Edit

Set up enrollment of Android Enterprise personally-owned work profile devices

  • Article
  • 2 minutes to read

Intune helps you deploy apps and settings to Android Enterprise personally-owned work profile devices to make sure work and personal information are separate. For specific details about Android Enterprise, see Android Enterprise requirements.

To set up Android Enterprise personally-owned work profile management, follow these steps:

  1. Connect your Intune tenant account to your Android Enterprise account.
  2. Specify Android Enterprise work profile enrollment settings. Android Enterprise personally-owned work profiles are supported on only certain Android devices. Any device that supports Android Enterprise personally-owned work profiles also supports Android device administrator management. Intune lets you specify how devices that support work profiles should be managed from within Enrollment Restrictions.
    • Block: All Android devices will be enrolled as Android device administrator devices, unless device administrator enrollment is also blocked. This behavior includes devices that support Android Enterprise personally-owned work profiles.
    • Allow (set by default): All devices that support Android Enterprise personally-owned work profiles are enrolled as personally-owned work profile devices. Any Android device that doesn't support personally-owned work profiles is enrolled as an Android device administrator device, unless device administrator enrollment is blocked.

Note

The default set to Allow is true for new tenants as of July 2019. All previous tenants will experience no change to their Enrollment Restrictions, and will see whatever policies they have set in Enrollment Restrictions. For previous tenants that never had Enrollment Restrictions changes, Block will still be the default for personally-owned work profiles.

  1. Tell your users how to enroll their devices. To enroll, users must be using the primary user account on their device. Enrolling with a secondary user account is not supported.

Devices previously enrolled with Android device administrator can be re-enrolled using personally-owned work profiles. You'll first need to unenroll the device administrator devices. Then you can re-enroll them with personally-owned work profiles.

Note

As an administrator, you can accomplish this remotely using the Retire function. This function can be found in the actions menu after selecting the device from the All Devices blade.

If you're enrolling personally-owned work profile devices by using a Device Enrollment Manager account, there's a limit of 10 devices that can be enrolled per account.

For more information, see Data Intune sends to Google.

Next steps

See also

Configuring and troubleshooting Android Enterprise devices in Microsoft Intune