Android Enterprise
      Back to home
      1. Help Center
      2. Android Enterprise

      How to enroll Android Enterprise: Personally-owned devices with work profile (BYOD)?

      Overview

      This knowledge base article will provide a step by step on how to use personally owned devices with work profiles to manage corporate data and apps on user-owned Android devices. By default, enrollment of personally-owned work profile is enabled by default.

      Setup

      1. By navigating to Microsoft Intune portal, then Enrollment then Android tab then select Device platform restrictions.

      2. Under Enrollment restrictions, select Android restrictions then select Name: All users

      3. Select Properties, then under Platform settings, select Edit.

      4. Under Platform settings, under Personally owned, select Block against Android device administrator. Then select Review + save.



      5. On the Android mobile device, go to Google Play store to install Company Portal. Make sure you are signed into Google Play store. Download Company Portal, then sign In.

      6. Open Company Portal, then sign in with your credentials. Then select Next.

      7. Once logged in, go to Devices tab, then select on your Android device, in this case: My Android.

      8. Click on "This device is not managed"

      9. Select Begin.

      10. Select Continue.

      11. It will begin to setup the "work profile".

      12. Select "Accept & Continue" to set up the work profile.

      13. It will begin with "Setting up your work profile"

      14. Once "Create Work profile" is completed, select Continue to begin setup for Activate work profile.

      15. It will begin to "Registering your device"

      16. Then select Done.

      17. Select Got it.

      18. Now the device is enrolled.

      19. To create a dynamic group for the device, go to All Groups in Microsoft Intune then select New Group then select Membership type as Dynamic device then select Add dynamic query.

      Create dynamic security group

      You can follow this KB: How to create Entra dynamic groups for Android Enterprise enrolments? – Devicie Support Home Go to Step 3.

      Create Device Restriction Policy

      View the following How to create Devicie Configuration profiles for Android Enterprise devices? – Devicie Support Home on how to create Device Restriction Policy for Android Enterprise devices under Device Restriction Policy for Android Enterprise: Personally-Owned Work Profile (BYOD)

       

      Create and assign Managed Home Screen app

      Deploy the applications as per KB article: How to add and assign Managed Google Play store apps for Android Enterprise? where the following applications have been deployed to the device.