diff --git a/memdocs/intune/enrollment/android-aosp-corporate-owned-user-associated-enroll.md b/memdocs/intune/enrollment/android-aosp-corporate-owned-user-associated-enroll.md index ed5ef3cb3f8..880a8923032 100644 --- a/memdocs/intune/enrollment/android-aosp-corporate-owned-user-associated-enroll.md +++ b/memdocs/intune/enrollment/android-aosp-corporate-owned-user-associated-enroll.md @@ -8,7 +8,7 @@ keywords: author: Lenewsad ms.author: lanewsad manager: dougeby -ms.date: 09/18/2024 +ms.date: 09/24/2024 ms.topic: how-to ms.service: microsoft-intune ms.subservice: enrollment @@ -62,12 +62,12 @@ Create an enrollment profile to enable enrollment on devices. 1. Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431). 2. Go to **Devices** > **Enrollment**. 3. Select the **Android** tab. -4. Under **Android Open Source Project (AOSP) (Preview)**, choose **Corporate-owned, user-associated devices (Preview)**. +4. Under **Android Open Source Project (AOSP)**, choose **Corporate-owned, user-associated devices**. 5. Select **Create profile**. 6. Enter the basics for your profile: - **Name**: Give the profile a name. Note the name down for later, because you'll need it when you set up the dynamic device group. - **Description**: Enter a description for the profile. This setting is optional, but recommended. - - **Token expiration date**: Select the date the token expires, up to 90 days in the future. + - **Token expiration date**: Select the date the token expires, which can be up to 65 years in the future. - **SSID**: Identifies the network that the device will connect to. > [!NOTE] @@ -88,7 +88,7 @@ Create an enrollment profile to enable enrollment on devices. After you create a profile, Intune generates a token that's needed for enrollment. The token appears as a QR code. During device setup, when prompted to, scan the QR code to enroll the device in Intune. To view the token as a QR code, select your enrollment profile from the enrollment profile list. Then select **Token**. -You can also export the enrollment profile JSON file. To create a JSON file, select Export**. +You can also export the enrollment profile JSON file. To create a JSON file, select **Export**. > [!IMPORTANT] >- The QR code will contain any credentials provided in the profile in plain text to allow the device to successfully authenticate with the network. This is required as the user will not be able to join a network from the device. @@ -101,10 +101,10 @@ You can generate a new token to replace one that's nearing its expiration date. 1. In the [admin center](https://go.microsoft.com/fwlink/?linkid=2109431), go to **Devices** > **Enrollment**. 2. Select the **Android** tab. -3. In the **Android Open Source Project (AOSP) (Preview)** section, choose **Corporate-owned, user-associated devices (Preview)**. +3. In the **Android Open Source Project (AOSP)** section, choose **Corporate-owned, user-associated devices**. 3. Choose the profile that you want to work with. 4. Select **Token** > **Replace token**. -5. Enter the new token expiration date. Tokens must be replaced at least every 90 days. +5. Enter the token's new expiration date, which can be up to 65 years in the future. 6. Select **OK**. ### Revoke a token @@ -117,7 +117,7 @@ Revoke a token to immediately expire it and make it unusable. For example, it's 1. In the [admin center](https://go.microsoft.com/fwlink/?linkid=2109431), go to **Devices** > **Enrollment**. 2. Select the **Android** tab. -3. In the **Android Open Source Project (AOSP) (Preview)** section, choose **Corporate-owned, user-associated devices (Preview)**. +3. In the **Android Open Source Project (AOSP)** section, choose **Corporate-owned, user-associated devices**. 4. Choose the profile that you want to work with. 5. Select **Token** > **Revoke token** > **Yes**. diff --git a/memdocs/intune/enrollment/android-aosp-corporate-owned-userless-enroll.md b/memdocs/intune/enrollment/android-aosp-corporate-owned-userless-enroll.md index 7ab8f89ca68..2e29e256472 100644 --- a/memdocs/intune/enrollment/android-aosp-corporate-owned-userless-enroll.md +++ b/memdocs/intune/enrollment/android-aosp-corporate-owned-userless-enroll.md @@ -72,12 +72,12 @@ Create an enrollment profile to enable enrollment on devices. 1. Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431). 2. Go to **Devices** > **Enrollment**. 3. Select the **Android** tab. -4. In the **Android Open Source Project (AOSP) (Preview)** section, choose **Corporate-owned, userless devices (Preview)**. +4. In the **Android Open Source Project (AOSP)** section, choose **Corporate-owned, userless devices**. 5. Select **Create profile**. 