Android Enterprise zero-touch DPC extras collection

DPC extras can be used to associate Android Enterprise fully managed (work-managed) devices with a particular EMM/UEM platform during provisioning. 

The following examples offer a complete DPC extra snippet that can be copied and pasted into the zero-touch configuration. The items in bold will need to be edited to suit your environment, though, otherwise the zero-touch enrolment process will fail.

Editing ADMIN EXTRAS BUNDLE

To be of value, the ADMIN_EXTRAS_BUNDLE should ideally at least include the server URL or identifier (where appropriate), however lines for username, password, and more can optionally be omitted to allow the config to remain generic.

JSON doesn’t leave room for error – the last line within ADMIN_EXTRAS_BUNDLE must not have a trailing comma “,”. See “user” in the MobileIron config has a comma, but “quickstart” does not? If you remove “quickstart”, you’d need to remove the comma from “user” as it then becomes the last line, otherwise it could throw up an error.

Usernames & passwords

Unless the username and password are stipulated for the purpose of staging, they should not be included at all due to the potential security risks associated. If an IMEI not belonging to an organisation is mistakenly added (typo, miscommunication, human error), the device will be able to enrol automatically and potentially gain access to corporate resources.

MobileIron

{
"android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED":true/false,
"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE":{
"server":"your.server.com",
"user":"user",
"quickStart":true/false
}
}

AirWatch / Workspace One UEM

{
"android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED":true/false,
"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE":{
"serverurl":"your.server.com",
"gid":"yourGroupID",
"un":"staginguser",
"pw":"example"
}
}

SOTI

{
"android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED":true/false,
"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE":{
"enrollmentId":"EnrollmentID"
}
}

MaaS360

{
"android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED":true/false,
"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE":{
"enrollment_corp_id”:”CorporateID”,
”enrollment_account_type":"userAccount",
"enrollment_domain":"domain",
"enrollment_username”:”staginguser”,
"enrollment_email":"emailaddress@email.com",
"enrollment_password”:”example”,
"enrollment_ownership":"Corporate Owned"
}
}

Codeproof EMM

{
"android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED":true/false,
"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE":{
"displayname":"devicename",
"userid":"staginguser".
"password":"example"
}
}

Intune

{
"android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED":true/false,
"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE":{
"com.google.android.apps.work.clouddpc.EXTRA_ENROLLMENT_TOKEN": "YourEnrollmentToken" 
}
}

Miradore

{ 
"android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED":true/false,
"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE": {
"RegistrationKey": "REGISTRATIONKEY",
"EnrollmentKey": "ENROLLMENTKEY",
"SiteIdentifier": "SITEIDENTIFIER"
}
}

BlackBerry UEM

{ 
"android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED":true/false,
"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE": {
"URL":"SERVERURL",
"CACFPrint":"CHECKWITHBB", 
"stc":"CHECKWITHBB", 
"Username":"USERNAME"
}
}

FAMOC

{
"android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED":true/false,
"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE": {
"fqdn":"your.server.com",
"bootstrap_key":"yourIndividualKey"
}
}

mySync

{ 
"android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED":true/false,
"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE": {
"serviceUrl": "https://server.host.name.here/rest/api",
"installationCode": "ten-character-code"
}
}

XenMobile

{ 
"android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED":true/false,
"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE": {
"serverURL":"URL",
"xm_username":"username",
"xm_password":"password"
}
}

VXL Fusion UEM

{ 
"android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED":true/false,
"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE": {
"fusionuem_server_url":"server url",
"fusionuem_token_id":"token id"
}
}

Submit zero-touch DPC extras

If you’d like to see your DPC extras added to this list, please fill out this form or comment below.

Comments

There are no comments on Discuss yet, click below to leave one:

Comment