- *BASICS*
- The Knox Ecosystem
- Samsung Knox Portal
- Knox Cloud Services
- General Knox Support
- Knox Licenses
- *FOR IT ADMINS*
- Knox Suite
- Knox Platform for Enterprise
- Introduction
- White paper
- Before you begin
- Get started with UEMs
- Introduction
- Blackberry UEM
- IBM MaaS360
- Microsoft Intune
- MobileIron Cloud
- MobileIron Core
- Samsung Knox Manage
- SOTI MobiControl
- VMware Workspace ONE UEM
- Knox Service Plugin
- Release notes
- Migrate to Android 11
- FAQs
- Troubleshoot
- KBAs
- Knox Mobile Enrollment
- Introduction
- Get started
- Features
- Register resellers
- Add an admin
- Create profiles
- Google device owner support
- MDM compatibility matrices
- Device users
- Activity log
- Enroll and unenroll devices
- Configure devices
- Provide KME feedback
- Use the Knox Deployment App (KDA)
- Recover Google FRP locked devices using KME
- Role-based access control (RBAC)
- Release notes
- FAQs
- Troubleshoot
- KBAs
- Knox Configure
- Mobile
- Wearables
- Shared Device
- Knox Capture
- Introduction
- How it works
- How-to videos
- IT admins: Get started
- Getting started with Knox Capture
- Step 1: Launch Knox Capture
- Step 2: Create a scanning profile
- Step 3: Select apps and activities
- Step 4: Configure the scanner
- Step 5: Set keystroke output rules
- Step 6: Test apps in your configuration
- Step 7: Share your configuration
- Step 8: Deploy Knox Capture in Managed mode
- End users: Get started
- Features
- Release notes
- FAQs
- Troubleshoot
- Knox Manage
- Introduction
- How-to videos
- Get started
- Configure
- Licenses
- Organization
- Users
- Sync user information
- Groups
- Devices
- Content
- Applications
- Profile
- Knox E-FOTA
- Certificates
- Advanced settings
- Monitor
- Kiosk devices
- Remote Support
- Active Directory
- Microsoft Exchange
- Mobile Admin
- Appendix
- Release notes
- FAQs
- KBAs
- Knox E-FOTA
- Introduction
- White paper
- Knox E-FOTA One
- Introduction
- How-to videos
- Get started
- Features
- EMM integration
- Appendix
- Release notes
- FAQs
- Troubleshoot
- KBAs
- Migrate from Knox E-FOTA Advanced to Knox E-FOTA One
- Knox E-FOTA Advanced
- Knox E-FOTA on MDM
- Samsung Care+ for Business
- *FOR RESELLERS*
- Knox Deployment Program
- *FOR MANAGED SERVICE PROVIDERS*
- Knox MSP Program
Send a Knox Manage application installation guide to users via email or SMS through the Knox Manage admin portal. Also, users can directly download the Knox Manage application and enroll their devices. For Android Enterprise (AE) devices, you can use a token or QR code to enroll the devices.
Enrolling general devices (Android Legacy, iOS and Windows)
Send a Knox Manage application installation guide to users using email or SMS through the Knox Manage admin portal. Also, users can directly download Knox Manage application from their public application stores.
- Select one of the following methods to send the Knox Manage application installation guide to users.
- Sending the Email_Agent Installation template to send QR code by email, allowing users to install the Knox Manage application on their devices. For more information, see Send templates or user notifications to users using email.
- Sending the installation URL address or QR code by email or SMS. For more information, see Send enrollment guides to users using email and SMS.
Also, users can directly search for the Knox Manage agent application from their public app store and download it. - Install Knox Manage application by clicking the URL address or scanning the QR code depending on the request methods, and then launch the Knox Manage application on the device.
- On the log in screen, enter a user ID and password to sign in to Knox Manage. If you log in to Knox Manage successfully, the profiles, policies and applications will be applied to the device.
In some cases, IT admins may need to enroll specific devices using a manual enrollment method known as Limited Enrollment. For more information on managing devices using the limited enrollment method, see Manage limited enrollment.
Enrolling Android Enterprise (AE) devices
Knox Manage supports the following Android Enterprise (AE) manage types. Each manage type can be enrolled differently.
- Fully Managed type: This type allows you to control the whole corporate owned device using Knox Manage. To activate as a Fully Managed type, the device must be factory reset.
- Fully Managed with Work Profile type: This type, a combination of the Fully Managed and Work Profile types, allows you to control corporate owned devices. You can manage the device’s personal area by sending device commands while controlling business applications and data within the separate Work Profile. Users can install and use personal applications on their device’s personal area, and, in this case, Knox Manage cannot control applications installed in the personal area or their data.
- Work Profile type: This type allows you to control personal devices (BYOD). In this case, Knox Manage only manages the Work Profile, which is the work area separated from the personal area, on the device.
