enroll Device and fill in the appropriate information

  4. Domain Name : Choose the Domain Name from the drop down, if you do not have any domain name, select  Default Workgroup

  5. User Name- Enter the user name of the device that needs to be enrolled.

  6. Email address :It is mandatory to  enter the email address of the user who will receive the enrollment request.

  7. Platform: Specify the platform from the drop down menu, as Android.

  8. Owned By : Owner of the device either Corporate or Personal

  9. Click Enroll to enroll the device.

  10. Assign to Group : Specify the group to which the device should be added. If you select an existing group from the drop down, then the newly added device will automatically get all the Apps and profiles which were already distributed to the group. By doing so you can automate the process of imposing the minimum required restrictions and Apps to all the newly added devices.

    If you add a new group name, then a new group will be created and the device will be added to it.

  1. Ensure that you configure your Proxy settings, and the mail server settings, so that you the user can receive the email with the authentication passcode.

End users will receive an email with the  enrollment instructions and the link to enroll the devices. Based on the authentication policy defined for enrollment, users will be receiving the authentication passcode.  Users need to manually install the MDM profile by clicking on the enrollment request. If you use a SAFE device, you will get the android agent that has been exclusively designed for SAFE devices. If you access the download url from any normal android device, then a different agent will be downloaded. All enrolled devices will be listed in the Devices Tab in the Desktop Central MDM console under Groups and Devices.

Enroll Additional devices for same user

You can enroll multiple devices for the same user. In case a user has more than one mobile device that needs to be managed,  you can enroll those devices by following the steps mentioned below;

  1. Click MDM Tab

  2. Under Settings choose Enrollment

  3. Under Enrollment tab choose the User Name to whom you wanted to enroll the additional device

  4. Under Actions click   button

  5. Specify the Platform as iOS or Android

  6. Specify the  Owned By type as Corporate or Personal and click Enroll

The mail to enroll additional device would be sent to the specified user.

Bulk Enrollment

This option facilitates you to enroll many devices at a same time. You can simply create a csv file with the User Name, Domain Name, Email, Platform and Owned by details and upload the same. Multiple entries should be in separate lines. Refer the below mentioned csv file for example,

Sample CSV Format

    USER_NAME,DOMAIN_NAME,EMAIL,PLATFORM,OWNED_BY, GROUP_NAME
    ANDREW,MDM,andrew@desktopcentral.com,android,Personal,Android_Group
    BEN,ZOHOCORP,ben@desktopcentral.com,iOS,Android_Group

 Note :

     1. The CSV file should contain the following fields: User Name, Domain Name, Email, Platform, Owned By and Android Group.
    2. The fields User Name, Email and Platform are mandatory. All the other fields are optional.
    3. The first line of the CSV is the column header and the columns can be in any order.
    4. Blank column values should be comma separated.
    5. If the column value contains comma, it should be specified within quotes.

Follow the steps mentioned below, to enroll devices through Bulk Enrollment.

  1. Click  MDM tab on the Desktop Central Console

  2. Under Settings Click on Enrollment

  3. Click  Bulk Enrollment . A window opens, click Browse to upload the created CSV file and Import the same.

    Enrollment mail will be sent to all the users listed in the csv file.

Enrollment Process on Android devices.

The users, upon receiving the enrollment requests, can enroll their device as mentioned below:

User needs to copy the Server Name, Port Number and passcode given in the email. The following steps will explain you the enrollment process on the android device. If the user's  device is a normal android device, ME MDM App for android devices will be downloaded. If the user's device is a SAFE device, then an android agent that has been exclusively designed for SAFE devices will be downloaded. ME MDM App for SAFE devices has advanced management capabilities unlike normal android devices.

  1. Users will receive a mail for enrollment and will have to click on the link in the email, to start the enrollment process.

  2. Desktop Central will recognizes the device as normal android device  or SAFE device, then the appropriate App will be downloaded.  
    If Desktop Central is unable to identify the device, user will be provided with a link which explains the list of SAFE devices. User can refer to the link and then choose to download the appropriate App.

  3. Users will have to enter the name of the certificate as ME MDM and click OK

  4. App can be downloaded by clicking on Download

  5. Once the download has been successful, user will have to click on the downloaded agent to install it.

  6. After the installation completes, user should open the App.

  7. User needs to provide the One Time password/ Active Directory credentials after opening the App. This depends on the authentication type, if two factor authentication is enabled, then user will have provide both the OTP as well as the AD credentials.

  8. User should accept the terms and conditions by clicking continue

  9. Users need to enable Device Administrator on their mobile device and click Activate

  10. Users can see that the device has been enrolled successfully.

  11. ME MDM App icon will be listed on the mobile device.

  12. By clicking the MDM App icon, MDM App opens and the end user can see the distributed Apps and associated profiles listed here.

Apps that are distributed by Desktop Central will be listed in App Catalog. Profiles that are associated to the devices will be listed under Policies and Restrictions. Device Details will provide the complete information about the device.  

Remove Android agent from the Mobile Devices.


To uninstall the android agent from the end users mobile device, the following steps should be followed on the mobile device:
  1. Go to Settings

  2. Choose Security Settings

  3. Click the Device Administrator

  4. Disable Device administrator

  5. Now, Go to Applications

  6. Click on the MDM agent and click uninstall

Android agent will be successfully uninstalled from the mobile device. Once the android agent is uninstalled from the mobile device, the device will no longer be managed by Desktop Central. All the restrictions that has been imposed using Desktop Central will be removed automatically. Apps that there distributed through Desktop Central will be removed only from SAFE devices. Apps will not be removed from normal android devices. The device should be enrolled again, if it needs to managed again by Desktop Central.

FAQs

  1. What is SAFE?
  2. Which devices are called SAFE devices?
  3. What will happen if an Android agent is installed on a SAFE device?
  4. What will happen if a SAFE agent is installed on a normal android device?
  5. How to Secure Corporate data on mobile devices?

1. What is SAFE?

SAFE stands for Samsung Approved For Enterprise. These are devices manufactured by Samsung and are recommended by them for Enterprises. They are exclusively designed  with options which enables administrators to have advanced control over managing these devices.  

2. Which devices are called SAFE devices?

The following Samsung devices are called as SAFE devices:

For more details refer to the following websites:

  1. http://www.samsung.com/us/business/samsung-for-enterprise/safe-devices.html
  2. https://www.samsungknox.com/en/solutions/knox/technical/knox-supported-devices

 

3. What will happen if an Android agent is installed on a SAFE device?

Android agent will be successfully installed on the mobile device. However you will not have advanced control which is exclusively designed for SAFE devices, the device can be managed as a normal android device.

4.What will happen if a SAFE agent is installed on a normal android device?

You will be able to install the agent successfully, but the device cannot be enrolled. You will not be able to perform any management activity on the device.

5. How to Secure Corporate data on SAFE devices?

You can secure corporate data on mobile devices by applying the following restrictions:

Imposing these restrictions can help you to secure corporate data on mobile devices.

  1.  

     

 

Copyright © 2005-2014, ZOHO Corp. All Rights Reserved.
ManageEngine