Knox Mobile Enrollment

Similar documents
Samsung Knox Mobile Enrollment. VMware Workspace ONE UEM 1902

Telenor MDM. Samsung KME Note ( )

Telenor MDM. Samsung KME Note ( )

Telenor MDM v x Zero Touch Enrollment

The following device commands are used most frequently: Lock/Unlock device O - O O. Reset screen password O - O - Factory reset + Initialize SD Card

IT Admin User Guide. Knox Developers App (KDA) User Guide v1.0

The administrator can configure and manage system environment for Knox Manage for efficient operation.

CONTENTS I. DEVICE SETUP II. INSTALLATION III. UNINSTALL RETAIL MODE

Strengths of Knox Manage Kiosk

Sophos Mobile user help. Product version: 7.1

CONTENTS I. DEVICE SETUP II. INSTALLATION III. UNINSTALL RETAIL MODE

Sophos Mobile. user help. product version: 8.6

Trial Guide. June 2018 Samsung Electronics. A new way to control OS version for B2B customers

Sophos Mobile Control Administrator guide. Product version: 5.1

Verizon MDM UEM Unified Endpoint Management

Administrator IT Guide. Samsung Knox Configure Shared Device

McAfee MVISION Mobile AirWatch Integration Guide

Pulse Workspace Appliance. Administration Guide

VMware AirWatch Android Platform Guide

Knox Reseller API Developers Guide v1.4.1

3CX Mobile Device Manager

Table of Contents HOL-1757-MBL-5

Adding mobile applications

VMware AirWatch Integration with Apple School Manager Integrate with Apple's School Manager to automatically enroll devices and manage classes

VMware AirWatch Integration with Apple School Manager Integrate with Apple's School Manager to automatically enroll devices and manage classes

Verizon Mobile Device Enrollment Instructions & Candidate Information Form Samsung KNOX Mobile Enrollment (KME)

INSTALLATION AND SETUP VMware Workspace ONE

McAfee MVISION Mobile IBM MaaS360 Integration Guide

NotifyMDM Device Application User Guide Installation and Configuration for Android

Mobility Manager 9.5. Users Guide

Sophos Central Self Service Portal help

MetaMoJi ClassRoom Administrator s Guide

Lookout Mobile Endpoint Security Console Administrator s Guide

McAfee MVISION Mobile MobileIron Integration Guide

McAfee MVISION Mobile Microsoft Intune Integration Guide

VMware AirWatch Tizen Guide

McAfee MVISION Mobile IBM MaaS360 Integration Guide

Certificate Management

MANAGING ANDROID DEVICES: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

VMware Workspace ONE UEM Integration with Apple School Manager

Application / Document Management. MaaS360 e-learning Portal Course 3

VMware AirWatch Directory Services Guide Integrating your Directory Services

MDM Android Client x - User Guide 7P Mobile Device Management. Doc.Rel: 1.0/

Knox Manage manages the following application types: Internal applications: Applications for internal use

Apple Business Manager Beta Help v1.0

USER MANUAL. SuiteCRM Customer Portal for Joomla TABLE OF CONTENTS. Version: 2.0

SwipeSimple Merchant FAQ

Deploying VMware Workspace ONE Intelligent Hub. October 2018 VMware Workspace ONE

McAfee MVISION Mobile Threat Detection Android App Product Guide

Vodafone Secure Device Manager Administration User Guide

Office 365 Business and Office 365 Pro Plus Deployment Guide V 1.0

Device commands. Device Command. Compliance

VMware AirWatch Chrome OS Platform Guide Managing Chrome OS Devices with AirWatch

Supra ekey 5.0. Quick Guide. Contents. Install the Supra ekey App. Requirements. Steps

2015 Mobiliya. All Rights Reserved Page 2

McAfee Enterprise Mobility Management 12.0 Software

AT&T Business Messaging Account Management

MDM Android Client User Guide 7P Mobile Device Management. Doc.Rel: 1.0/

McAfee MVISION Mobile epo Extension Product Guide

VMware AirWatch Chrome OS Platform Guide Managing Chrome OS Devices with AirWatch

Sophos Mobile. administrator help. product version: 9

Sophos Mobile. administrator help. product version: 9

Link to other configuration guides for information on...

