Android device management agents FAQ

If you're an admin using advanced mobile management in your organization, what you can control on a user's Android device depends on the management app of the device. The management app is an agent, which gives your organization access to device information and settings.

In September 2019, Google rolled out a new Android management app called Android Device Policy. This app replaced the legacy Google Apps Device Policy, which is no longer supported. Android Device Policy offers new features and changes how some existing features behave. To switch to Android Device Policy, users must have an Android 6.0 Marshmallow or later device that supports a work profile. 

As of March 19, 2022, Google Apps Device Policy app is not supported. Learn to identify devices still using this agent.

Transitioning to Android Device Policy

How do I transition my organization's Android devices from Google Apps Device Policy to Android Device Policy?

The transition process depends on how the device is set up:

Personal device with a work profile

Your organization's management privilege is Profile owner

On the device, the user removes their work profile and then adds their work account again. They're prompted to set up Android Device Policy.

Note: If the device doesn't support Android Device Policy, the user is prompted to set up Google Apps Device Policy app instead.

Personal device without a work profile

Your organization's management privilege is Device admin

On the device, the user takes the following steps:

  1. Open the Google Apps Device Policy app.
  2. Tap Unregister. The work account is removed from the device.
  3. Open the Settings app and tap Accounts.
  4. Add the work account again and set up Android Device Policy. During enrollment, the user must set up a work profile because it's required for Android Device Policy.

    Note: If the device doesn't support Android Device Policy, the user is prompted to set up Google Apps Device Policy app instead.

Company-owned device or a personal device the users sets as work-only

Your organization's management privilege is Device owner

To trigger the switch, an admin must reset the device or, if allowed, the user. The user can then add the work account again and set up Android Device Policy. Note: If the device doesn't support Android Device Policy, the user is prompted to set up Google Apps Device Policy app instead.

To reset the device from the Admin console:

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. Go to Menu ""and then"" Devicesand thenOverview.

  3. Click Mobile devices.
  4. Point to the device and click More""and thenWipe Device.

If you allow users to reset their devices, the user can reset the device.

How do I identify the management app of one device?
  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. Go to Menu ""and then"" Devicesand thenOverview.

  3. Click Mobile devices.
  4. Click the row of the device that you want to view details for.
  5. Click Device security.

    The device’s management is listed under User agent.

How do I identify the management app of multiple devices?
  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. In the Admin console, go to Menu ""and then"" Devicesand thenMobile & endpointsand thenDevices.
  3. Click Add a filterand thenselect OSand thenenter Androidand thenclick Apply.
  4. Click Add a filterand thenselect Management leveland thenselect Advancedand thenclick Apply.
  5. To export the results, in the top-right corner, click Download device list"".
  6. In download box, select All columns and Google Sheetsand thenclick Download.
  7. To open your download, under Your Tasks, click Open in Google Sheets.
  8. In Google Sheets, filter the data by User Agent.

Installing Android Device Policy

How does a user install Android Device Policy?

The device user doesn't need to install anything, but they will be prompted to set up a work profile on personal devices. 

Where's the Android Device Policy icon on a device?

Android Device Policy is integrated directly into the operating system of the device, so it doesn't open as a separate app on the device. If needed, you can access the app in Google Play. On the device, tap Play Store and search for Android Device Policy.

Managing Android Device Policy

What happens when I wipe an account or device remotely?

The data that's removed from a device depends on your organization's management privilege:

Device type

Wipe device Wipe account

Personal device with a work profile

Your organization's management privilege is Profile owner

The user’s work profile is removed, which includes the work account and all apps and data associated with it.

Personal data and apps remain on the device.

Same as Wipe device

Company-owned device (or a personal device the users sets as work only)

Your organization's management privilege is Device owner

The device is reset to its factory settings.

All work and personal data is removed.

The device is reset to its factory settings. All work and personal data is removed.

Note: If the device is currently under basic mobile management but was previously under advanced mobile management, wiping the account isn’t supported and the only option is to wipe the device.

Can I deactivate the work profile setup requirement for Android Device Policy?

No. Personal Android devices managed with advanced mobile management and set up as user-owned (user selects Use for work & personal during setup) must install a work profile to access work data.

Note: The user is required to create a work profile even when you deactivate work profile creation or make it optional (In the Admin console, go to Devicesand thenMobile & endpointsand thenSettingsand thenAndroid settingsand thenWork Profileand thenWork Profile Setup).

A work profile isn't required when users select Use for work only when they set up their personal device. However, the organization still manages the device and the user can't add personal accounts. If the account is wiped remotely, the device is reset to its factory settings and all data is removed.

Was this helpful?
How can we improve it?

Need more help?

Sign in for additional support options to quickly solve your issue

Search
Clear search
Close search
Google apps
Main menu
Search Help Center
false
false
true
73010
false
false