All about Microsoft Intune | Android Enterprise

Using offline mode and app access without signing in on Android Enterprise dedicated devices

September 29, 2025 by Peter van der Woude

This week is all about the recently introduced functionalities of offline mode and app access without signing in. Those functionalities are specifically created for Android Enterprise dedicated devices that are enrolled into Microsoft Entra shared device mode and that are using the Managed Home Screen as launcher for other approved apps. Both of these functionalities are focused on scenarios in which the user is required to sign in to the device before the apps on the device can be used. With these functionalities, however, the IT administrator can enable specific apps to be available even when the device is offline, and even before signing in to the device. That makes sure that the user can still be productive when the device is offline, and can …

Blocking Bluetooth on Android devices

July 7, 2025 by Peter van der Woude

This week is all about a new configuration option for corporate-owned Android Enterprise devices. That new configuration option is the ability to block the usage of Bluetooth. There can be many different reasons why organizations might want to block the usage of Bluetooth on (some) Android devices within the environment. That could be simply from a functional perspective to preserve battery and to extend the usage time, but that could also be more from a security perspective to prevent the device from being exploited. For the latter think about unauthorized access, data interception, malware distribution, or even something like bluejacking (sending messages to nearby devices). All pretty good reasons to think about the default availability of Bluetooth on Android devices within the environment. Especially on …

Understanding custom device naming templates for Android devices

May 12, 2025 by Peter van der Woude

This week is about another nice new feature for the enrollment of Android Enterprise corporate-owned devices, and that feature is the ability to use custom device naming templates. Custom device naming templates enable IT administrators to adjust the name of Android Enterprise corporate-owned devices during the enrollment. That provides IT administrators with the ability to adhere naming conventions to their devices and with that organize the devices neatly within the console. That can also make it a whole lot easier to locate devices. This post will focus on the required configurations for using custom device naming templates for Android Enterprise corporate-owned devices. Note: Keep in mind that custom device naming templates will adjust the management name of the device. Introducing custom device naming templates for Android devices …

Understanding enrollment time grouping for Android devices

May 5, 2025 by Peter van der Woude

This week is all about enrollment time grouping for Android devices. More specifically, enrollment time grouping for Android Enterprise corporate-owned devices. The focus of enrollment time grouping for Android devices is exactly the same as for Windows devices; the focus is to speed up app and policy provisioning during the device enrollment. With enrollment time grouping, the IT administrator can add a device to an Entra security group directly during the enrollment of the device. That enables the IT administrator to use that security group for assigning required apps and device configurations. Together that provides a faster delivery of the required apps and device configurations, as the device will be a member of the security group directly after the enrollment. This takes away any delays …

Getting started with the Global Secure Access client for Android

March 31, 2025 by Peter van der Woude

This week is all about getting started with the Global Secure Access client for Android. That makes this post a follow-up on this post about getting started with the Global Secure Access client for Windows of a few months ago. To start with a similar short introduction, Global Secure Access is the Security Service Edge (SSE) solution of Microsoft. Gartner defines SSE as a solution that secures access to the web, cloud services and private applications, regardless of the location of the user or the device they are using or where that application is hosted. Within Global Secure Access, Microsoft introduced Entra Internet Access and Entra Private Access to provide that functionality. Of those products, Entra Internet Access is focused on secured access to Microsoft …

Using a QR code to easily sign in to apps on shared Android devices

March 17, 2025 by Peter van der Woude

This week is all about the new ability to use a QR code to sign in to specific apps on (shared) Android devices. QR code authentication is a new authentication method in Entra that enables frontline workers to sign in to apps on shared devices. That authentication method provides users with the ability use a unique QR code in combination with a PIN to sign in. That eliminates the need for users to enter usernames and passwords, making it a more user-friendly experience on shared devices. On Android devices, QR code sign in is now available for the Managed Home Screen app, the Teams app, and even during the web sign-in. This post will briefly go through the QR code authentication method, directly followed with …

Connecting Microsoft Intune with Managed Google Play – The new and easy way

September 19, 2024September 10, 2024 by Peter van der Woude

This week is all about connecting Microsoft Intune with Managed Google Play. There has been multiple post already on this blog describing all the different management options available to Android devices. The biggest part being focused on Android Enterprise. Not really strange as Android Enterprise is the most common used program by organizations to integrate support for their Android devices into their management solution. That includes Microsoft Intune. The availability of the APIs belonging to Android Enterprise make sure that the management of Android devices can be standardized and contains many configuration capabilities cross vendor. To get that integration between Microsoft Intune and Android Enterprise, it’s important to connect Microsoft Intune with a Managed Google Play account. Creating that connection has never really been a …

Temporarily removing apps and configurations from mobile devices

July 22, 2024July 22, 2024 by Peter van der Woude

This week is all about a new feature that is specifically for mobile devices, and that feature is the ability to remove, reinstall, and re-apply specific configuration policies, configuration profiles, and apps. The best part is that it can be achieved without changing the assignments of those apps and configurations. That can be really useful to help with resolving specific challenges and to quickly restore the productivity of the user. The apps and configurations that were removed will automatically be restored within 8-24 hours. Alternatively, the IT administrator can also manually initiate an action to restore the removed apps and configurations earlier. So, in the end, the focus remains on ensuring that the devices remain consistent with the assigned apps and configurations. This post will …

Staging corporate Android devices

May 27, 2024 by Peter van der Woude

This week is all about the recently ability to stage Android Enterprise devices. That ability enables IT administrators to further prepare devices before actually giving them to the user. In a way, staging Android Enterprise devices is similar to pre-provisioning Windows devices. In other words, a method to prepare the device for the user and to simplify and fasten the user experience to get up-and-running. Before, the IT administrator would generate an enrollment token that could be used by the user to start the enrollment process. The user would then sign in and walk through the guided enrollment process. Now, with the staging ability, the IT administrator still generates an enrollment token, but instead of directly sharing that with the user, it’s used by the …

Remotely locating corporate-owned Android Enterprise devices

February 26, 2024February 26, 2024 by Peter van der Woude

This week is all about remotely locating corporate-owned Android Enterprise devices. More specifically, about the configurations that are related to remotely locating those devices. With one of the latest service updates of Microsoft Intune (2401) a new configuration was introduced to specifically block the location on corporate-owned Android Enterprise devices. That configuration, however, has a direct impact on the ability to locate those devices. Besides that, the availability of remotely locating the device depends on the Android Enterprise deployment method. So, multiple reasons why the ability of remotely locating devices could be unavailable. This post will focus on the available settings related to the location of Android Enterprise devices, followed with the steps to configure those settings. This post will end with the user experience. …

Using offline mode and app access without signing in on Android Enterprise dedicated devices

Like this:

Blocking Bluetooth on Android devices

Like this:

Understanding custom device naming templates for Android devices

Like this:

Understanding enrollment time grouping for Android devices

Like this:

Getting started with the Global Secure Access client for Android

Like this:

Using a QR code to easily sign in to apps on shared Android devices

Like this:

Connecting Microsoft Intune with Managed Google Play – The new and easy way

Like this:

Temporarily removing apps and configurations from mobile devices

Like this:

Staging corporate Android devices

Like this:

Remotely locating corporate-owned Android Enterprise devices

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this: