- *BASICS*
- The Knox Ecosystem
- Samsung Knox Portal
- Knox Licenses
- *FOR IT ADMINS*
- Knox Suite
- Knox Platform for Enterprise
- White paper
- Get started with UEMs
- Introduction
- Blackberry UEM
- Samsung Knox Manage
- Admin Guide
- Knox Service Plugin
- Knox Mobile Enrollment
- Introduction
- FAQs
- KBAs
- Release notes
- Get Started
- Features
- Register resellers
- Add an admin
- Create profiles
- Google Device Owner Support
- MDM Compatibility Matricies
- Device users
- Activity log
- Enrolling and unenrolling devices
- Configure devices
- Providing KME feedback
- Using the Knox Deployment App (KDA)
- Recovering Google FRP locked devices using KME
- Role-based access control (RBAC)
- Troubleshoot
- Knox Configure
- Mobile
- Wearables
- Shared Device
- Knox Manage
- Introduction
- Release Notes
- How-to videos
- Getting Started
- Configure
- Licenses
- Organization
- Users
- Sync user information
- Groups
- Devices
- Content
- Applications
- Profile
- Knox E-FOTA
- Certificates
- Advanced settings
- Monitor
- Kiosk devices
- Remote Support
- Active Directory
- Microsoft Exchange
- Mobile Admin
- Appendix
- Knox E-FOTA
- Introduction
- White paper
- Knox E-FOTA One Admin Guide
- Knox E-FOTA Advanced Admin Guide
- *FOR RESELLERS*
- Knox Deployment Program
- *FOR MANAGED SERVICE PROVIDERS*
- Knox MSP Program
Send a Knox Manage application installation guide to users via email or SMS through the Knox Manage admin portal. Also, users can directly download the Knox Manage application and enroll their devices. For Android Enterprise (AE) devices, you can use a token or QR code to enroll the devices.
Enrolling general devices (Android Legacy, iOS and Windows)
Send a Knox Manage application installation guide to users via email or SMS through the Knox Manage admin portal. Also, users can directly download Knox Manage application from their public application stores.
1. Select one of the following methods to send the Knox Manage application installation guide to users.
- Sending the Email_Agent Installation template to send QR code via email, allowing users to install the Knox Manage application on their devices. For more information, see Send templates or user notifications to users using email.
- Sending the installation URL address or QR code via email or SMS. For more information, see Send enrollment guides to users using email and SMS.
Also, users can directly search for the Knox Manage agent application from their public app store and download it.
2. Install Knox Manage application by clicking the URL address or scanning the QR code depending on the request methods, and then launch the Knox Manage application on the device.
3. On the log in screen, enter a user ID and password to sign in to Knox Manage. If you log in to Knox Manage successfully, the profiles, policies and applications will be applied to the device.
Enrolling Android Enterprise (AE) devices
Knox Manage supports the following Android Enterprise (AE) manage types. Each manage type can be enrolled differently.
- Fully Managed type: This type allows you to control the whole corporate owned device using Knox Manage. To activate as a Fully Managed type, the device must be factory reset.
- Fully Managed with Work Profile type: This type, a combination of the Fully Managed and Work Profile types, allows you to control corporate owned devices. You can manage the device’s personal area by sending device commands while controlling business applications and data within the separate Work Profile. Users can install and use personal applications on their device’s personal area, and, in this case, Knox Manage cannot control applications installed in the personal area or their data.
- Work Profile type: This type allows you to control personal devices (BYOD). In this case, Knox Manage only manages the Work Profile, which is the work area separated from the personal area, on the device.
Enrolling as the Fully Managed type
Enroll Android Enterprise (AE) devices in the Fully Managed type to control the whole area of the device. The device should be factory reset in advance. Select one of the following methods.
| Method | Supported version |
|
Use a token (afw#KnoxManage). For more information, see Use a token below. |
Android 6.0 (Marshmallow) or later |
|
Use a QR code sent via Email. For more information see Use a QR code below. |
Android 7.0 (Nougat) or later |
Use a token
Enter the token (afw#KnoxManage) to enroll the Android Enterprise (AE) devices in the Fully Managed or Fully Manage with Work Profile type. If the token is applied successfully, the Knox Manage app will be automatically installed on the device.
