Deploy Private LOB Apps to Android Devices using Intune

Hello Everyone. I hope you are having great learning with blog posts. We are back with another interesting topic Deploy Private LOB Apps to Android Devices in Intune. Our previous posts discussed topics like enrolling the Android Device and Compliance for Android devices. Let’s see how we can deploy/publish Private Apps or LOB apps to Android devices in Intune.

Line of Business apps are the apps that are specific to an organization and are used for internal use. These apps are either developed internally or by Private Apps for your Organization. These apps are designed to meet the specific needs of each company, and they are not available publicly in Google Play Store for use.

In order to optimize internal processes and boost productivity, Private Apps/Line of Business apps are a crucial component for any organization. These apps provide employees with the necessary tools to complete their tasks with utmost efficiency while also being custom branding and custom-designed to cater to the individual needs of each Organization.

Intune provides the solution for this requirement by helping organizations to deploy LOB/third-party apps to end-user devices. An IT admin can add these LOB apps to managed Google Play Store and deploy them to enrolled users. Intune supports various deployment scenarios, such as the silent installation of apps as soon as the user enrolls the device to Intune.

Patch My PC

Intune supports various types of Android apps for multiple types of enrolment. Let’s see in the below table details of


App Type
Devices supported
Android Store appsDevices Enrolled with Android admin mode
LOB AppsDevices Enrolled with Android admin mode
Web Links Devices Enrolled with Android admin mode
Managed Google Play Store appsBYOD devices enrolled in Work Profile
Corporate-owned Fully managed devices
Corporate-owned Work Profile devices
Corporate-owned dedicated devices
Managed Google Play Web Links BYOD devices enrolled in Work Profile
Corporate-owned Fully managed devices
Corporate-owned Work Profile devices
Corporate-owned dedicated devices
Android Enterprise system appsBYOD devices enrolled in Work Profile
Corporate owned Fully managed devices
Corporate-owned Work Profile devices
Corporate-owned dedicated devices
Managed Google Play Private apps(LOB apps for Android Enterprise devices)BYOD devices enrolled in Work Profile
Corporate-owned Fully managed devices
Corporate-owned Work Profile devices
Corporate-owned dedicated devices
Deploy Private LOB Apps to Android Devices using Intune Table: 1

Add Private LOB Apps to for Android Enterprise Devices

Let’s see how we can add Line of Business Apps apps to Intune. To add a Line of Business Apps, we must have a valid installation file(as these are Android apps, we must have a valid .apk file) with a valid application signature. An IT administrator must have Intune Administrator role, and the end-user must have an Intune license.

We can Publish LOB apps for Android Enterprise devices in 2 ways, directly from Intune Console using Managed Play iframe and the other way from Google Play Console. Let’s see the two different ways to publish the App.

Publish LOB Apps from Intune Managed Play iframe

Now let’s see how we can publish LOB or Third-party apps for AndroidAndroid Enterprise devices using Intune Managed Play iframe.

Adaptiva
  • Sign in to Microsoft Intune Admin Center http://intune.microsoft.com/
  • Click on Apps > Android > Android apps > Add App
  • Now Select Managed PlayStore apps > click on Select
Deploy Private LOB Apps to Android Devices using Intune Fig: 1
Deploy Private LOB Apps to Android Devices using Intune Fig: 1

Now Managed Play iframe will be opened, now click on Private Apps and click on the Plus button at the bottom to add the application.

Deploy Private LOB Apps to Android Devices using Intune Fig: 2
Deploy Private LOB Apps to Android Devices using Intune Fig: 2

Provide the name of the App and click the Upload button to add the.apk file from your desktop. Once uploaded, click on Create, now Google validates the app id, validates the application Signature, and creates the application.

If you are publishing the App for the first time, you will be asked to enter an Email address to send updates regarding the app (please use the same email used to integrate Android for Work with Intune).

Deploy Private LOB Apps to Android Devices using Intune Fig: 3
Deploy Private LOB Apps to Android Devices using Intune Fig: 3

Note: Applications uploaded to the Google Play store need to be signed in release mode. You may get an error message if it’s signed in debug mode, “APK has been signed in debug mode”.

Deploy Private LOB Apps to Android Devices using Intune Fig: 3.1
Deploy Private LOB Apps to Android Devices using Intune Fig: 3.1

Now click on Sync to sync the App to Intune. This would take some time to reflect the App in Intune. Once synced, search for the App and select the App. Click on Properties, scroll to the bottom, click Edit next to Assignment, and assign the App to User groups.