The following tasks must be completed before you begin to configure Exchange.

Adding Users and Enrolling Devices

Adobe Volume Licensing

MDM Android Client x - User Guide 7P Mobile Device Management. Doc.Rel: 1.0/

Endpoint Manager for Mobile Devices Setup Guide

PrinterOn Embedded Agent for Samsung Printers and MFPs. Setup Guide for PrinterOn Hosted

Sony Xperia Configurator Cloud User Instructions

MetaMoJi Share for Business Ver. 3 MetaMoJi Note for Business Ver. 3 Administrator s Guide

VMware AirWatch Google Sync Integration Guide Securing Your Infrastructure

TabPilot Documentation

Agency User Manual. Version 2.0

McAfee MVISION Mobile Citrix XenMobile Integration Guide

Eukleia LMS Tenant administrator guide

VMware PIV-D Manager Deployment Guide

GALAXY S6 QUICK START GUIDE

Workspace ONE Chrome OS Platform Guide. VMware Workspace ONE UEM 1811

Table of Contents. VMware AirWatch: Technology Partner Integration

Sophos Mobile. startup guide. Product Version: 8.1

BlackBerry Account Center and Customer Claim Process Reference Guide Version 1.3

Sophos Mobile Control Super administrator guide. Product version: 3.5

Getting ready to set up. Step 1. Note:

Getting ready to set up. Step 1 Step 2. Note:

Sophos Mobile Control startup guide. Product version: 7

Provisioning Mobile Device Manager in the Control Panel. Admin Guide

Table of Contents HOL-1757-MBL-6

Enterprise Secure Chat. Administrative Portal Users Guide. Revision: 1.1. ESChat_Admin_Portal_Guide.docx SLA Corporation

VMware AirWatch Symbian Platform Guide Deploying and managing Symbian devices

AT&T Work. Mobility Management Enterprise Admin Guide v.2.0

Workspace MDM Management Site Manual

Using Workspace ONE PIV-D Manager. VMware Workspace ONE UEM 1811 VMware Workspace ONE PIV-D Manager

VMware AirWatch: Directory and Certificate Authority

Bulk Certification Verification Guide

USER MANUAL. SuitePort - SuiteCRM Customer Portal for Joomla TABLE OF CONTENTS. Version: 1.1.0

1 Introduction Requirements Architecture Feature List... 4

ios Supervised Devices

Dell OpenManage Mobile Version 1.0 User s Guide

Seqrite Mobile Device Management

Transcription:

Knox Mobile Enrollment SAMSUNG Knox Mobile Enrollment (hereinafter KME) is a service that you can use to install Knox Manage on a large number devices of Android or Android Enterprise s Fully Managed Device and enroll them quickly, easily, and automatically. The devices deployed via KME automatically install and enroll Knox Manage when the user device is connected to Wi-Fi. Even if a KME-enrolled device is factory reset, the Knox Manage is automatically reinstalled and re-enrolled. Preparation The following preparations are necessary to use KME. To learn more about KME, visit the SAMSUNG Knox Portal (https://www.samsungknox.com) or contact SAMSUNG Knox Support. Check if KME is available in your country. For more information, see the list of available countries in the Knox Portal. Prepare a device from the following carrier or reseller to use KME: - A distributor approved by Knox Mobile Enrollment - A dealer sharing IMEI/Serial number directly with SAMSUNG representative Check if the device is a SAMSUNG Galaxy device with Knox 2.4 or higher. Sign up for an account in the Knox Portal. To install Knox Manage via KME, the device must have at least 50% battery. Before you enroll devices using Android Enterprise s Fully Managed Device, make sure that the devices are running on Samsung Galaxy S8 and Android 5.0 (Lollipop) or above. For more information, visit https://www.android.com/enterprise/. Steps for using KME service To configure the device via KME, follow the steps below: 1. Log in to the Knox Portal, and obtain approval for using KME. For more information, see Obtaining approval for using KME. 2. To register the Knox Manage server address and set up an APK link for the Knox Manage application that is installed on the KME device, create an MDM profile. For more information, see Creating a MDM profile. 3. Register KME devices as below: For more information, see Registering KME devices. 120