To enroll using a token, complete the following steps:
1. Turn on the factory reset device, and then on the device screen, tap START.
2. On the “Connect to Wi-Fi” screen, select an available Wi-Fi network, and then tap NEXT.
3. On the “Agree to Terms and Conditions” screen, read the terms and conditions, and then tap the checkbox next to “I have read and agree to all of the above”. Then, tap Agree. The device will check for updates and the updated will be applied.
4. On the “Sign in” screen, enter “afw#KnoxManage” in the Email or phone field, and then tap Next.
5. On the “Android Enterprise” screen, tap Install to download the Knox Manage application on the device. The Knox Manage application will be downloaded and launched automatically.
6. On the “Set up your device” screen of the Knox Manage agent, read the privacy policy of Knox Manage and Google, and then tap Accept & continue. The Knox Manage application will launch automatically.
7. On the “Sign in with your Samsung Knox Manage Account” screen, enter a user ID and password, and then tap SIGN IN to sign in to Knox Manage. Depending on the profiles applied to the device, the device will be enrolled as the Fully Managed or Fully Managed with Work Profile type.
Use a QR code
Use a QR code sent via email to enroll the devices as the Fully Managed or Fully Managed with Work Profile type. For more information on sending a QR code, see Sending enrollment guides to users via email and SMS.
To enroll using a QR code, complete the following steps:
1. Turn on the factory reset device, and then, on the welcome screen, tap the screen 5 times to launch QR code enrollment. The QR Reader app will be downloaded and the device camera will launch to scan the QR code automatically.
2. Scan the QR code sent by email. The Knox Manage URL and tenant information included in the QR code will be detected.
3. On the “Connect to Wi-Fi” screen, select an available Wi-Fi network, and then tap NEXT.
4. On the “Agree to Terms and Conditions” screen, read the terms and conditions, and then tap the checkbox next to “I have read and agree to all of the above.” Then, tap Agree. The Knox Manage application will launch automatically.
5. On the “Sign in with your Samsung Knox Manage Account” screen, enter a user ID and password, and then tap SIGN IN to sign in to Knox Manage. Depending on the profiles applied to the device, the device will be enrolled as the Fully Managed or Fully Managed with Work Profile type.
Enrolling as the Fully Managed with Work Profile type
Enroll the Android Enterprise (AE) devices as the Fully Managed with Work Profile type to control the separate work and personal areas. The enrollment methods are the same as those for the Fully Managed type, but the applied profile should be set as Create Work Profile on Fully Managed. For more information, see Create a new profile.
NOTE
- For devices running Android 10 (Q) or higher, tap the enrollment notification on the status bar to install the Work Profile manually.
- KSP policies are not applicable to the Fully Managed with Work Profile type. For devices that are enrolled as the Fully Managed type with KSP policies applied, these policies can remain even after the device type changes to the Fully Managed with Work Profile type. It is recommended to remove them manually.
| Method | Supported version |
| Use a token (afw#KnoxManage). For more information, see Use a token. | Android 6.0 (Marshmallow) or higher |
| Use a QR code sent via Email. For more information see Use a QR code. | Android 7.0 (Nougat) or higher |
Enrolling as the Work Profile type
To enroll the Android Enterprise (AE) devices as the Work Profile type, provide an installation guide to the users to install the Knox Manage application on the devices. You can send an installation guide via email or SMS or users can download the Knox Manage application directly from their public app store.
To enroll AE devices as Work Profile devices, complete the following steps:
-
On the device screen, tap the installation URL address sent to users via email or SMS to download and install the Knox Manage application on the device.
NOTE—You can also search for the Knox Manage application from the Google Play Store to download and install it on the AE device.
-
On the device, launch the Knox Manage application.
-
On the “Sign in with your Samsung Knox Manage Account” screen, enter a user ID and password, and then tap SIGN IN to sign in to Knox Manage.
NOTE—For devices running Android 10 (Q) or higher, tap the enrollment notification on the status bar to install the Work Profile manually.
-
On the “Set up a work profile” screen, read the privacy policy of Knox Manage, and then tap Agree. The work applications with the briefcase badge icons, which can be managed by Knox Manage, will appear on the device.
