pdf icon
Category Filter

How to enroll Android devices with MDM?

Mobile Device Manager Plus allows organizations to manage commericial and rugged devices. The first step to Android device management is to register the Android device with MDM. Mobile Device Manager Plus provides multiple Android device enrollment methods to meet the varying needs of organizations. Use any of the mentioned Android enrollment methods to enroll devices into MDM. 

Profile Owner and Device Owner

With the advent of Android Enterprise, Android devices support additional configurations and features. Corporate-owned devices can be provisioned as Device Owner, using multiple methods as listed here. Additionally, ManageEngine is recognized by Google as Android Enterprise Gold Partner.

Enrollment using Invitation

This is the fastest way of enrolling mobile devices. As an administrator, you can send emails or SMS, with the Enrollment URL. Users will be able to enroll their mobile devices, only if they receive this email or SMS. Enrollment invitations can be sent to users manually or in bulk. When you use to manually select a user and send invite, then the enrollment URL is valid only to enroll one Android device with MDM. You can also choose to send enrollment invitations to multiple users as bulk enrollment.

    Note:

    Invite enrollment of Samsung devices above Android 11 shall result in Work Profile management. In order to enroll Samsung devices under Device Owner management,use any of the enrollment methods like Knox Mobile Enrollment or EMM enrollment.

Confused about the correct enrollment technique to be used for enrolling devices in your organization? Click here to know what is the most optimal enrollment technique, for your scenario.

Enroll Android Device Individually

The Enrollment URL on the email is specific for a particular user and good only to enroll one Android device. If the user wants to enroll more than one device, then you will have to create multiple enrollment requests to register Android device. Learn more about the steps to enroll Android device with MDM here

Android Device Enrollment in Bulk

This Android enrollment option facilitates you to enroll multiple devices at a same time. You can simply create a csv file with the User Name, Domain Name, Email, Platform and Owned by details and upload the same. Multiple entries should be in separate lines. Learn more about Bulk Enrollment here

Most Suited for:

Most suitable for BYOD

  • When you want to limit the users to whom the enrollment invite should be sent
  • It works good when the users will be knowledgeable to complete the enrollment process by following the instructions which will be sent via email
  • If you wanted to use OTP or Two Factor Authentication for Enrollment

Points to be Noted:

  • Users will have to accept the invitation and initiate the enrollment process within 7 days
  • You will have to follow up with the users to complete the enrollment process
  • Corporate Samsung devices running Android 11.0 or above can not be enrolled using invites

SMS Enrollment for MDM Cloud

The admin can choose to either send out an SMS along with the email or just an SMS to users to enroll their devices.

Mobile Device Manager Plus provides organization free SMS credits to enroll devices. An organization get 20% extra credits on the number of licensed mobile devices. For Example: An organization with 100 devices will have 120 free SMS credits.

Following are a few points to be kept in mind while using SMS enrollment:

  1. Mobile Device Manager Plus integrates with Clickatel and BulkSMS to send out SMS to the users.
  2. Since bulk SMS providers are used, a user might not receive the SMS if they have enabled 'Do not Disturb' for their mobile numbers.
  3. The sender ID differs from country to country and carrier to carrier and hence it is recommended to inform the users that they will be receiving an enrollment SMS to ensure that these SMS are not treated as spam. The sender name varies since some countries block SMS sent from foreign numbers.

Enrollment without Invitation - Self Enrollment

Users do not require an invite from you. All you need to do, is share/publish the self enrollment URL. Using the self enrollment URL, users can enroll their devices, using their Active Directory/Azure credentials. The specified url needs to be accessed from the mobile device, which needs to be enrolled. Users do not have any restriction to enroll more than one device, as long as you have purchased sufficient license count to manage devices. Click here to know more about the Self Enrollment

Most Suited for:

  • If you wanted to use only Active Directory/Azure authentication for enrollment
  • A single user can enroll multiple devices
  • User does not require any invitation or approval for initiating enrollment

Points to be Noted:

  • This will not work for a workgroup set up
  • You will not have a track on the devices/users if the enrollment has failed

Enrollment by Administrator - Using NFC

You can enroll devices using NFC with the ManageEngine NFC Enrollment app. You will have to ensure that the devices support NFC and Wi-Fi is turned on the target device. You should manually configure a admin device and make it as a terminal. You can bump this device with the target devices to initiate the enrollment process. Learn know more about enrolling devices using NFC here

Most Suited for:

  • If you wanted to enroll corporate devices
  • You do not want user intervention

Points to be Noted:

  • This will not work if the device does not support NFC
  • You should have the device physically for bumping the device

Enroll Android Devices with MDM

Follow the steps mentioned below to enroll the devices.

  • On the web console, navigate to Enrollment
  • Click Enroll Device and select Android. Choose either Samsung or Non-Samsung based on your requirement.
  • If you wish to complete the enrollment without any user interaction select By myself under Devices to be enrolled else, select Through User Invites to send an invite to the users to complete the enrollment.
  • User Name- Enter the user name of the device that needs to be enrolled.
  • Email address/ Mobile number- It is mandatory to  enter the email address and/or mobile number of the user who will receive the enrollment request.
  • Owned By- Owner of the device either Corporate or Personal
  • Assign to Group- Specify the group to which the device should be added. If you select an existing group from the drop down, then the newly added device will automatically get all the Apps and profiles which were already distributed to the group. By doing so you can automate the process of imposing the minimum required restrictions and Apps to all the newly added devices.
    If you add a new group name, then a new group will be created and the device will be added to it.
  • Click Enroll to enroll the device.

