Android Enterprise Self Service QR Code Enrollment
IntroductionAs of Android 10, device administrator management (legacy) is no longer possible due to Google depreciating the usage of this on the OS. Android Enterprise device management is Google's new initiative to allow companies to manage Android devices within the workplace.
In our Recommended Reads, we have two different management modes covered: Android Enterprise Full Device management - https://community.sophos.com/sophos-mobile/f/recommended-reads/132167/sophos-mobile---android-enterprise-full-device-management-enrollment Android Enterprise Work Profile management - https://community.sophos.com/sophos-mobile/f/recommended-reads/132235/sophos-mobile---android-enterprise-work-profile-enrollment
An alternative enrollment method is available for “Android Enterprise Full Device” management where an end-user is able to set up a Self Service Portal account to enroll their mobile device. An External LDAP connection can also be used instead, as a way to associated your users with their respective devices.
Prerequisites
Goals
Set up Self Service Portal accessFrom Sophos Central, ensure that all users that you wish to enroll with SMC have an e-mail address applied to their user entry.Note: If you have enabled "User access" settings, your users may have already received this setup email. An LDAP connection can be used instead of the SSP account, as a means to associate your devices to their respective users.
Create the Android Enterprise Policy and Task bundleCreate the Android Enterprise Full Device policy in the SMC portal, or use an existing one.
Create a Task Bundle to strictly assign the policy
Create the enrollment QR code
Note: The enrollment QR Code will be displayed. You may want to print out this code so that you can post it in the office or send this QR Code to all users via e-mail.
Enroll the device
In Sophos Mobile, the device will be shown as "Android Enterprise #####," which is not very descriptive. I suggest renaming the device to something more easily identifiable using the "Edit" button as shown below.
Thanks for reading. If you have any questions, feel free to post them using the reply button below.