If the device was purchased from a reseller, then you can check the device information registered on the Reseller Portal directly from the Knox Mobile Enrollment Portal with no additional registration process. If the device was not purchased from a reseller, you can register the device using an app for NFC tagging. For more information, see Registering KME devices using NFC tagging. 4. Check the device s registration in the Knox Mobile Enrollment Portal. For more information, see Viewing or disabling registered KME devices. 5. When a user turns on the KME device and connects to Wi-Fi, Knox Manage is installed and enrolled automatically. 6. Enter a user account information of Knox Manage in KME device and log in. Obtaining approval for using KME In order to use KME, you have logged in to the Knox Portal (https://www.samsungknox.com) and get approval to use KME as follows: 1. Sign in to the Knox Portal with your account and click Dashboard in the upper right corner of the screen. 2. In the Knox Mobile Enrollment section of the Knox solutions area, click GET STARTED. 3. Fill in the required fields and click APPLY. If the application is approved, you receive a welcome email with instructions on how to use Knox Mobile Enrollment. Clicking the link in the email moves you back to the Knox Portal. 4. In the Knox solutions area, click LAUNCH CONSOLE on the Knox Mobile Enrollment to go to the Knox Mobile Enrollment portal. 121

Creating a MDM profile You should create an MDM profile before enrolling a KME device, and add information about the Knox Manage server address, an APK link for the Knox Manage application, the User Agreements, and the Terms of Service. You can create an MDM profile by following the steps below: Creating an MDM profile for Android (Legacy) Creating an MDM profile for Android Enterprise Creating an MDM profile for Android (Legacy) To create a MDM profile for Android Legacy, follow the steps below: 1. In the Knox Device Enrollment Portal, click the MDM Profiles menu. 2. Click ACTION in the upper-right corner of the MDM Profiles screen, and then click Add. 3. In the MDM Server Connection screen, enter the Knox Manage server address in MDM Server URI, and then click CONTINUE. The server addresses for the regions are as follow: Region Asia US EU Domain https://ap01.manage.samsungknox.com https://us01.manage.samsungknox.com https://eu01.manage.samsungknox.com 122

4. In the Add profile details screen, enter the following MDM profile information: Profile Name, Description: Enter the profile name and additional information about the profile. MDM Agent APK: Click ADD MDM APPLICATIONS, and enter the Knox Manage APK link information as following table below, and then click SAVE. The application automatically installed to the device once it is connected to a Wi-Fi network. Region Asia US EU Domain http://installap.manage.samsungknox.com/knoxmanageemmservice.apk http://installus.manage.samsungknox.com/knoxmanageemmservice.apk http://installeu.manage.samsungknox.com/knoxmanageemmservice.apk Custom JSON Data (as defined by MDM): Enter the tenant information which means TenantID and TenantType in JSON format without case sensitive as in {"TenantId":"Coporate Domain", "TenantType":"M"}. The Coporate Domain means your corporate ID which comes after @ during login, and the M means a Multi-tenant. e.g.) If your login ID is sample@test.com, enter as below: {"TenantId":"test.com","TenantType":"M"}. 123

Privacy Policy, EULAs and Terms of Service: Click ADD LEGAL AGREEMENT to add End-User License Agreement, Terms of Service, or other user agreement. Associate a Knox license with this profile: If you wish to enter a Knox license key to activate the Knox license automatically during device enrollment, check Associate a Knox license with this profile. 5. Click SAVE. Creating an MDM profile for Android Enterprise To create a MDM profile for Android Enterprise s Fully Managed Device, follow the steps below: 1. In the Knox Device Enrollment Portal, click the MDM Profiles menu. 2. Click ACTION in the upper-right corner of the MDM Profiles screen, and then click Add. 124