Deploy Private LOB Apps to Android Devices using Intune Fig: 4
Deploy Private LOB Apps to Android Devices using Intune Fig: 4

NOTE: While deploying Managed Google Play Private apps for the very first time, the Play developer account is provisioned automatically for your Organization. This account created is free of cost Apps created in this account are private and can’t publish to Public Google PlayStore. Google does not perform similar checks to these private apps as Public apps. We can upload a maximum of 15 per day, which includes web clips.

If you want to edit advanced options for the Private apps or add screenshots or icons, or descriptions of apps, we need to use the Google Play Console. We can navigate to the Play console directly or by following the steps below.

  • Sign in to Microsoft Intune Admin Center http://intune.microsoft.com/
  • Click on Apps > Android > Android apps > Add App
  • Now Select Managed PlayStore apps > click on Select
  • Click on Private Apps> Select the App> Make advanced edits
Deploy Private LOB Apps to Android Devices using Intune Fig: 5
Deploy Private LOB Apps to Android Devices using Intune Fig: 5

This will redirect you to the Google Play console. Sign in with your developer account. Now click on Store presence under Grow section and click on Main Store listing and edit the name, add a description and screenshots for the apps and icons, and save.

Deploy Private LOB Apps to Android Devices using Intune Fig: 6
Deploy Private LOB Apps to Android Devices using Intune Fig: 6

Publish LOB Apps from Developer Account

Publishing apps from the Developer account has many benefits over Managed Play iframe. To Publish apps from a Developer account, we need to register for a developer account, and registration fees of $25 are applicable. Once you create the account, follow the below steps to publish the apps.

Before publishing or adding apps, we need to get an organization ID from your Organization’s managed Google Play store and add it to your Developer account. Let’s see how we can add.

  • Sign in to Managed Google Play Store with the admin account used for integrating Intune and Managed Google Play Store.
  • Click on Admin Settings
  • Copy the Organization ID
Deploy Private LOB Apps to Android Devices using Intune Fig: 7
Deploy Private LOB Apps to Android Devices using Intune Fig: 7

Now we have the collected organization id, and we are ready to create an app in Google Play Console and publish the App to your Organization; we can add 1000 organizations per App. Let’s see how we can create and publish apps for your Organization.

  • Sign in to Google Play Console
  • Click Add App and click Create app
  • Select a default language and add a title for the App
  • Click on Release > Setup > Advance settings
  • Click on Managed Google Play tab
  • Click on Add Organization, provide the organization ID we collected earlier, name, and save the changes.
Deploy Private Apps/Line of Business Apps to Android Devices in Intune Fig: 8
Best Guide to Deploy Private Apps/Line of Business Apps to Android Devices in Intune Fig: 8

How to Get Private LOB Apps to Android Devices using Intune

Go to Release > Production to create a new release and upload the APK file. Validate all the details that popped up. Now click Start to roll out to Production to roll out your App. Once the App is released, go to Intune Console and search for the App. This may take 10-15 minutes to sync with your console. Now we can edit and assign the apps to end users.

Android Developer account, which is created from the Managed Play iframe, does not allow you to convert the account to publish apps in the Public Google Play Store. You can register for a Developer account by paying the registration fees with the same account.

So this is how we publish Private/LOB apps to Android Enterprise devices. We can deploy the apps in Required mode to install silently on users’ devices. If a user deletes the apps, they will install them once the device syncs with Intune. Let’s catch up with another interesting topic.

Author

About AuthorNarendra Kumar Malepati (Naren) has 11+ years of experience in IT, working on different MDM tools. Over the last seven years, Naren has been working on various features of Intune, including migration from different MDMs to Intune. Naren mainly focuses on Android, iOS, and MacOS.

2 thoughts on “Deploy Private LOB Apps to Android Devices using Intune”

  1. I have tried upload the .Apk file under Android Apps. Upload was Successful and able to approve from Google Play store, But, not listing under Android Apps for deployment. Tried sync multiple times and took more than 30 mins, but no luck

    Reply
    • how did you upload the .apk file? try uploading the file using Google play store iFrame provided in the Intune portal. Also validate by logging into Manage google playtore and check if you are able to view the app.

      Reply

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.