VMware Workspace ONE Community
K223
Enthusiast
Enthusiast
‎10-04-2021 06:39 AM
Jump to solution

Android Enterprise Enrollment

I am looking for the proper way to perform an Android device enrollment that would be only corporate owned and not allow for personal container(apps).  I do not want badged work apps and would like to utilize the secure launcher.  This would mimic something of the older Android Legacy shared device configuration, which also performed a data wipe between user's.  I would be utilizing a staging user and a staging org group.  

 

 

 

 

Labels (1)
Labels
0 Kudos
2 Solutions

Accepted Solutions
Paul741
Enthusiast
Enthusiast
‎10-05-2021 03:20 AM
Jump to solution

Well, briefly, that's what I do for that:

- create the user account and associate it to a user group

- set the applications you want to allow and deploy, assign to the group

- create the proper profiles with payloads and the launcher, assign to the user group

- on the device (switched on for the first time or after a device wype), type afw#hub when it asks for the google account. that would start the enterprise enrollement (you will be asked for the user credentials you set before).

View solution in original post

0 Kudos
4 Replies
Noordan
Hot Shot
Hot Shot
‎10-05-2021 02:22 AM
Jump to solution

Hi @K223,

Have you had a look at workspace one launcher?

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/VMwareWorkspaceONELauncher/GUID-AWT-AWL... 

0 Kudos
Paul741
Enthusiast
Enthusiast
‎10-05-2021 03:20 AM
Jump to solution

Well, briefly, that's what I do for that:

- create the user account and associate it to a user group

- set the applications you want to allow and deploy, assign to the group

- create the proper profiles with payloads and the launcher, assign to the user group

- on the device (switched on for the first time or after a device wype), type afw#hub when it asks for the google account. that would start the enterprise enrollement (you will be asked for the user credentials you set before).

0 Kudos
K223
Enthusiast
Enthusiast
‎10-05-2021 04:59 AM
Jump to solution

Thanks for the responses.  I was able to solve this yesterday.  My configuration on the console side was good.  I did settle on Device-Based and Work Managed Device.  Still I was having an issue after enrollment with the two test devices I had on hand.  I would still get badged apps, no launcher and a personal and work environment on the tablet.  Finally after doing a complete factory reset on the tablet, and re enrolled.  The tablet did enroll in a at work for enterprise configuration.  I have a completely managed work tablet and no badged apps, along with the launcher being pushed down.  The launcher is also acting in a shared mode allowing for different accounts to logon.

kaamir
VMware Employee
VMware Employee
‎10-06-2021 10:20 AM
Jump to solution

Just came across this post, I would recommend configuring your console for Work Managed Device mode with Launcher for the use case. By default, if you want to manually enroll the device after factory reset you need to use afw#hub on th e gmail screen but if you want to automate some of the enrollment areas similar to what Apple provides with DEP/ABM you can look at Zero Touch Provisioning or similar implementations on the Android Side. An example would be Samsung's Knox Mobile Enrollment (KME) which can integrate with Workspace One UEM to automate the device onboarding part & save time. Also, check the staging options in the UEM console for some additional options.

AK