Ensure that you configure your Proxy settings, and the mail server settings, so that you the user can receive the email with the authentication passcode.

End users will receive an email with the enrollment instructions and the link to enroll the devices. Based on the authentication policy defined for enrollment, users will be receiving the authentication passcode. Users need to manually install the MDM profile by clicking on the enrollment request. ME MDM App (android agent) will be installed on the device. All enrolled devices will be listed in the Devices Tab in the Mobile Device Manager Plus console under Groups and Devices.

Enroll Additional devices for same user

You can enroll multiple devices for the same user. In case a user has more than one mobile device that needs to be managed, you can enroll those devices by following the steps mentioned below;

  • On the web console, navigate to Enrollment
  • Under Devices tab, choose the User Name to whom you wanted to enroll the additional device
  • Under Actions click Enroll Addition Device option.
  • Specify the Platform as Android
  • Specify the Owned By type as Corporate or Personal and click Enroll

The mail to enroll additional device would be sent to the specified user.

Bulk Enrollment

This option facilitates you to enroll multiple devices at a same time. You can simply create a csv file with the User Name, Domain Name, Email, Platform and Owned by details and upload the same. Multiple entries should be in separate lines. Refer the below mentioned csv file for example,

Sample CSV Format

SERIAL_NUMBER,USER_NAME,DOMAIN_NAME,EMAIL_ADDRESS,GROUP_NAME
C07Q853LG9RM,ANDREW,,andrew@zylker.com,zylker_drivers
,BEN,ZOHOCORP,ben@mobiledevicemanagerplus.com,Android,Corporate,Android_Group,

NOTE

  1. The fields Serial Number, User Name, Email Address and Group Name are mandatory. All the other fields are optional. Ensure the specified group name is already created in the MDM server. If values are not provided, default values will be taken.
  2. The default values for various non-mandatory fields are: 
    Domain Name -- MDM
    Owned By -- Corporate
  3. If multiple groups are specified, the group names must be separated with a slash (/)
  4. The first line of the CSV is the column header and the columns can be in any order.
  5. Blank column values should be comma separated.
  6. If the column value contains comma, it should be specified within quotes.

Follow the steps mentioned below, to enroll devices through Bulk Enrollment.

  1. On the web console, navigate to Enrollment
  2. Click on Bulk Enrollment. A window opens, click Browse to upload the created CSV file and Import the same

Enrollment mail will be sent to all the users listed in the csv file.

Enrollment Process on Android devices

The users, upon receiving the enrollment requests, can enroll their device as mentioned below:

User needs to copy the Server Name, Port Number and passcode given in the email. The following steps will explain you the enrollment process on the android device. If the user's device is a normal android device, ME MDM App for android devices will be downloaded. If the user's device is a SAFE device, then an ME MDM App that has been exclusively designed for SAFE devices will be downloaded. ME MDM App for SAFE devices has advanced management capabilities unlike normal android devices.

  • Users will receive a mail for enrollment and will have to click on the link in the email, to start the enrollment process.
  • When Mobile Device Manager Plus recognizes the device as normal android device or SAFE device, the user will be automatically directed to the App's PlayStore page and the appropriate app can be downloaded.
    If Mobile Device Manager Plus is unable to identify the device, user will be provided with a link which explains the list of SAFE devices. User can refer to the link and determine if the device is SAFE or not. On choosing to download the appropriate app, the user will be directed to the App's PlayStore page from which the App can be downloaded.
  • Once the download has been successful, user will have to click on the downloaded app to install it.
  • After the installation completes, user should open the app.
  • User needs to click Cloud/On premises and provide the One Time password or AD/Azure/Zoho account credentials after opening the app. This depends on the authentication type, if two factor authentication is enabled, then user will have provide both the OTP as well as the AD/Azure credentials.
  • User should accept the terms and conditions by clicking continue
  • Users need to enable Device Administrator on their mobile device and click Activate
  • Users can see that the device has been enrolled successfully.
  • ME MDM App icon will be listed on the mobile device.
  • By clicking the MDM App icon, MDM App opens and the end user can see the distributed apps and associated profiles listed here.

In case of enrollment using SMS, the user must perform the following steps

  1. Download the ManageEngine MDM app using the link in the SMS.
  2. Upon downloading the app successfully, click on Enroll via SMS and copy the complete SMS content and paste it in the space provided.
  3. Follow the on-screen instructions to complete enrolling the device.

Apps that are distributed by ME MDM will be listed in App Catalog. Profiles that are associated to the devices will be listed under Policies and Restrictions. Device Details will provide the complete information about the device.

Removing an Enrolled Device

  • On the web console, navigate to Enrollment
  • Click on Devices tab
  • Click Search button and search for the device by using its known properties (user name, device name etc)
  • Click on Action button and select Remove Device
  • In the confirm box that appears, click OK.

Removing the device will remove all the profiles and apps associated with the device. However, ME MDM App in the device will not be removed. Users must manually remove the app if required.

Click here to know about the ports to be opened for managing mobile devices.

Jump To