Creating an Android Enterprise Device Policy

About this task

Use this procedure to create an Android Enterprise Enrollment Policy.

Important: As of SOTI MobiControl v14.4, all fresh installations of SOTI MobiControl have Android Enterprise selected as the default Android Plus Management style. To continue with this procedure, you need to confirm that either OEM Specific for All Android Devices or OEM Specific for Android 6.0 and Below is selected instead. See Choosing an Android Deployment Typefor instructions.

Procedure

  1. From the main menu, select Policies > Enrollment. The Enrollment Policies view is displayed.
  2. Click New Enrollment Policy. The Enrollment Policy wizard launches.
  3. Select the Android Enterprise platform. The General view is displayed.
  4. On the General view, enter a name and description for the policy. Make the name brief but descriptive, especially if you plan to create multiple enrollment policies.
  5. Select one of the following enterprise binding options:
    OptionDescription
    Managed Select a Managed Enterprise Account from the list or click Manage Accounts to delete accounts or add new ones. See Enterprise Bindings for more information.
    Domain Select a Google Domain from the list or click Manage Accounts to delete accounts or add new ones. See Enterprise Bindings for more information.
    None No enterprise binding is used
  6. Click Next. The Device Type view is displayed.
  7. Select one of the following device types:
    OptionDescription
    Work Managed

    On a Work Managed device, the organization manages the entire device. Apps, data, and settings can all be monitored and controlled through SOTI MobiControl.

    See Android Enterprise Work Managed for details.
    Work Profile

    On a device with a Work Profile, the device is a personal device owned by the device user. This management style is often called BYOD or bring your own device. You can choose to enroll devices via Android Enrollment API (AMAPI). For more information about work profiles, see Android Enterprise Work Profile for details.
    Corporate Personal

    On a Corporate Personal device, the organization manages the entire device but allocates a portion (or 'container') of the device for the personal apps and data of the device user. See Android Enterprise Corporate Personal for details.
  8. Click Next. The Groups view is displayed.
  9. Choose if authentication is required for enrollment. No authentication means that devices are enrolled without user verification. If authentication is required, select one of the following options:
    OptionDescription
    Password Type a single password for use across all devices that enroll with this policy.
    Directory Click Add button to add directory groups . Choose a directory service from the dropdown and use the Search Groups field to find a group. You can add a new directory service connection by clicking Manage Services. From the dropdown menu, choose Directory, Identity Provider or SOTI Identity. See Identity Management for more information. Once the directory group is added, select a device group destination and applicable terms and conditions.
  10. Click Next. The Settings view is displayed.
  11. Select from the available settings then click Finish. The new enrollment policy is created and the Enrollment Policy Info page is displayed. This page lists policy details and device enrollment options. You can also choose how to install the agent on devices; either an available APK file or by downloading an INI file.
  12. Click OK to complete the process.