Frontline workers get a better experience from Microsoft and Samsung

Posted on by No Comments ↓

This post has been republished via RSS; it originally appeared at: Microsoft Tech Community - Latest Blogs - .

Workers on the front line are the face of your business. Selling, healing, building, serving—doing what needs to get done and collaborating with customers, partners, and fellow employees to improve your bottom line. For those workers to be successful, they need tools to do the job at hand. For this, Microsoft Intune provides Managed Home Screen (MHS), a fully curated experience for your frontline workers on Android dedicated devices. Samsung is a leading provider of Android devices for enterprise and frontline scenarios, offering a range of rugged, secure, and versatile devices that can meet the needs of various industries and use cases. MHS is used on over half of all Intune-managed Android dedicated devices.

Microsoft and Samsung have come together again to announce a new experience that builds upon our commitment to deliver the best possible at-work mobile device solutions and make MHS even better.

Today, IT administrators can use MHS, to replace the default launcher on Android devices and configure their users' experiences. MHS can be used on Intune enrolled, corporate-owned dedicated devices. These devices can be shared amongst workers and dedicated to specific tasks as well as used to access productivity tools. MHS is designed to surface only the applications and device settings that are needed and allows administrators to enforce a consistent set of user experiences and company-branding. However, to benefit from the full functionality of MHS, permissions granted by IT need to be accepted by users during the device set up.

Screenshot of setup permission pop up overlay on a Samsung Android device.Screenshot of setup permission pop up overlay on a Samsung Android device.

This new integration between Intune and Samsung Knox enables IT admins to grant necessary permissions automatically to MHS without end-user interaction. This streamlines the user's setup experience by removing the need for workers to accept these permissions.

MHS also supports Microsoft Entra shared device mode, which provides easy single sign-in and sign-out experiences of applicable applications. As a key component of the endpoint management toolset, IT administrators can leverage shared device mode with MHS to create a customized device sign in experience for their workers.

This simplifies and secures the setup process for MHS on corporate-owned dedicated devices and ensures users will be able to access the apps and settings they need on their devices without being distracted, confused, frustrated, or interrupted by prompts.

With this integration, easy set up and shared experiences mean faster time to work and increased productivity.

Two screenshots of a Managed Home Screen that does not include a permission pop up on Samsung Android dedicated devices showing only four apps available for use. One screenshot does not require a sign in for Contoso Art Supplies and the other is signed in by Jane Smith as the user.Two screenshots of a Managed Home Screen that does not include a permission pop up on Samsung Android dedicated devices showing only four apps available for use. One screenshot does not require a sign in for Contoso Art Supplies and the other is signed in by Jane Smith as the user.

Getting started

To configure devices to automatically grant permissions for MHS, begin by setting up OEMConfig. You can reference this guide on how to use OEMConfig to manage Android Enterprise devices with Intune.

Here are some high-level steps:

  1. Navigate to Managed Google Play, then search for Knox Service Plugin, and choose select to add it and sync.
  2. Assign the Samsung Knox Service plugin as a required app to your devices.
  3. Navigate to the Microsoft Intune admin center and select the policies tab > Device configuration page to create a new policy for the Android Enterprise platform of type OEMConfig.
  4. Select Knox Service Plugin as the OEMConfig app.
    1. Select Configure for Device-wide policies (Selectively applicable to Fully Manage Device (DO) or Work Profile-on company owned devices (WP-C mode as noted) Under Device-wide policies.
    2. Set Enable device policy controls to true to enable it.
    3. Select Application management policies to set application management and Enable permission controls to true.
  5. Navigate to the top node and select Permission Controls.
  6. Select the ellipsis that’s next to Permission Controls and select Add Setting, do this twice to add two child nodes.
  7. Select the first child node and, for the Permission Policy dropdown, select Appear on top and Alarms & Reminders. For Package or Component Name, add the MHS package name: com.microsoft.launcher.enterprise.
  8. Select the second child node and, for the Permission Policy dropdown, select Notification access. For Package or Component Name add the MHS notification service package name: com.microsoft.launcher.next.model.notification.AppNotificationService.
  9. Assign the policy to devices where the MHS is or will be installed.

Stay up to date! Bookmark the Microsoft Intune Blog and follow us on LinkedIn or @MSIntune on X to continue the conversation.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.