Reply To: What method to go for with Samsung knox devices

#10010
Jeff MorrisonJeff Morrison
Moderator

Hey @Cohen, thanks for reaching out to us!

Google announced the deprecation of several Device Admin policies with the release of Android 9.0. Since you’re using company-owned Samsung devices running Android 10+, it’s ideal to migrate to Android Enterprise (AE) as fully managed devices (Device Owner) using the Knox Mobile Enrollment (KME) method. With KME, you can enroll devices in bulk, automatically provision devices with required apps, configurations, settings, enforce automatic re-enrollment of devices even if they are wiped or reset, and much more.

In addition, provisioning devices as ‘Device Owner’ will unlock numerous device management features that are not available for device admin enrollments. These features include but are not limited to bypassing Factory Reset Protection (FRP), silent app installations, additional restrictions using the Knox Service Plugin app, enforcing Lock Task mode, and much more.

Here’s how you can set up your devices as Device Owner in Hexnode via Knox Mobile Enrollment (KME):

  1. Enroll your organization in the Android Enterprise program on your Hexnode console.
  2. On your Knox portal account, create an Android Enterprise MDM profile. Any device enrolled via the Android Enterprise profile will be enrolled as ‘Device Owner’ in the Hexnode console.
  3. Next, add your devices to the Knox portal either via your resellers or through the Knox Deployment application.
  4. Finally, configure and assign the MDM profile to the devices. The devices will automatically enroll in Hexnode once they’re powered on and connected to a network, delivering an out-of-the-box deployment experience. For devices already enrolled via the legacy device admin method, you’ll have to factory reset the device to migrate to AE.

Have a look at Knox Mobile Enrollment (KME) to know more.

Once you’ve enrolled your devices in Hexnode, you can seamlessly execute a bunch of management tasks over the air. You can remotely configure accounts, distribute apps, secure your network communications and whatnot.

Hope this answers your query.

Cheers!
Jeff Morrison
Hexnode UEM