Enrolling as the Fully Managed type
Enroll Android Enterprise (AE) devices in the Fully Managed type to control the whole area of the device. The device should be factory reset in advance. Select one of the following methods.
| Method | Supported version |
|
Use a token (afw#KnoxManage). For more information, see Use a token below. |
Android 6.0 (Marshmallow) or later |
|
Use a QR code sent via Email. For more information see Use a QR code below. |
Android 7.0 (Nougat) or later |
Use a token
Enter the token (afw#KnoxManage) to enroll the Android Enterprise (AE) devices in the Fully Managed or Fully Manage with Work Profile type. If the token is applied successfully, the Knox Manage app will be automatically installed on the device.
To enroll using a token, complete the following steps:
1. Turn on the factory reset device, and then on the device screen, tap START.
2. On the “Connect to Wi-Fi” screen, select an available Wi-Fi network, and then tap NEXT.
3. On the “Agree to Terms and Conditions” screen, read the terms and conditions, and then tap the checkbox next to “I have read and agree to all of the above”. Then, tap Agree. The device will check for updates and the updated will be applied.
4. On the “Sign in” screen, enter “afw#KnoxManage” in the Email or phone field, and then tap Next.
5. On the “Android Enterprise” screen, tap Install to download the Knox Manage application on the device. The Knox Manage application will be downloaded and launched automatically.
6. On the “Set up your device” screen of the Knox Manage agent, read the privacy policy of Knox Manage and Google, and then tap Accept & continue. The Knox Manage application will launch automatically.
7. On the “Sign in with your Samsung Knox Manage Account” screen, enter a user ID and password, and then tap SIGN IN to sign in to Knox Manage. Depending on the profiles applied to the device, the device will be enrolled as the Fully Managed or Fully Managed with Work Profile type.
Use a QR code
Use a QR code sent via email to enroll the devices as the Fully Managed or Fully Managed with Work Profile type. For more information on sending a QR code, see Sending enrollment guides to users via email and SMS.
To enroll using a QR code, complete the following steps:
1. Turn on the factory reset device, and then, on the welcome screen, tap the screen 5 times to launch QR code enrollment. The QR Reader app will be downloaded and the device camera will launch to scan the QR code automatically.
2. Scan the QR code sent by email. The Knox Manage URL and tenant information included in the QR code will be detected.
3. On the “Connect to Wi-Fi” screen, select an available Wi-Fi network, and then tap NEXT.
4. On the “Agree to Terms and Conditions” screen, read the terms and conditions, and then tap the checkbox next to “I have read and agree to all of the above.” Then, tap Agree. The Knox Manage application will launch automatically.
5. On the “Sign in with your Samsung Knox Manage Account” screen, enter a user ID and password, and then tap SIGN IN to sign in to Knox Manage. Depending on the profiles applied to the device, the device will be enrolled as the Fully Managed or Fully Managed with Work Profile type.
Enrolling as the Fully Managed with Work Profile type
Enroll the Android Enterprise (AE) devices as the Fully Managed with Work Profile type to control the separate work and personal areas. The enrollment methods are the same as those for the Fully Managed type, but the applied profile should be set as Create Work Profile on Fully Managed. For more information, see Create a new profile.
NOTE
- For devices running Android 10 (Q) or higher, tap the enrollment notification on the status bar to install the Work Profile manually.
- KSP policies are not applicable to the Fully Managed with Work Profile type. For devices that are enrolled as the Fully Managed type with KSP policies applied, these policies can remain even after the device type changes to the Fully Managed with Work Profile type. It is recommended to remove them manually.
| Method | Supported version |
| Use a token (afw#KnoxManage). For more information, see Use a token. | Android 6.0 (Marshmallow) or higher |
| Use a QR code sent via Email. For more information see Use a QR code. | Android 7.0 (Nougat) or higher |
Enrolling as the Work Profile type
To enroll the Android Enterprise (AE) devices as the Work Profile type, provide an installation guide to the users to install the Knox Manage application on the devices. You can send an installation guide via email or SMS or users can download the Knox Manage application directly from their public app store.
To enroll AE devices as Work Profile devices, complete the following steps:
-
On the device screen, tap the installation URL address sent to users via email or SMS to download and install the Knox Manage application on the device.
NOTE—You can also search for the Knox Manage application from the Google Play Store to download and install it on the AE device.
-
On the device, launch the Knox Manage application.
-
On the “Sign in with your Samsung Knox Manage Account” screen, enter a user ID and password, and then tap SIGN IN to sign in to Knox Manage.
NOTE—For devices running Android 10 (Q) or higher, tap the enrollment notification on the status bar to install the Work Profile manually.
-
On the “Set up a work profile” screen, read the privacy policy of Knox Manage, and then tap Agree. The work applications with the briefcase badge icons, which can be managed by Knox Manage, will appear on the device.
