Android (Legacy), also known as Device administrator, is the legacy method of enrolling Android devices with the Workspace ONE UEM console after Android’s Work Managed and Work Profile modes were introduced in Android 5.0. Customers who are enrolled into Workspace ONE UEM using Android (Legacy) deployment can migrate to Android Enterprise to take advantage of device functionality for the enterprise.
This section gives you information and best practices on how to move from the Android (Legacy) deployment to Android Enterprise.
Google deprecated certain device administrator APIs in favor or more up-to-date device functionality because device administrator is not well suited to support current enterprise requirements. Workspace ONE UEM customers can adopt Work Managed (ideal for corporate owned devices), Work Profile (ideal for BYOD deployments), and Corporate Owned Personally Enabled (COPE) modes to manage their Android devices by migrating from Android (Legacy) to Android Enterprise.
When to migrate to Android Enterprise is at the discretion of your business needs and timing of the actual migration depends on you organization's use cases. Here are a few considerations:
If your current devices are unlikely to receive Android 10, or the OS updates are controlled by your organization, it is not necessary to migrate these devices. You can deploy Android enterprise for newly purchased devices.
BYOD devices are the most vulnerable as end users are likely to update their devices to the latest operating system. A migration from device administrator to work profile can be achieved using the Android Legacy Migration feature in the Workspace ONE UEM console.
Zebra devices running Android 7 and higher and MXMF 7 and higher support a migration from Android (Legacy) to Android Enterprise Work Managed mode. Contact Zebra support to retrieve a certificate for your company, which is required from a security perspective to ensure the integrity of the migration. Certificates typically have a short lifespan (30-90 days). The certificate should be a
Zebra may request the following information for the certificate generation:
The migration requirements and features from this flow include:
Android EMM Registration
Set up Android EMM Registration in your environment to enable enrollment and migration of devices into Android Enterprise.
Two new custom attributes,
migration.do.ineligibilityReason, are reported to the console. If
migration.do.eligible has a value of 'true' then the device is capable of migration. The console will automatically check this attribute prior to sending a migration command to the device. If the value is 'false' then please check
migration.do.ineligibilityReason for further guidance.
The Workspace ONE UEM console provides a seamless process that helps you migrate all devices from Android (Legacy) to a Work Profile for Android Enterprise. The migration features in the UEM console help you to make sure that:
You can migrate from Android (Legacy) to Android Enterprise with your corporate owned devices into Work Managed Mode or Corporate Owned Personally Enabled (COPE). The enrollment and migration options vary depending on Android OS, device type, and whether the devices have access to Google Services. This scenario is best for migrating non- Zebra Android devices.
The migration and enrollment options are:
If you are currently enrolled into Workspace ONE UEM with Android devices deployed through Android (Legacy) and want to switch to Android Enterprise without Google Services, we offer Closed Network support for corporated owned devices and unmanaged enrollment for BYOD devices.
If you have a device that has no network connectivity or the device can connect to a network but has no Google services (a non-GMS certified device), you can enroll these devices into Android Enterprise into Work Managed Mode and push internal applications and apply policies with Android profiles.
If you have a device that has network connectivity but has restrictions on Google Services, for example devices being in China, you can use Closed Network support for corporate devices. For BYOD devices, you can use SDK-based MAM only mode called Registered Mode to enable unmanaged enrollment for Android devices.
Zero-touch enrollment allows Android devices to be configured in bulk with Workspace ONE UEM as your EMM provider right out of the box without having to manually setup each device. Using Zero-touch enrollment with your Android (Legacy) migration allows you to move your devices to Fully Managed mode with ease and ensuring the migration is completed securely.
Google deprecated certain device administrator APIs in favor of more up-to-date device functionality because device administrator is not well suited to support current enterprise requirements. The following APIs available with device administrator no longer function on devices running Android 10 and above. Devices remaining on Android 9.0 and below are not impacted:
To help you better understand the Android (Legacy) migration, here are some commonly asked questions and best practices to make for a successful migation.
When I enable Android enterprise in an organization group, does it affect my existing device administrator enrollments?
Can device administrator and Android enterprise co-exist in the same UEM console?
Device administrator enrollments and Android enterprise enrollments can co-exist in the same organization group. Profile management is separated as Android and Android (Legacy) for Android enterprise and device administrator enrollments respectively.
Additionally, with UEM console v9.2.0+ it is possible to override Android enterprise enrollments at specific organization groups, or even limit it to specific smart groups.
Can I use Product Provisioning with Android enterprise?
Are OEM-specific management capabilities available on devices enrolled through Android enterprise?
Does Workspace ONE Assist work with Android Enterprise?
Can new customers use Android (Legacy)?
New Workspace ONE UEM customers must setup Android Enterprise to deploy Android devices.
Existing customers can disable and re-enable Android (Legacy) as desired.
Now that you understand Android (Legacy) migration, you can proceed to complete the prerequisites to being migration.