What method to go for with Samsung knox devices

@Cohen Definitely go for KME – Android enterprise, though there was an announcement to merge Android zero-touch and KME, I’ve never seen this in production. So it’s the thumbs up for KME.

@Cohen Here are my thoughts:

• Device admin is way too OLD – Google will soon get rid of this one
• Android Enteprises is the new management framework to manage devices in the enterprise, offers two modes to manage personal and company-owned devices
• Google is deprecating many management device admin features with every new release of Android. Will it be entirely scrapped? who knows!
• Enrolling in AE is easy – works fine with just a Google account, no need to buy G suite to use Android Enterprise

Hey @Cohen, thanks for reaching out to us!

Google announced the deprecation of several Device Admin policies with the release of Android 9.0. Since you’re using company-owned Samsung devices running Android 10+, it’s ideal to migrate to Android Enterprise (AE) as fully managed devices (Device Owner) using the Knox Mobile Enrollment (KME) method. With KME, you can enroll devices in bulk, automatically provision devices with required apps, configurations, settings, enforce automatic re-enrollment of devices even if they are wiped or reset, and much more.

In addition, provisioning devices as ‘Device Owner’ will unlock numerous device management features that are not available for device admin enrollments. These features include but are not limited to bypassing Factory Reset Protection (FRP), silent app installations, additional restrictions using the Knox Service Plugin app, enforcing Lock Task mode, and much more.

Here’s how you can set up your devices as Device Owner in Hexnode via Knox Mobile Enrollment (KME):

1. Enroll your organization in the Android Enterprise program on your Hexnode console.
2. On your Knox portal account, create an Android Enterprise MDM profile. Any device enrolled via the Android Enterprise profile will be enrolled as ‘Device Owner’ in the Hexnode console.
3. Next, add your devices to the Knox portal either via your resellers or through the Knox Deployment application.
4. Finally, configure and assign the MDM profile to the devices. The devices will automatically enroll in Hexnode once they’re powered on and connected to a network, delivering an out-of-the-box deployment experience. For devices already enrolled via the legacy device admin method, you’ll have to factory reset the device to migrate to AE.

Have a look at Knox Mobile Enrollment (KME) to know more.

Once you’ve enrolled your devices in Hexnode, you can seamlessly execute a bunch of management tasks over the air. You can remotely configure accounts, distribute apps, secure your network communications and whatnot.

Hope this answers your query.

Cheers!
Jeff Morrison
Hexnode UEM

Wow! That was one good way of explaining these things. I’ll definitely try the transition to the new method and see if things go our way. Anyway thanks for the timely response Jeff.

Hey @Cohen,

Always happy to help.

Free feel to check out our Android Enterprise – Migration Guide if you think that might help in your transition process.

Hope to hear from you again soon,
Jeff Morrison
Hexnode UEM