3. In the MDM Server Connection screen, enter the Knox Manage server address in MDM Server URI, and then click CONTINUE. The server addresses for the regions are as follow: Region Asia US EU Domain https://ap01.manage.samsungknox.com https://us01.manage.samsungknox.com https://eu01.manage.samsungknox.com 4. In the Add profile details screen, enter the following MDM profile information: Profile Name, Description: Enter the profile name and additional information about the profile. MDM Agent APK: Click ADD MDM APPLICATIONS, and enter the Knox Manage APK link information as following table below, and then click SAVE. The application automatically installed to the device once it is connected to a Wi-Fi network. Region Asia US EU Domain http://installap.manage.samsungknox.com/knoxmanageemmservice.apk http://installus.manage.samsungknox.com/knoxmanageemmservice.apk http://installeu.manage.samsungknox.com/knoxmanageemmservice.apk a. Check the Enable this app as a Google Device Owner checkbox, and then choose Google Device Owner as the owner of the Knox Manage Agent APK. 125

b. Choose Knox Manage as the vendor in the Supported MDM field. When devices are enrolled using Android Enterprise, any default applications provided by each carrier are uninstalled. c. Check the Leave all system apps enabled checkbox, and then install preloaded applications or system applications that should be installed along with the Knox Manage Agent. If this checkbox is left unchecked, then only the default applications and Knox Manage Agent are installed on user devices. Custom JSON Data (as defined by MDM): Enter the tenant information which means TenantID and TenantType in JSON format without case sensitive as in {"TenantId":"Coporate Domain", "TenantType":"M"}. The Coporate Domain means your corporate ID which comes after @ during login, and the M means a Multi-tenant. e.g.) If your login ID is sample@test.com, enter as below: {"TenantId":"test.com","TenantType":"M","Method":"KME"}. Privacy Policy, EULAs and Terms of Service: Click ADD LEGAL AGREEMENT to add End-User License Agreement, Terms of Service, or other user agreement. 5. Click SAVE. Modifying a MDM profile To modify a MDM profile, follow the steps below: 1. In the Knox Device Enrollment Portal, click the MDM Profiles menu. 2. Select the profile to edit and click ACTION in the upper-right corner and then, click Edit. 126

3. Enter the information you want to modify, and then click SAVE. Note: You cannot change the MDM Server URI once you have created a profile. You have to create a new profile to change the MDM Server URI. Registering KME devices You can enroll devices in the Knox Mobile Enrollment Portal in the two ways specified below. After enrolling devices in the Knox Mobile Enrollment Portal, you need to upload a.csv file. Then, you need to map about all devices and users in the Knox Mobile Enrollment Portal with that on the Knox Manage server at once. For more information, see Mapping device and user information. The reseller must input the device IMEI information in the Reseller Portal for KME device registration. The registered device information can be found in Devices > UPLOADS in the Knox Mobile Enrollment Portal, which includes the reseller s information, the registration date and the number of devices, device IMEI information, and applied profiles. For more information about using the Reseller Portal, see the Knox Reseller Guide in the Knox Portal, https://configure.samsungknox.com/files/samsungresellerguide/content/manage-devices.htm. If the devices were not purchased from approved SAMSUNG resellers, you can use the NFC tagging for individual registration. For more information, see Registering KME devices using NFC tagging. Note: If Knox Manage update is required, KME devices is notified of the update and can be updated by the user. However, if the user doesn't have a Google Play Store account on the device, you can update Knox Manage manually in EMM > Update system app in the Device Command window in the Knox Manage Admin Portal. For more information, see Controlling devices. Registering KME devices using NFC tagging Devices that have not been purchased from the SAMSUNG Electronics-authorized reseller or ones purchased for testing purposes can be enrolled by installing the Knox Deployment application on them and using NFC tagging. Make sure that the user information is registered in the Knox Mobile Enrollment Portal beforehand. To enroll devices in the Knox Mobile Enrollment Portal using the application, follow the steps below: 127

