- *BASICS*
- The Knox Ecosystem
- White Paper
- Samsung Knox Portal
- Knox Cloud Services
- General Knox Support
- Knox Licenses
- *FOR IT ADMINS*
- Knox Admin Portal
- Knox Suite
- Knox Platform for Enterprise
- Introduction
- How-to videos
- Before you begin
- Get started with UEMs
- Introduction
- Blackberry UEM
- Citrix Endpoint Management
- FAMOC
- IBM MaaS360
- Microsoft Intune
- MobileIron Cloud
- MobileIron Core
- Samsung Knox Manage
- SOTI MobiControl
- VMware Workspace ONE UEM
- Knox Service Plugin
- Release notes
- Migrate to Android 11
- FAQs
- Troubleshoot
- KBAs
- Knox Mobile Enrollment
- Introduction
- How-to videos
- Get started
- Features
- Register resellers
- Add an admin
- Create profiles
- Google device owner support
- MDM compatibility matrices
- Device users
- Activity log
- Enroll and unenroll devices
- Configure devices
- Provide KME feedback
- Use the Knox Deployment App (KDA)
- Recover Google FRP locked devices using KME
- Role-based access control (RBAC)
- Release notes
- FAQs
- Troubleshoot
- KBAs
- On-Premise
- Knox Configure
- Mobile
- Wearables
- Shared Device
- KBAs
- Knox Capture
- Introduction
- How it works
- How-to videos
- IT admins: Get started
- Getting started with Knox Capture
- Step 1: Launch Knox Capture
- Step 2: Create a scanning profile
- Step 3: Select apps and activities
- Step 4: Configure the scanner
- Step 5: Set keystroke output rules
- Step 6: Test apps in your configuration
- Step 7: Share your configuration
- Step 8: Deploy Knox Capture in Managed mode
- End users: Get started
- Features
- Release notes
- FAQs
- Troubleshoot
- Knox Asset Intelligence
- Knox Manage
- Introduction
- How-to videos
- Get started
- Video: Getting started with Knox Manage
- Integration with Managed Service Provider
- Access Knox Manage
- Configure basic environments
- Create user accounts
- Create groups
- Create organization
- Set up devices and profiles
- Set up Knox Manage deployment with a Knox Suite license
- Manage Chromebooks
- Manage Android devices with the Android Management API
- Manage Shared iPads
- Configure
- Licenses
- Organization
- Users
- Sync user information
- Groups
- Devices
- Content
- Applications
- View applications
- Add applications
- Introduction
- Add internal Android and iOS applications
- Add internal Windows applications
- Add public applications using Google Play Store
- Add public applications using iOS App Store
- Add public applications using Managed Google Play Private
- Add public applications using Managed Google Play Store Private Web
- Add public applications using Microsoft Store
- Add Chrome OS applications
- Assign applications
- Introduction
- Assign internal Android and iOS apps
- Assign iOS App Store applications
- Assign Google Play applications
- Assign Managed Google Play applications
- Assign Managed Google Play Private applications
- Assigned Managed Google Play public web apps
- Assign Windows applications
- Assign Chrome OS applications
- Manage applications
- Volume Purchase Program for iOS
- Profile
- Knox E-FOTA
- Certificates
- Advanced settings
- Monitor
- Kiosk devices
- Knox Remote Support
- Active Directory
- Microsoft Exchange
- Mobile Admin
- Appendix
- Release notes
- Features
- FAQs
- KBAs
- Knox E-FOTA
- Introduction
- How-to videos
- Get started
- Features
- EMM integration
- Appendix
- Release notes
- FAQs
- KBAs
- Troubleshoot
- Knox E-FOTA On-Premises
- Legacy Knox E-FOTA products
- Knox Guard
- Introduction
- How-to video
- Get started
- Using Knox Guard
- Dashboard
- Manage devices
- Introduction
- Accept or reject devices
- Upload devices
- Delete devices
- Complete payment
- Send payment overdue notification
- Enable or disable SIM control
- Download devices as CSV
- View device log
- View device deletion log
- Start and stop blinking reminder
- Lock and unlock devices
- Update lock message
- Send relock timestamp
- Turn on/off relock reminder
- Manage policies
- Manage licenses
- Manage resellers
- Manage admins and roles
- Activity log
- Knox Deployment App
- Release notes
- FAQs
- KBAs
- Support
- Samsung Care+ for Business
- *FOR RESELLERS*
- Knox Deployment Program
- *FOR MANAGED SERVICE PROVIDERS*
- Knox MSP Program
Knox Mobile Enrollment (KME) Direct is the on premise version of KME. It aims to simplify the initial setup and enrollment of corporate-owned devices in a closed network or on premise environment where devices are activated and used with little configuration variance amongst the devices deployed.
