For Android Enterprise
Setup Active Shield Android for Enterprise (Android for Work) using Microsoft Intune.
To setup ActiveShield on Android Enterprise (formerly known as Android for Work), you need to set up some app configuration policies in the Microsoft Intune. Setting up the configurations will automatically enroll the target devices into your BETTER MTD tenant.
Deprecated!
This process is no longer relevant as the configuration is automatically performed upon integration.
A one-touch configuration feature is pending. Once complete, BETTER MTD will setup the appropriate app configurations in Microsoft Intune for the Android Enterprise (Android for Work) environment upon completion of the integration process.
Requirements
A Microsoft Intune subscription.
An Android device managed by Microsoft Intune.
Approve the Managed Google Play Active Shield app
Open a browser and sign in to Microsoft Intune.
Go to Client Apps
> Apps
.
Click on Add
and set App type
to Managed Google Play
.
Click on Approve
and search for Active Shield Enterprise
.
Click on Active Shield Enterprise
.
Click Approve
> Approve
> Save
.
Click OK
then Sync
.
Assign the Managed Google Play Active Shield app
Go to Client apps
> Apps
, then search for Active Shield Enterprise
.
Click on Active Shield Enterprise
.
Click Assignments
.
Click Add group
.
Set Assignment type
to Required
then click Included Groups
.
Click Select group to include
and select the groups you want to include. Later, we will also assign the group the appropriate app configurations.
Click Select
> OK
> OK
then hit Save
.
Create Active Shield app configuration
Go to Client Apps
> App configuration policies
.
Click on Add
and fill out the Name
and Description
fields.
Set Device enrollment type
to Managed devices
and set Platform
to Android
.
Click on Associated app
.
Select Active Shield Enterprise
and click OK
.
Click on Configuration settings
.
Select one of the Configuration settings format
.
Set Configuration settings format
to Use configuration designer
.
Click Add
.
Select all the Configuration keys and click OK
.
Set the fields as follows.
CONFIGURATION KEY | VALUE TYPE | CONFIGURATION VALUE |
Device ID | string | {{AzureADDeviceId}} |
User | string | {{userprincipalname}} |
App Server Address | string | https://yourtenant.bettermtd.com |
Set the App Server Address
to the BETTER MTD tenant URL. For example, if your BETTER MTD Console can be located at mycorp-new.bettermtd.com
, set the App Server Address
to https://mycorp.bettermtd.com
(Note: remove the -new
suffix and make sure to include https
protocol)
Click Ok
and Save
.
Assign Active Shield app configuration
To assign the app configuration to your target group(s), click Assignments
.
Click Select groups to include
and select the groups you want to include. The group should also have the Managed Google Play Active Shield app assigned to it.
Click Select
then Save
.
Auto grant/deny permissions on behalf of the user [Optional]
SelectPermisssions
.
Click Add
. and select Location access (fine)
& Location access (coarse)
.
Click OK
and set the permissions state
to either Auto-grant
or Auto deny
as per your use-case.
Click OK
and you're done configuring up the permissions.
Last updated