Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-04-21 13:37:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 91

Updates from cs offsite (#42750)

Browse source 
Updates to Android MDM documentation from the CS offsite.

---------

Co-authored-by: Steven Palmesano <3100993+spalmesano0@users.noreply.github.com>
This commit is contained in:
kitzy 2026-03-31 14:42:59 -04:00 committed by GitHub
parent e5877ccc78
commit c131c6aab7
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 15 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
articles/android-byod-mdm-migration.md
View file

@ -4,7 +4,7 @@ On BYOD Android devices, enrolling in an MDM installs a [Work Profile](https://s
**Prerequisites**
- Set up [Android MDM](https://fleetdm.com/guides/android-mdm-setup) in Fleet.
- Get a Fleet enrollment link for the team. Follow our [Enroll hosts guide](https://fleetdm.com/guides/enroll-hosts#ui) for instructions on how to get this link.
- Get a Fleet enrollment link for the fleet. Follow our [Enroll hosts guide](https://fleetdm.com/guides/enroll-hosts#ui) for instructions on how to get this link.
## Remove the old Work Profile
@ -24,7 +24,7 @@ Send the enrollment link to end users to open in a web browser. An easy alternat
- If this option is missing, select the three dot menu icon on the right side of the toolbar > **Cast, Save, and Share** > **Create QR Code**.
1. Open the enrollment link on the Android device.
- If [end user authentication](https://fleetdm.com/guides/setup-experience#end-user-authentication) is set up for the team, authentication via SSO is required. After successfully authenticating, a page with an Enroll button will appear.
- If [end user authentication](https://fleetdm.com/guides/setup-experience#end-user-authentication) is set up for the fleet, authentication via SSO is required. After successfully authenticating, a page with an Enroll button will appear.
2. Select **Enroll**. A "Set up your work profile" screen will then appear.
3. Select **Next**. The next screen will describe what a Work Profile is.
4. Select **Accept & continue**.
@ -33,9 +33,9 @@ Send the enrollment link to end users to open in a web browser. An easy alternat
- A series of enrollment screens will appear. When the Work Profile is active, a briefcase icon appears in the status bar on Google Pixel devices, and in the lower right corner on Samsung devices.
5. If Google authentication is enabled in [Google Admin](https://support.google.com/work/android/answer/9415508?hl=en), sign in using your work Google account.
- If **Skip** is selected at this screen, you will later be required to sign in to this Google account to access apps like Google Calendar.
6. When enrollment is complete, the Work Profile screens will go away and you will be brought back to the web browser with the Fleet enrollment page.
6. When enrollment is complete, the Work Profile screens will go away and you will be brought back to the web browser with the Fleet enrollment page. You can close this tab.
Open the App Drawer (swipe up at the home screen, or select the Apps icon), and a separate tab at the bottom will appear for Work Profile apps. These apps have a briefcase icon in the bottom right corner of their icon.
Open the App Drawer (swipe up at the home screen, or select the Apps icon), and a separate tab will appear for Work Profile apps. These apps have a briefcase icon in the bottom right corner of their icon.
When signing in with a work Google account, if the device doesn't meet the requirements set up by the admin in Google Admin, you will be prompted to resolve these.

9
articles/android-mdm-setup.md
View file

@ -10,17 +10,18 @@ Fleet supports Android devices that are [Play Protect certified](https://support
To turn on Android MDM, connect Android Enterprise on **Settings > Integrations > Mobile device management (MDM)** page.
When you select **Connect Android Enterprise**, Fleet will open the Google signup page. The signup process varies depending on whether your organization uses [Google Workspace](#google-workspace), [Microsoft 365](#microsoft-365), or [another provider](#other). Organizations using Google Workspace and Microsoft don't need to verify domain ownership.
When you select **Connect**, Fleet will open the Google signup page. The signup process varies depending on whether your organization uses [Google Workspace](#google-workspace), [Microsoft 365](#microsoft-365), or [another provider](#other). Organizations using Google Workspace and Microsoft don't need to verify domain ownership.
### Google Workspace
1. If your organization already uses Google Workspace, use your admin account to signup for Android Enterprise. If you don't know your admin account credentials, ask your Google Workspace admin.
1. If your organization already uses Google Workspace, use your admin account to sign up for Android Enterprise. If you don't know your admin account credentials, ask your Google Workspace admin.
2. Follow the steps in Google's signup flow.
3. After successful signup, a free Android Enterprise subscription is added to your Google Workspace. In Fleet, you can confirm Android MDM is turned on in **Settings > Integrations > MDM**.
3. Check your **Subscriptions** in Google Workspace to validate that the free plan of **Android Enterprise** has been added.
4. After successful signup, a free Android Enterprise subscription is added to your Google Workspace. In Fleet, you can confirm Android MDM is turned on in **Settings > Integrations > MDM**.
### Microsoft 365
1. If your organization uses Microsoft 365, you can sign up for Android Enterprise with your Microsoft email. First, select **Connect Android Enterprise**. Then, enter your Microsoft email, click **Next**, and choose **Sign in with Microsoft**.
1. If your organization uses Microsoft 365, you can sign up for Android Enterprise with your Microsoft email. First, select **Connect**. Then, enter your Microsoft email, click **Next**, and choose **Sign in with Microsoft**.
2. After signing in with your Microsoft account, follow the steps in Google's signup process.
3. After successful signup, a free Android Enterprise subscription is added to your Google Workspace. In Fleet, you can confirm Android MDM is turned on in **Settings > Integrations > MDM**.
4. Go to your [Google Admin console](https://admin.google.com).

