Samsung Knox API Deprecation Impacts Intune Settings for Android Device Administrator Managed Devices! Samsung has officially stopped supporting several Knox APIs, which affects Android Device Administrator (DA) managed devices and their settings.
This change impacts various settings in Microsoft Intune, making it harder for IT administrators to manage Android DA devices in organizations. Some features might still work after the Knox APIs are no longer supported, but there is no guarantee they will continue functioning correctly on all Android DA device versions.
Samsung’s decision to end support for these APIs creates uncertainty, as future Android updates could cause these settings to stop working or become unreliable. This post will explore the impacts of Samsung Knox API deprecation on Intune settings for Android Device Administrator (DA) managed devices.
Samsung’s decision to stop supporting several Knox APIs affects various configurations within Microsoft Intune, which can create challenges for IT administrators responsible for managing Android DA devices in enterprise environments. We will discuss the critical areas impacted and the potential risks associated with ongoing functionality.
Table of Contents
What Options are Available to Manage Android Devices with Intune?
You can manage Android devices using one of the following Android Enterprise options.
Personally Owned Work Profile Devices
Corporate-Owned Devices with Work Profile
Fully Managed Devices
Dedicated Devices
What is the Samsung Knox SDK?
The Samsung Knox SDK is a consolidated package that combines several previous SDKs, including Knox Standard SDK, Knox Premium SDK, Knox Customization SDK, Knox ISV SDK, Knox UCM SDK, and Knox VPN SDK. It provides a single SDK package to simplify developers’ development processes.
Samsung Knox API Deprecation Impacts Intune Settings for Android Device Administrator Managed Devices
Let’s discuss how Samsung’s deprecation of Knox APIs Impacts Intune Settings for Android Device Administrator-Managed Devices. Samsung’s deprecation of Knox APIs impacts several critical management settings within Intune. The Key Affected Intune Settings are explained below.
| Steps |
|---|
| Log In to the Microsoft Intune Admin Center |
| Click on Devices> Android > Configuration |
| Click on Create |
| Select the Platform as Android device administrator |
- Easy Way to Create a Compliance Policy for Android Devices in Intune
- Enroll Android Devices to Android for Work in Intune
- Intune Enrollment Time Grouping for Android Enterprise Corporate Devices
Device Restriction Settings
Device restriction settings for Android devices in your mobile device management (MDM) solution allow for effective management of device features. Administrators use these settings to control specific device features, such as app installations, network settings, and security configurations. The deprecation of Knox APIs may affect the enforcement of these restrictions, leading to reduced control over devices running Android DA.
- Devices > Android > Configuration
- Select the Platform as Android Device Administrator
- Select the Profile type as Device restrictions
Compliance Settings
In Intune, you can configure various compliance settings for Android Device Administrator devices as part of your mobile device management (MDM) solution. With the Knox APIs no longer supported, certain compliance checks may no longer be enforceable, impacting organizations’ ability to ensure devices meet their security standards.
- Devices > Android > Compliance
Trusted Certificate Profiles
To effectively manage certificates within your organization, creating trusted certificate profiles is essential before deploying other certificate types like SCEP, PKCS, or PKCS imported profiles is necessary. The Knox API deprecation could disrupt certificate management on Android DA devices, potentially weakening secure communications.
- Enhanced App Deployment in Intune with Direct App Links from Enterprise App Catalog
- Integrating Dell Management Portal in Intune Admin Center Coming Soon
- Intune Device Firmware Configuration Interface DFCI now Supports VAIO Devices Running Windows 10 and 11
- Microsoft Intune Enhances PKCS Certificate Issuance with SID Support
Essential Steps for Administrators Managing Android DA Devices with Intune
Administrators managing Android Device Administrator (DA) devices with Intune should check their profiles and settings in the Intune Admin Center. Profiles containing deprecated APIs will have notes highlighting their potential impact. Samsung recommends that organizations switch from Android Device Administrator to Android Enterprise management.
Join the LinkedIn Page and Telegram group to get the latest step-by-step guides and news updates. Join our Meetup Page to participate in User group meetings. Also, Join the WhatsApp Community to get the latest news on Microsoft Technologies. We are there on Reddit as well.
Author
Anoop C Nair has been Microsoft MVP from 2015 onwards for 10 consecutive years! He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is also a Blogger, Speaker, and Local User Group Community leader. His primary focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc.