Skip Navigation

Considerations for
Android Management
activation types

BlackBerry UEM
12.19 introduced the following new activation types that support the
Android Management
API:
  • Work and personal - full control
    (
    Android Management
    fully managed device with work profile)
  • Work and personal - user privacy
    (
    Android Management
    with work profile)
  • Work space only
    (
    Android Management
    fully managed device)
Note the following considerations for the new
Android Management
activation types:
UEM
feature
Considerations
IT policy password considerations
  • For devices with the
    Work and personal - full control
    activation type, the device and the work space use the Password requirements setting.
  • For devices with the
    Work space only
    activation type, the work space uses the Password requirements setting.
  • For devices with the
    Work and personal - user privacy
    activation type:
    • Devices with
      Android OS
      12 and later use the Password complexity setting.
    • Devices with
      Android OS
      11 and earlier use the Password requirements setting.
    • The work space uses the Password requirements setting.
Activation
  • QR codes for
    Android Management
    activations expire after each use.
  • Activating
    Android Management
    devices using managed
    Google Play
    accounts is supported (see Configuring BlackBerry UEM to support Android Management devices). Activating devices with managed
    Google
    domain configurations are not currently supported.
  • UEM Client
    log information is not accessible during device activation of the
    Work and personal - full control
    and
    Work space only
    activation types. For activation failures for these activation types, you can review the
    UEM
    server core logs.
Activation profile
You must create separate activation profiles for
Android Enterprise
and
Android Management
. If
Android Enterprise
and
Android Management
activation types are specified in the same profile, the
Android Management
type will take precedence, even if it is ranked lower than
Android Enterprise
. Only the password and activation information for the
Android Management
activation type will be embedded in the QR code.
App management
Currently, only
Google Play
apps can be pushed to
Android Management
devices.
Certificates
  • For native
    Android
    apps, only CA certificate profiles are currently supported. Shared certificate, user credential, and SCEP profiles are not currently supported.
  • For
    BlackBerry Dynamics
    apps, certificate support is the same as for
    Android Enterprise
    activation types, however,
    Purebred
    certificates are not currently supported.
Certificate mapping profile
Certificate mapping profiles are not currently supported for devices with
Android Management
activation types.
CylancePROTECT Mobile for BlackBerry UEM
UEM
version 12.20 and the
UEM Cloud
June 2024 update introduces CylancePROTECT Mobile support for devices with
Android Management
activation types. Any settings and compliance rules available in the management console for
CylancePROTECT Mobile for BlackBerry UEM
are now applicable to
Android Management
devices.
Device commands
  • Remove device command: Deletes work space data for the
    Work and personal - user privacy
    activation type and deletes all device data for the
    Work and personal - full control
    and
    Work space only
    activation types.
  • Lock device command: For devices with the
    Work and personal - user privacy
    and
    Work and personal - full control
    activation types, if one lock is enabled, the device is locked. If one lock is not enabled, only the work space is locked. For devices with the
    Work space only
    activation type, the device is locked.
  • Specify device password and lock command: Sets the work space password for devices with the
    Work and personal - user privacy
    and
    Work and personal - full control
    activation types. For devices with the
    Work space only
    activation type, this command sets the device password.
  • Delete all device data: Preserving a device's data plan is not supported for devices with
    Android Management
    activation types.
Device profile
Wallpaper images are not currently supported for devices with
Android Management
activation types.
Device SR requirements profile
Only OS update is supported for devices with
Android Management
activation types. Suspending OS updates and automatic app updates are not currently supported.
Email profile
  • Samsung
    email is not currently supported for devices with
    Android Management
    activation types, as the
    Knox
    API is not currently supported.
  • BlackBerry Work
    is supported.
Enterprise connectivity profile
  • Enterprise connectivity profiles and
    BlackBerry Secure Connect Plus
    are not currently supported for devices with
    Android Management
    activation types.
  • An assigned enterprise connectivity profile may display in the user’s details in the management console even though the profile is not currently supported for
    Android Management
    .
Factory reset protection profile
Only the “Enable and Specify Google account credentials when the device is reset to factory settings” option is supported for devices with
Android Management
activation types.
Private apps
When both
Android Enterprise
and
Android Management
are configured in your
UEM
environment, you can publish private apps for
Android Management
devices only.
In this scenario, to send private apps to
Android Enterprise
and
Android Management
devices, from the
Google Play
console, publish the app and add both
Android Enterprise
and
Android Management
org IDs. For more information, see Managed Google Play Help: Publish private apps from the Play Console. After you complete this task, in the
UEM
management console (Apps > add an app >
Google Play
), you can search for the apps and add them to
UEM
.
UEM Self-Service
If a user’s activation profile contains ranked
Android Enterprise
and
Android Management
activation types, regardless of ranking, the
Android Management
activation type is used. The QR code generated by
UEM Self-Service
will use the
Android Management
activation type.
Wi-Fi
profile
Only the following settings are currently supported for devices with
Android Management
activation types:
  • SSID
  • Security type: Personal
    • Personal security type: WPA-Personal/WPA2-Personal
    • Preshared key
  • Security type: Enterprise
    • Authentication protocol: PEAP + Outer identify for PEAP
    • Username
    • Password
    • Certificate common names expected from authentication server
    • Type of certificate linking
    • CA certificate profile