1. Download the Knox Deployment application from the Google Play Store on administrator device and install it. 2. After running the Knox Deployment application, enter your Knox Mobile Enrollment Portal login ID and password, then tap SIGN IN. 3. Tap ENROLL VIA NFC. NFC on the administrator device should be enabled. 4. Tap START and select an MDM profile, and tap NEXT. 5. Tag the user device to the administrator's device. Once the user device registration is completed in the Knox Mobile Enrollment portal by NFC tagging between the administrator device and the user device, the device can be checked in Devices > All DEVICES of the Knox Mobile Enrollment portal. Mapping device and user information You can map information about all devices and users on the Knox Manage server with that in the Knox Mobile Enrollment Portal at once by taking the following steps: Create a.csv file to map information about devices and users. Upload the.csv file so that the information about devices and users can be bulkadded to the Knox Device Enrollment Portal. To create a.csv file, follow the steps below: To learn more, click BULK ACTIONS > BULK CONFIGURE at the bottom of the Knox Mobile Enrollment Portal, and follow the instructions provided in View instructions. 1. In the Knox Device Enrollment Portal, go to Devices > All DEVICES. 2. Click DOWNLOAD ALL DEVICES AS CSV FILE at the bottom of the screen, and then download the kme_devices.csv file or open a new Excel file. 3. Enter the following information in the downloaded kme_devices.csv file: The A, B, and C columns are required columns. Delete the first row, as it is the template's heading, and then enter each device's Device ID, User ID, and Password into the A, B, and C columns, respectively. Then, clear all the other contents in the spreadsheet, and save the file. 128

Device ID: Enter a device's IMEI or Serial Number. You can find them in Settings > Device Information, or on the device's package. User ID: Enter a User ID. This User ID must be added to the Knox Manage Admin Portal in advance. Password: Enter the user's password. 4. After entering all required information about the devices in the Excel file, click File > Save as. Then, choose CSV (Comma delimited) (*.csv) in Save as type, and save it as a.csv file. To upload the.csv file saved in the step above and add it to the Knox Mobile Enrollment Portal, follow the steps below: 1. Click BULK ACTIONS > BULK CONFIGURE > View instructions at the bottom of the Knox Mobile Enrollment Portal. 2. Click GOT IT at the bottom of the Bulk configure instructions screen. 3. Click BROWSE on the Bulk configure screen, and then select the saved.csv file. 129

4. Select the MDM profile that you wish to assign immediately upon registration in the Configure profiles and tags. If you want to assign this MDM profile after the registration, go to Devices > All DEVICES, click Configure in the upper-right corner of the ACTION, and then assign the MDM profile. 5. Once you are done configuring the settings, click SUBMIT. You can find the bulk-added information in Devices > All DEVICES. Entering and editing user information on KME devices To map about a user who needs to install and log in to Knox Manage using KME, follow the steps below: 1. In the Knox Device Enrollment Portal, click the Device Users menu. 2. Click ACTION in the upper-right corner of the Device Users screen, and then click Add user. 3. Enter a User ID and Password, and click Add. 4. To assign an MDM profile to a device, go to Devices > All DEVICES. 5. Click the device to which you want to assign the MDM profile, click ACTIONS in the upper-right corner of the screen, and then click Configure. 130

6. Select the MDM profile. Then, enter the User ID and Password set in Step 3, and click SAVE. To learn how to modify user information on a KME device, follow the steps below: 1. In the Knox Device Enrollment Portal, go to Devices > ALL DEVICES. 2. To modify user information, click USER ID and enter USER ID and Password. Or click IMEI / MEID or Serial number, and enter USER ID and Password in the Device Details window. 3. To use the same User ID and Password for on the all devices, check all devices and click Configure on the upper right-hand corner of the ACTIONS. In the Configure selected devices window, select Overwrite user credentials from the User credentials list, and enter User ID and Password. 4. Click SAVE. Viewing or disabling registered KME devices To view the list of devices registered through KME, follow the steps below: 1. In the Knox Mobile Enrollment Portal, go to Devices > ALL DEVICES. 2. Under All Devices, you see all registered IMEI or serial number. You can also view additional information of devices including device model, MDM profile, and device status. 131

Disabling KME devices To disable a KME device, unenroll the KME device from the Knox Manage Admin Portal and delete the corresponding device information in the Knox Mobile Enrollment Portal. Otherwise, the KME device installation is attempted at every Wi-Fi connection. For more information about how to unenroll the device on the Knox Manage Portal, see Unenrolling devices. To disable the device registered in KME, follow the steps below: 1. In the Knox Mobile Enrollment Portal, go to Devices > ALL DEVICES. 2. Search for the KME device for disabling, select one or all devices, and then click Delete devices on the upper right-hand corner of the ACTIONS. On the Delete Devices window, click DELETE to delete the device from the Knox Mobile Enrollment Portal. To register the device again as a KME device, contact your reseller. 132

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback