|
|
Android Zero Touch Enrollment or Android Zero Touch Provisioning(ZTP), is an enrollment method provided by Google for streamlined and easy deployment of organization-owned devices in bulk. It is an easy and secure out-of-the-box enrollment method whereby the devices gets enrolled with MDM MSP, when activated by downloading the ME MDM app which initiates the enrollment.
You require a Google account(assoicated with your corporate e-mail), to setup the Android Zero Touch Portal. To do that, follow steps below:
You then need to setup the Zero Touch portal, which will facilitate the ZTP. To do that, follow steps below:
| PARAMETER | DESCRIPTION |
| Configurations | You add, modify and delete the MDM MSP configurations here. You can also chose to assign MDM MSP configurations by default, to the devices being added to the account. |
| Devices | You can view the list of devices added to the account, here. You can select devices and assign the created configurations to these devices. Additionally, you can also choose to delete the added devices here. |
| Manage People | You can add, modify and delete the users, who can manage and access the portal, here. |
| Resellers | You can choose to add additional reseller details here |
The device will use this MDM MSP configuration, to initiate zero-touch enrollment. To setup MDM MSP configurations, follow the steps below:
| PARAMETER | DESCRIPTION |
| Name | Provide the name used to refer the created MDM MSP configuration. |
| EMM DPC | Select ME MDM app, from the given list of EMM apps. |
| DPC Extras | Copy the JSON data present under the field JSON Data, available by navigating to Enrollment -> Zero Touch Enrollment(under Android), on the MDM MSP server and paste it here. |
| Company Name | Provide the name of your organization. This will be displayed on the device screen, during the enrollment. |
| Contact E-mail | Provide the your e-mail address or the e-mail address of the IT admin, in your organization. This will be displayed on the device screen, during the enrollment and can be utilized by the devices users to contact the IT admin, in case of any issues with the enrollment. |
| Contact Phone | Provide the contact number of the internal IT team, in your organization. This will be displayed on the device screen, during the enrollment and can be utilized by the devices users to contact the internal IT team, in case of any issues with the enrollment. |
| Custom Message | Provide an optional message specifying details regarding the enrollment, to the users. This will also be displayed on the device screen |
The last step in the portal is to associate the created MDM MSP configuration to the devices. To do that, follow the steps given below:
Click on the ellipsis(three dots) icon present on the right and select Upload batch config updates.Create a CSV based on specifications given here and add it by clicking on Upload. All the devices listed in the CSV, are assigned the specified MDM MSP configuration.
Click on Configurations on the left pane and under Default Configuration, select the configuration, which is to be automatically applied to the added devices. Now, click on Apply, to finish selecting the default configuration.
The CSV file to be uploaded on the portal, should be as specified in the table below:
| COLUMN HEADER | DESCRIPTION | EXAMPLE |
modemtype |
The parameter to be used for identification. The parameter is always IMEI and it should always be in uppercase. |
IMEI |
modemid |
The value corresponding to the specified modemtype parameter, which is always the IMEI number. |
150520043826120 |
| manufacturer | The name of the device maker/manufacturer(Original Equipment Manufacturer: OEM). |
|
| profiletype | The objective of assigning the profile to the device, which in this case is always zero touch enrollment. The parameter is always ZERO_TOUCH and it should always be in uppercase |
ZERO_TOUCH |
| profileid | The ID corresponding to the MDM MSP configuration, to be assigned to the devices. To view the configuration ID, select Configurations from the left pane in the zero touch portal. The number sequence present under ID is the configuration ID for the particular configuration. |
036180 |
The devices get enrolled through zero touch enrollment, either during device activation(in case of new devices) or factory reset(in case of devices in use). Now, you need to assign users to these enrolled device, to complete enrollment. You can additionally add the devices to multiple groups to automate the distribution of profiles, apps and documents to devices. To do that, follow the steps given below:
SERIAL_NUMBER,USER_NAME,DOMAIN_NAME,EMAIL_ADDRESS,GROUP_NAME
C07Q853LG9RM,ANDREW,,andrew@zylker.com,zylker_drivers
NOTE:
You can remove devices from Zero Touch portal, ensuring these devices cannot be enrolled via Zero Touch Enrollment. You can remove the device by unregistering the device from the portal. It is to be noted that once unreigstered, the device can be added back only by the reseller. To temporarily remove the device from ZTP, it is recommended to remove the configuration associated with the device. To unregister a devices, follow the steps given below:
Login here, with the Google account associated with your corporate e-mail, if need be.
Click on the Devices button from the left pane. Select the device you want to unregister.
Click on the Unregister button present against the device, you want ti unregister.
Click on Confirm to unregister the selected device.
|
Click here to know about the ports to be opened for managing mobile devices. |
| See Also: | Device Authentication,Enroll iOS Devices, Enroll KNOX Devices, Enroll Windows Devices, Self Enrollment,Customize ME MDM App |
|
|
