Open topic with navigation

Kony Management User Guide: Device Enrollment > Device Initiated Enrollment > Android Device initiated Enrollment

Android Device Initiated Enrollment

The entire enrollment is driven on the device, so a user need not leave the enterprise store. If the process is successful, the device is added, and its status changes to enrolled . The enterprise store has Administrator privileges over the device. The EMM server pushes policies and other requirements to the device.

Prerequisites: A device user uses an Android device and the device policy is defined. Your device user credentials must be present in the Active Directory.

To enroll a device, follow these steps:

Authentication

  1. To download the enterprise store from Kony Enterprise App Store, a user must provide the following credentials:
    1. Company name
    2. Active Directory username
    3. Password (Active Directory Password)

    You need to enable cookies while downloading Kony EMM enterprise store.

    You can download an Enterprise store through two ways of authentication:

    • Using Kony Management suite user login credentials
    • Using Kony Fabric Identity Service OAuth 2.0 user login credentials.

    Important: Ensure that pop-ups are enabled in your web browsers. If pop-ups are not enabled, you may not see the log in page.

Server Side Authentication and Verification

  1. The details provided by the user are authenticated.
  2. EMM Server ensures that the device is not enrolled or associated with another user, and is allowed to enroll. Once these checks are complete, the server signals the EMM enterprise store to proceed with theenrollment.

Acceptance of Terms

  1. Once the authentication and verification process is successful, the user views the terms and conditions.
  2. The user must accept the terms specified. If the user does not accept the terms, the enrollment process is aborted, and the device goes into the Terms Not Accepted state.

Activating the Enterprise Store

  1. The user must authorize the application to have adminstrator privileges over the device. The device throws a message with the details of control.
  2. The user can either choose Accept to activate the device or Cancel.
  3. If the user chooses accept, the system displays a confirmation message that the device is successfully enrolled with Kony EMM.

To perform Android Device-Initiated Enrollment, follow these steps:

Prerequisite: A device user uses the device that should be enrolled. The device is an Android device.

  1. Enter the application's URL in the device's browser.

    A log-in page appears.

  2. Enter your log-in credentials. These details are sent to the server along with the device information

    Important: Based on the existence of users in multiple active directories and sources, users need to provide domain and source details for authentication. For more details, refer to Login > Authentication Scenarios.

  3. Click the Install button. The installation starts.

  4. Click the Open button.
    Kony EMM Login page appears.
  5. Enter your credentials in Username and Password fields.

    Note: The device users is required to authenticate themselves through usernames and passwords. These details are sent to the server along with the device information. The details provided by a user are authenticated. EMM Server ensures that the device is not enrolled or associated with other users, and is allowed to enroll. Once the server completes this task, the server signals the agent to proceed with enrollment. If verification fails, the device's status reflects the type of verification failure.

  6. The system verifies the credentials. Once the authentication and verification process is successful, the system displays the terms and conditions.
  7. A user needs to read and accept the terms specified. Click the I Agree button.

    If you do not accept the terms, the enrollmentprocess is aborted. The device goes into the terms not accepted state.

  8. The Active Device Administrator page appears. Click the Activate button.
  9. Installing MDM Profile: The profile advises a user to download and install an application to complete the process. Choosing to progress automatically triggers the download and installation of the MDM Profile.

  10. A success message appears when the installation is complete. When a user wants to get support through the enterprise store, the communication is sent through email option only.

SAFE Enrollment

To activate SAFE on supported devices, the SAFE license must be configured at SAFE Settings. The enterprise store app need not be signed by Samsung.

Once SAFE is license configured, all SAFE-supported enrolled devices will receive a push notification shown below.

  1. Click Enable SAFE. The Privacy Policy screen appears.
    .

  2. Click Confirm. The system displays License Activated message on the device.

Android For Work Settings

When you have a device that supports Android For Work, when you log into the enterprise store, you will receive a notification to create work profile. For more information on Setting Android For Work , see Android For Work Email.

To create a work profile, do the following: 

 

  1. Touch the notification to create work profile. The enterprise store opens.

  2. Navigate to Messages > Actions.
  3. In the Actions page, touch Create. Follow the instructions on the device to create your work profile. When asked for, provide your work username and password.

    Once you have the work profile configured, all work profile apps will have an Android For Work icon to them.

Once you create the work profile, if your Email policy for Android For Work Email is configured, you will receive a notification to download and install the Divide Productivity app.

Navigate to your Messages section and Actions in the enterprise store. Click on Download and Install Divide Productivity.

Google Play for Work store opens.

  1. Touch Store Home.
  2. Search for the Divide Productivity app.
  3. Touch the app to select it, and then touch Install.
  4. Review the requested access permissions and touch Accept.
  5. After the app has installed, touch Open.
  6. When asked if you want to configure Divide for your work domain, touch Yes
  7. Enter your password for your work domain and touch OK
  8. Once the Divide Productivity app is installed, you will get a notification to create Work email.
  9. Follow the instructions on the screen. Work email is configured.

Copyright © 2018 Kony, Inc. All rights reserved.

Open topic with navigation