Setting Up Microsoft Intune with Android for Work
In my previous post I’ve covered Microsoft Intune and Android for Work at a high level to give you an understanding of what it is from Intune standpoint. In this post I will cover the initial setup of Intune to get Android for Work started.
One thing to note is that Android for Work support is currently only available in Intune standalone at the time of writing. I will expect this capability to come to the hybrid MDM with Configuration Manager but it is currently not. If you’ve got Microsoft Intune already running or you’ve just set your Mobile Device Management Authority, you will notice you could manage Android devices almost right away. This is the traditional/conventional method of Android management. To setup Android for Work you will find the Android for Work node on the left pane in the console.
Another thing to remember is that Microsoft Intune only supports Android for Work on devices running Android version 6.0 and above. Although Google officially supports version 5.0 and above but from Microsoft’s standpoint they are only supporting version 6.0 and above based on their internal testing.
Once you click on that you will see that Android for Work is not configured. So you need to click the Configure button to start with the binding with Android for Work.
As soon as you click on the Configure button you will be brought to the Android for Word page in a new tab. There, click SIGN IN.
Here you will be asked to either log in with a google account or create one. This is similar to the Apple ID for your organisation when managing iOS devices. Preferably this account will be accessible to a team in IT and not only just a single individual just in case this employee leaves the organisation. Click Create account if you choose to create a new one.
In this page, fill in all the details to create a new account then click Next Step. Remember not to use a personal email address but rather use a email address accessible by a team in IT e.g. IT@company.com.
Agree to the terms and conditions.
And you’re done. Click Continue to Google Play.
You will be brought to the Android for Work page already signed in to the user you just created. Click GET STARTED.
Here configure you organisation’s details and then click CONFIRM.
Once setup is complete click COMPLETE REGISTRATION.
This is how it looks like after the binding is completed with Android for Work.
You’ve got an option to either manage your Android devices through the conventional method, Android for Work or a combination of the two methods. You basically need to target Android for work to a user group that have a supported device; that Android version 6.0 and above. To target Android for Work to a group of users, ensure you create a security group and synced with Azure AD if you don’t already have it. Choose the third option then click the Modify button.
Select the group that you want to target Android for Work to, click the Add button then click OK.
Now you’ve added a group, click Save. Time to rock and roll with enroling a device with a user account that is a member of that group you just added.