Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry UEM 12.20
  3. BlackBerry UEM 12.20 and UEM Cloud Release Notes
  4. Considerations for Android Management activation types

Considerations for
Android Management
 activation types

BlackBerry UEM
 12.19 introduced the following new activation types that support the
Android Management
 API:
  • Work and personal - full control
     (
    Android Management
     fully managed device with work profile)
  • Work and personal - user privacy
     (
    Android Management
     with work profile)
  • Work space only
     (
    Android Management
     fully managed device)
Note the following considerations for the new
Android Management
 activation types:
UEM
 feature
Considerations
IT policy password considerations
  • For devices with the
    Work and personal - full control
     activation type, the device and the work space use the Password requirements setting.
  • For devices with the
    Work space only
     activation type, the work space uses the Password requirements setting.
  • For devices with the
    Work and personal - user privacy
     activation type:
    • Devices with
      Android OS
       12 and later use the Password complexity setting.
    • Devices with
      Android OS
       11 and earlier use the Password requirements setting.
    • The work space uses the Password requirements setting.
Activation
  • QR codes for
    Android Management
     activations expire after each use.
  • Activating
    Android Management
     devices using managed
    Google Play
     accounts is supported (see Configuring BlackBerry UEM to support Android Management devices). Activating devices with managed
    Google
     domain configurations are not currently supported.
  • UEM Client
     log information is not accessible during device activation of the
    Work and personal - full control
     and
    Work space only
     activation types. For activation failures for these activation types, you can review the
    UEM
     server core logs.
Activation profile
You must create separate activation profiles for
Android Enterprise
 and
Android Management
. If
Android Enterprise
 and
Android Management
 activation types are specified in the same profile, the
Android Management
 type will take precedence, even if it is ranked lower than
Android Enterprise
. Only the password and activation information for the
Android Management
 activation type will be embedded in the QR code.
App management
Currently, only
Google Play
 apps can be pushed to
Android Management
 devices.
Certificates
  • For native
    Android
     apps, only CA certificate profiles are currently supported. Shared certificate, user credential, and SCEP profiles are not currently supported.
  • For
    BlackBerry Dynamics
     apps, certificate support is the same as for
    Android Enterprise
     activation types, however,
    Purebred
     certificates are not currently supported.
Certificate mapping profile
Certificate mapping profiles are not currently supported for devices with
Android Management
 activation types.
CylancePROTECT Mobile for BlackBerry UEM
UEM
 version 12.20 and the
UEM Cloud
 June 2024 update introduces CylancePROTECT Mobile support for devices with
Android Management
 activation types. Any settings and compliance rules available in the management console for
CylancePROTECT Mobile for BlackBerry UEM
 are now applicable to
Android Management
 devices.
Device commands
  • Remove device command: Deletes work space data for the
    Work and personal - user privacy
     activation type and deletes all device data for the
    Work and personal - full control
     and
    Work space only
     activation types.
  • Lock device command: For devices with the
    Work and personal - user privacy
     and
    Work and personal - full control
     activation types, if one lock is enabled, the device is locked. If one lock is not enabled, only the work space is locked. For devices with the
    Work space only
     activation type, the device is locked.
  • Specify device password and lock command: Sets the work space password for devices with the
    Work and personal - user privacy
     and
    Work and personal - full control
     activation types. For devices with the
    Work space only
     activation type, this command sets the device password.
  • Delete all device data: Preserving a device's data plan is not supported for devices with
    Android Management
     activation types.
Device profile
Wallpaper images are not currently supported for devices with
Android Management
 activation types.
Device SR requirements profile
Only OS update is supported for devices with
Android Management
 activation types. Suspending OS updates and automatic app updates are not currently supported.
Email profile
  • Samsung
     email is not currently supported for devices with
    Android Management
     activation types, as the
    Knox
     API is not currently supported.
  • BlackBerry Work
     is supported.
Enterprise connectivity profile
  • Enterprise connectivity profiles and
    BlackBerry Secure Connect Plus
     are not currently supported for devices with
    Android Management
     activation types.
  • An assigned enterprise connectivity profile may display in the user’s details in the management console even though the profile is not currently supported for
    Android Management
    .
Factory reset protection profile
Only the “Enable and Specify Google account credentials when the device is reset to factory settings” option is supported for devices with
Android Management
 activation types.
Private apps
When both
Android Enterprise
 and
Android Management
 are configured in your
UEM
 environment, you can publish private apps for
Android Management
 devices only.
In this scenario, to send private apps to
Android Enterprise
 and
Android Management
 devices, from the
Google Play
 console, publish the app and add both
Android Enterprise
 and
Android Management
 org IDs. For more information, see Managed Google Play Help: Publish private apps from the Play Console. After you complete this task, in the
UEM
 management console (Apps > add an app >
Google Play
), you can search for the apps and add them to
UEM
.
UEM Self-Service
If a user’s activation profile contains ranked
Android Enterprise
 and
Android Management
 activation types, regardless of ranking, the
Android Management
 activation type is used. The QR code generated by
UEM Self-Service
 will use the
Android Management
 activation type.
Wi-Fi
 profile
Only the following settings are currently supported for devices with
Android Management
 activation types:
  • SSID
  • Security type: Personal
    • Personal security type: WPA-Personal/WPA2-Personal
    • Preshared key
  • Security type: Enterprise
    • Authentication protocol: PEAP + Outer identify for PEAP
    • Username
    • Password
    • Certificate common names expected from authentication server
    • Type of certificate linking
    • CA certificate profile