2
articles/custom-os-settings.md
View file

@ -8,7 +8,7 @@ For macOS, iOS, and iPadOS hosts, Fleet recommends the [iMazing Profile Creator]
For Windows hosts, copy this [Windows configuration profile template](https://fleetdm.com/example-windows-profile) and update the profile using any [configuration service providers (CSPs)](https://fleetdm.com/guides/creating-windows-csps) from [Microsoft's MDM protocol](https://learn.microsoft.com/en-us/windows/client-management/mdm/). For local testing on Windows, [SyncMLViewer](https://github.com/okieselbach/SyncMLViewer/releases) is a useful GUI tool for inspecting MDM traffic.
For Android hosts, copy this [Android configuration profile template](https://fleetdm.com/learn-more-about/example-android-profile) and update the profile using the options available in [Android Management API](https://developers.google.com/android/management/reference/rest/v1/enterprises.policies#resource:-policy). To learn how, watch [this video](https://youtu.be/Jk4Zcb2sR1w).
For Android hosts, copy this [Android configuration profile template](https://fleetdm.com/learn-more-about/example-android-profile) and update the profile using the options available in [Android Management API](https://developers.google.com/android/management/reference/rest/v1/enterprises.policies#resource:-policy). To learn how, watch [this video](https://youtu.be/Jk4Zcb2sR1w). To learn more about the different settings availabe for fully managed vs. BYOD Android devices, see [Google's documentation](https://support.google.com/work/android/topic/9621435?hl=en&ref_topic=6151012,6090502,6090491,&sjid=13375704519136380831-NA).
## Enforce

4
articles/enroll-hosts.md
View file

@ -12,6 +12,8 @@ To learn how to enroll Chromebooks, see the [Enroll Chromebooks guide](#enroll-c
## UI
#### Desktop Devices
To manually enroll macOS, Windows, or Linux hosts, generate Fleet's agent (fleetd) through Fleet UI:
1. Go to the **Hosts** page, select the fleet you want your host(s) to enroll to, and select **Add hosts**.
@ -19,6 +21,8 @@ To manually enroll macOS, Windows, or Linux hosts, generate Fleet's agent (fleet
3. Copy the command to generate fleetd and run the command with [fleetctl](https://fleetdm.com/docs/using-fleet/fleetctl-cli) installed.
4. Install fleetd on your host(s) to enroll it to Fleet.
#### Mobile Devices
To manually enroll iOS, iPadOS, or Android hosts, follow the steps below:
1. Go to the **Hosts** page, select the fleet you want your host(s) to enroll to, and select **Add hosts**.

2
articles/install-app-store-apps.md
View file

@ -73,7 +73,7 @@ Android apps can be installed via self-service in the end user's managed Google
#### Configuration
Currently, editing configuration is only supported for Android apps. And currently, only the `managedConfiguration` and `workProfileWidgets` options from [ApplicationPolicy - Android Management API](https://developers.google.com/android/management/reference/rest/v1/enterprises.policies#ApplicationPolicy) are supported.
Currently, editing configurations is only supported for Android apps. Only the `managedConfiguration` and `workProfileWidgets` options from [ApplicationPolicy - Android Management API](https://developers.google.com/android/management/reference/rest/v1/enterprises.policies#ApplicationPolicy) are currently supported.
`managedConfiguration` supports any option provided by the app's developer. Each app supports different options. To find the supported options, check the app documentation.