Android device administrator enrollment
Android device administrator (sometimes referred to “legacy” Android management and released with Android 2.2) is a way to manage Android devices. However, improved management functionality is now available with Android Enterprise (released with Android 5.0). In an effort to move to modern, richer, and more secure device management, Google is decreasing device administrator support in new Android releases.
Therefore, to avoid such reduced functionality, we advise against enrolling new devices using the device administrator process described below.
For the same reasons, we also recommend that you migrate devices off of device administrator management if the devices are going to update to Android 10.
For more information about Intune support for Android device administrator support, see the Notices section.
If you still decide to have users enroll their Android devices with device administrator management, continue to the next section.
Android 10 and higher won't be supported in hybrid mobile device management (hybrid MDM; Intune managed with the System Center Configuration Manager console) because hybrid MDM is going out of service on September 1, 2019. If you're still using hybrid MDM, you should migrate to Intune standalone as soon as possible. Contact to support if you need help migrating. For more information, see Move from Hybrid Mobile Device Management to Intune on Azure.
For more information about Google's Android Enterprise features, see these articles:
- Google’s guidance for migration from device administrator to Android Enterprise
- Google’s documentation on the plan to deprecate the device administrator API
Set up device administrator enrollment
Intune by default allows enrollment of Android devices with device administrator capabilities.
- To prepare to manage mobile devices, you must set the mobile device management (MDM) authority to Microsoft Intune. See Set the MDM authority for instructions. You set this item only once, when you are first setting up Intune for mobile device management.
- Go to Intune > Device enrollment > Android enrollment > Personal and corporate-owned devices with device administration privileges > Use device administrator to manage devices.
- Tell your users how to enroll their devices.
For information about other user tasks, see these articles:
Block device administrator enrollment
To block Android device administrator devices, or to block only personally owned Android device administrator devices from enrollment, see Set device type restrictions.