M S
asked on
Android MDM and deploying apps
Dear Experts,
A little bit of background:
Client – SME with 50 users
Platform: Citrix hosted desktop
Platform: Office 365
Mobile devices: Apple iPhones – Company owned
MDM: Meraki
This question is specific to mobile devices and MDM. Our client is currently using iPhones which have been ‘supervised’ then added to the Meraki MDM systems manager. The business does have a VPP account. Users do not have individual Apple IDs. We are able to:
- Enforce restrictions
- Push free apps
- Push paid apps
- Allow PIN code setting
- Remote wipe
- Remote update apps
- Etc.
The current mobile solution works very well indeed. Most of the staff are civil works engineers and so have very limited IT knowledge. The absolute best thing about this system is that we don’t have to have an Apple ID for each member of staff and go through the tedious process of asking them to create one with their work email, then remember the credentials. We simply push the apps they need to use and it’s great. The only thing the end users needs to put in is their office 365 business email address in either the iPhone Mail app or in the installed MS Outlook app. The Mail app tends to work better for some more than others as their preferences.
To me, it doesn’t matter what platform a company uses, it is their choice and that is respected. This isn’t about MS v Apple v Google v whoever else, simply about getting the job done and a properly working system in place for the company’s chosen platform.
The crucial thing here is not having to have a ‘store’ account to receive apps.
The problem:
The company has decided that due to lost and damaged (more often damaged) devices, it is far too costly to continue purchasing iPhones for it’s staff. Instead, the company has chosen to go with Android phones which are a lot cheaper overall.
I have read many articles, looked at Google’s own documents and cannot see a way to achieve the above with Android. Maybe I’m missing something but it looks like the device always requires a Google ID to install apps, even pushed ones. I have telephoned and spoken to both Airwatch and MaaS360 who say the only way to push apps is by first downloading an APK then pushing that via the cloud platform. I wouldn’t necessarily have an issue with this however it seems as though each device requires someone to sign in and download the ‘pushed’ apps.
The company uses office 365 and so creating Google accounts for each user is not possible and will only add to the confusion and frustration of end users. I will admit to having very little knowledge of Android devices and MDM platform integration. I cannot see any clear direction of achieving the same easy to use environment as above.
This is not a BYOD setup and so the company owns the devices, buys the apps and they get installed (pushed) to the devices as well as updated as required. Simple. OS updates can alos be initiated remotely however this is not a primary concern as I understand with Android the hardware need to be compatible etc.
I’m hoping someone can advise where all others have failed and I suppose the condensed version of the question is:
Can we push free and paid apps to company owned Android devices without end user Google accounts or interaction?
There may be a simple one-word answer but I am hoping someone can elaborate and perhaps advise of a solution. Surely we can’t be the only ones trying to achieve this? Any particular MDM platform?
Thank you in advance
A little bit of background:
Client – SME with 50 users
Platform: Citrix hosted desktop
Platform: Office 365
Mobile devices: Apple iPhones – Company owned
MDM: Meraki
This question is specific to mobile devices and MDM. Our client is currently using iPhones which have been ‘supervised’ then added to the Meraki MDM systems manager. The business does have a VPP account. Users do not have individual Apple IDs. We are able to:
- Enforce restrictions
- Push free apps
- Push paid apps
- Allow PIN code setting
- Remote wipe
- Remote update apps
- Etc.
The current mobile solution works very well indeed. Most of the staff are civil works engineers and so have very limited IT knowledge. The absolute best thing about this system is that we don’t have to have an Apple ID for each member of staff and go through the tedious process of asking them to create one with their work email, then remember the credentials. We simply push the apps they need to use and it’s great. The only thing the end users needs to put in is their office 365 business email address in either the iPhone Mail app or in the installed MS Outlook app. The Mail app tends to work better for some more than others as their preferences.
To me, it doesn’t matter what platform a company uses, it is their choice and that is respected. This isn’t about MS v Apple v Google v whoever else, simply about getting the job done and a properly working system in place for the company’s chosen platform.
The crucial thing here is not having to have a ‘store’ account to receive apps.
The problem:
The company has decided that due to lost and damaged (more often damaged) devices, it is far too costly to continue purchasing iPhones for it’s staff. Instead, the company has chosen to go with Android phones which are a lot cheaper overall.