Audience
This document is intended for:
- IT admins—Admins create profiles with the necessary device settings, restrictions, apps, and other content to deploy to groups of devices. Once a device configuration profile is created, the admin or device users can configure and set up their devices using a QR code on a device connected to the enterprise’s network. Devices set up using the QR code are then enrolled in the enterprise’s MDM.
About Knox Mobile Enrollment Direct
To mass deploy devices to device users or employees, the IT administrator uses Knox Mobile Enrollment Direct to create, configure, and generate a QR code that the device user can use to set up their devices. For an overview of the Knox Mobile Enrollment Direct workflow, see Knox Mobile Enrollment Direct workflow.
Key features
Knox Mobile Enrollment Direct offers the following key features:
- Simple provisioning—The device user does not need to perform any activities for setting up and configuring the device beyond unboxing the device and scanning a QR code.
- Automated workflow—IT admins can automate all activities in the workflow, right from network connection properties to device configuration such as security and privacy settings or display properties.
Key benefits
Over and above these core features, Samsung's Knox Mobile Enrollment Direct provides the following device enrollment benefits:
- Configure once, deploy multiple times—For enterprise IT admins, setting up and configuring hundreds or thousands of enterprise devices can mean a labor intensive, manual process. With Knox Mobile Enrollment Direct, IT admins can create a configuration profile and send a QR code to the device user so that the device user can unbox, set up, and configure their own devices. IT admins can create multiple configuration profiles, one for each device use case, and share these with the device users. For example, the IT admin can create one device profile for a sales person, another for a customer support representative, and yet another for an HR employee. Each profile is associated with one generated QR code. When the device user or employee scans the appropriate QR code on their device, the appropriate set up and configuration profile is installed on their enterprise device.
- No hassle device set up and configuration—Setting up and configuring devices in a closed network or on premise environment generally requires the enterprise’s IT admin or the device user to follow a set of procedures on the target device. This process often involves turning on the device and manually applying the appropriate settings or maybe just pushing a device configuration profile using an MDM. This manual process often creates problems, resulting in IT teams having to spend time guiding frustrated employees through the process. With Knox Mobile Enrollment Direct, this entire process is automated and does not require any support from the IT admin. As soon as the employee receives their device, powers it on, and scans the QR code, the device automatically installs the required software and applies the security settings and configurations provisioned by the enterprise.
- Mobile security management—With Samsung Knox, the integrity of the entire device is protected from hardware to the application layer. With Knox Mobile Enrollment Direct, similar to KME, IT admins can set security policies without physically touching the device. IT admins can retain total device control.
Knox Mobile Enrollment Direct workflow
The Knox Mobile Enrollment Direct workflow offers a streamlined method of configuring device profiles and allowing device users to use an automated method of setting up their devices.
The workflow is as follows:
- The enterprise’s IT admin purchases devices either from their Samsung representative, a Reseller, or a mobile carrier.
- The IT Admin now uses a Windows 10 device to log in to Samsungknox.com > Knox Mobile Enrollment Direct download page and download the PC application.
- The IT admin follows on-screen prompts to review terms and conditions and open the application on their device.
- The IT Admin uses the PC application to configure the devices by assigning them to a device configuration profile and optionally adding username and password information to each device. The IT admin can also automatically assign devices to a profile.
IMPORTANT—Before you use Knox Mobile Enrollment Direct to manage a device, the IT admin must first erase the devices' unique ID from KME Cloud since KME Cloud profiles are higher priority than Knox Mobile Enrollment Direct profiles. Otherwise, the KME cloud profile will override Knox Mobile Enrollment Direct profile.
