For Android Enterprise

Setup Active Shield Android for Enterprise (Android for Work) using Microsoft Intune.

To setup ActiveShield on Android Enterprise (formerly known as Android for Work), you need to set up some app configuration policies in the Microsoft Intune. Setting up the configurations will automatically enroll the target devices into your BETTER MTD tenant.

Deprecated!

This process is no longer relevant as the configuration is automatically performed upon integration.

A one-touch configuration feature is pending. Once complete, BETTER MTD will setup the appropriate app configurations in Microsoft Intune for the Android Enterprise (Android for Work) environment upon completion of the integration process.

Requirements

A Microsoft Intune subscription.
An Android device managed by Microsoft Intune.

Approve the Managed Google Play Active Shield app

Open a browser and sign in to Microsoft Intune.

Go to Client Apps > Apps.

Click on Add and set App type to Managed Google Play.

Click on Approve and search for Active Shield Enterprise.

Click on Active Shield Enterprise.

Click Approve > Approve > Save.

Click OK then Sync.

Assign the Managed Google Play Active Shield app

Go to Client apps > Apps, then search for Active Shield Enterprise.

Click on Active Shield Enterprise.

Click Assignments.

Click Add group.

Set Assignment type to Required then click Included Groups.

Click Select group to include and select the groups you want to include. Later, we will also assign the group the appropriate app configurations.

Click Select > OK > OK then hit Save.

Create Active Shield app configuration

Go to Client Apps > App configuration policies.

Click on Add and fill out the Name and Description fields.

Set Device enrollment type to Managed devices and set Platform to Android.

Click on Associated app.

Select Active Shield Enterprise and click OK.

Click on Configuration settings.

Select one of the Configuration settings format.

Set Configuration settings format to Use configuration designer.

Click Add.

Select all the Configuration keys and click OK.

Set the fields as follows.

CONFIGURATION KEY

VALUE TYPE

CONFIGURATION VALUE

Device ID

string

User

string

App Server Address

string

https://yourtenant.bettermtd.com

Set the App Server Address to the BETTER MTD tenant URL. For example, if your BETTER MTD Console can be located at mycorp-new.bettermtd.com, set the App Server Address to https://mycorp.bettermtd.com(Note: remove the -new suffix and make sure to include https protocol)

Click Ok and Save.

Set Configuration settings format to Enter JSON data.

Copy-paste the following JSON into the text area.

Active Shield Android Enterprise Configuration JSON

{
    "kind": "androidenterprise#managedConfiguration",
    "productId": "app:com.better.active.shield.enterprise",
    "managedProperty": [
        {
            "key": "better_udid",
            "valueString": "{{AzureADDeviceId}}"
        },
        {
            "key": "better_user",
            "valueString": "{{userprincipalname}}"
        },
        {
            "key": "better_server_url",
            "valueString": "https://yourtenant.bettermtd.com"
        }
    ]
}

Assign Active Shield app configuration

To assign the app configuration to your target group(s), click Assignments.

Click Select groups to include and select the groups you want to include. The group should also have the Managed Google Play Active Shield app assigned to it.

Click Select then Save.