I have read many articles, looked at Google’s own documents and cannot see a way to achieve the above with Android. Maybe I’m missing something but it looks like the device always requires a Google ID to install apps, even pushed ones. I have telephoned and spoken to both Airwatch and MaaS360 who say the only way to push apps is by first downloading an APK then pushing that via the cloud platform. I wouldn’t necessarily have an issue with this however it seems as though each device requires someone to sign in and download the ‘pushed’ apps.
The company uses office 365 and so creating Google accounts for each user is not possible and will only add to the confusion and frustration of end users. I will admit to having very little knowledge of Android devices and MDM platform integration. I cannot see any clear direction of achieving the same easy to use environment as above.
This is not a BYOD setup and so the company owns the devices, buys the apps and they get installed (pushed) to the devices as well as updated as required. Simple. OS updates can alos be initiated remotely however this is not a primary concern as I understand with Android the hardware need to be compatible etc.
I’m hoping someone can advise where all others have failed and I suppose the condensed version of the question is:
Can we push free and paid apps to company owned Android devices without end user Google accounts or interaction?
There may be a simple one-word answer but I am hoping someone can elaborate and perhaps advise of a solution. Surely we can’t be the only ones trying to achieve this? Any particular MDM platform?
Thank you in advance
gheist
You mean your users cannot type URL for office 365 in a browser?
ASKER
Hi Gheist,
They probably could, with a bit of effort and we could probably also create a shortcut for them on their home screens. However having push email in the phone's native app or downloaded Outlook app would be much better than accessing via a browser.
The issue is more to do with mobile management and app deployment without requiring Google accounts for each user on top of their O365 accounts. The company wants to stick with O365 but simply use Android phones for their engineers to save on cost.
Android phones will then have the relevant apps installed to them remotely and away you go. Seems like the most common sense thing is so hard to achieve, not to mention confusing.
They probably could, with a bit of effort and we could probably also create a shortcut for them on their home screens. However having push email in the phone's native app or downloaded Outlook app would be much better than accessing via a browser.
The issue is more to do with mobile management and app deployment without requiring Google accounts for each user on top of their O365 accounts. The company wants to stick with O365 but simply use Android phones for their engineers to save on cost.
Android phones will then have the relevant apps installed to them remotely and away you go. Seems like the most common sense thing is so hard to achieve, not to mention confusing.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi All,
Thanks to everyone who responded. Unfortunately it looks like there really isn't a viable, easy to use solution for Google. I have since been in touch with Google again who inform me that indeed, every single end user will require a Google account to use on their devices. Doesn't matter if they are company owned. on top of this, a GSuite account and relevant subscription for each device is required etc. All very confusing. Especially if we need use the Samsung option even for non-Samsung phones etc.
It would also be good to give a nominated end user some powers/access to manage the company deployment system (again as with apple, and then I wonder why I find myself comparing Android deployment solutions to the Apple offering) since we don't want to micro-manage each and every device.
In the era of mobile devices I find it hard to believe a straightforward Android solution doesn't exist.
I will leave this open for a little while longer and then close and resign myself to having both O365 and Google accounts for all of our many users.
Thanks
Thanks to everyone who responded. Unfortunately it looks like there really isn't a viable, easy to use solution for Google. I have since been in touch with Google again who inform me that indeed, every single end user will require a Google account to use on their devices. Doesn't matter if they are company owned. on top of this, a GSuite account and relevant subscription for each device is required etc. All very confusing. Especially if we need use the Samsung option even for non-Samsung phones etc.
It would also be good to give a nominated end user some powers/access to manage the company deployment system (again as with apple, and then I wonder why I find myself comparing Android deployment solutions to the Apple offering) since we don't want to micro-manage each and every device.
In the era of mobile devices I find it hard to believe a straightforward Android solution doesn't exist.
I will leave this open for a little while longer and then close and resign myself to having both O365 and Google accounts for all of our many users.
Thanks
ASKER
Hi all,
Thanks to everyone for their input. Unfortunately there isn't a simple, viable solution to this at the moment. Seems a bit backwards that Google haven't got a solution sorted yet - even for their own hardware. We have set up Google IDs for all users as well as their O365 ones, not what we wanted but there it is.
Thanks again to everyone .
Thanks to everyone for their input. Unfortunately there isn't a simple, viable solution to this at the moment. Seems a bit backwards that Google haven't got a solution sorted yet - even for their own hardware. We have set up Google IDs for all users as well as their O365 ones, not what we wanted but there it is.
Thanks again to everyone .