6. Enter the basics for your profile: - **Name**: Give the profile a name. Note the name down for later, because you'll need it when you set up the dynamic device group. - **Description**: Enter a description for the profile. This setting is optional, but recommended. - - **Token expiration date**: Select the date the token expires, up to 90 days in the future. + - **Token expiration date**: Select the date the token expires, which can be up to 90 days in the future. - **SSID**: Identifies the network that the device will connect to. > [!NOTE] @@ -98,12 +98,12 @@ Create an enrollment profile to enable enrollment on devices. ### Access enrollment token After you create a profile, Intune generates a token that's needed for enrollment. To access the token: -1. Go to **Corporate-owned, userless devices (Preview)**. +1. Go to **Corporate-owned, userless devices**. 2. From the list, select your enrollment profile. 3. Select **Tokens**. Another way to find the token is: -1. Go to **Corporate-owned, userless devices (Preview)**. +1. Go to **Corporate-owned, userless devices**. 2. Locate your profile in the list, and then select the **More** (**...**) menu that's next to it. 3. Select **View enrollment token**. @@ -111,7 +111,7 @@ The token appears as a QR code. During device setup, when prompted to, scan the You can also export the enrollment profile JSON file. To create a JSON file: -1. Go to **Corporate-owned, userless devices (Preview)**. +1. Go to **Corporate-owned, userless devices**. 2. From the list, select your enrollment profile. 3. Select **Token > Export**. @@ -125,10 +125,10 @@ Generate a new token to replace one that's nearing its expiration date. Replacin 1. In the [admin center](https://go.microsoft.com/fwlink/?linkid=2109431), go to **Devices** > **Enrollment**. 2. Select the **Android** tab. -3. In the **Android Open Source Project (AOSP) (Preview)** section, choose **Corporate-owned, userless devices (Preview)**. +3. In the **Android Open Source Project (AOSP)** section, choose **Corporate-owned, userless devices**. 4. Choose the profile that you want to work with. 5. Select **Token** > **Replace token**. -6. Enter the new token expiration date. Tokens must be replaced at least every 90 days. +6. Enter the token's new expiration date. The token must be replaced at least every 90 days. 7. Select **OK**. ### Revoke token @@ -141,7 +141,7 @@ Revoke a token to immediately expire it and make it unusable. For example, it's 1. In the [admin center](https://go.microsoft.com/fwlink/?linkid=2109431), go to **Devices** > **Enrollment**. 2. Select the **Android** tab. -3. In the **Android Open Source Project (AOSP) (Preview)** section, choose **Corporate-owned, userless devices (Preview)**. +3. In the **Android Open Source Project (AOSP)** section, choose **Corporate-owned, userless devices**. 4. Choose the profile that you want to work with. 5. Select **Token** > **Revoke token** > **Yes**. diff --git a/memdocs/intune/user-help/enroll-device-aosp.md b/memdocs/intune/user-help/enroll-device-aosp.md index 32d41eada66..3280643f764 100644 --- a/memdocs/intune/user-help/enroll-device-aosp.md +++ b/memdocs/intune/user-help/enroll-device-aosp.md @@ -7,7 +7,7 @@ keywords: author: lenewsad ms.author: lanewsad manager: dougeby -ms.date: 07/01/2024 +ms.date: 09/24/2024 ms.topic: end-user-help ms.service: microsoft-intune ms.subservice: end-user @@ -48,16 +48,21 @@ Additionally, you need the enrollment QR code that's provided by your organizati Complete these steps to set up and enroll your device. 1. Turn on your new or factory-reset device. -2. If prompted to, connect to Wi-Fi. Then tap **NEXT**. -3. Scan the QR code provided by your organization. -4. Follow the onscreen prompts to enroll your device. -5. If prompted to, review the device terms and conditions. Then select **ACCEPT & CONTINUE**. -6. The Microsoft Intune app opens. The next step depends on the type of device you're using. Complete the step that matches the screen shown on your device: +1. If prompted to, connect to Wi-Fi. Then tap **NEXT**. +1. When you receive the QR code, stop. Then make sure that: + + - The QR code comes from a trusted source, via a trusted channel. + + - You're enrolling your device into the right organization. +1. Scan the QR code. +1. Follow the onscreen prompts to enroll your device. +1. If prompted to, review the device terms and conditions. Then select **ACCEPT & CONTINUE**. +1. The Microsoft Intune app opens. The next step depends on the type of device you're using. Complete the step that matches the screen shown on your device: - Tap **START** to begin enrollment. - Sign in with your work account. 1. Enter your email, and then tap **NEXT**. 2. Enter your password, and then tap **SIGN IN** to begin enrollment. -7. When you see the message that your device is ready, tap **DONE**. +1. When you see the message that your device is ready, tap **DONE**. If after enrolling you have trouble accessing your organization's resources, go to the Microsoft Intune app to verify that all of your device settings meet your organization's requirements. For more information about checking compliance, see [Check compliance on your AOSP device](check-compliance-aosp.md).