Samsung Knox API Deprecation Impacts Intune Settings for Android Device Administrator Managed Devices

Samsung Knox API Deprecation Impacts Intune Settings for Android Device Administrator Managed Devices! Samsung has officially stopped supporting several Knox APIs, which affects Android Device Administrator (DA) managed devices and their settings.

This change impacts various settings in Microsoft Intune, making it harder for IT administrators to manage Android DA devices in organizations. Some features might still work after the Knox APIs are no longer supported, but there is no guarantee they will continue functioning correctly on all Android DA device versions.

Samsung’s decision to end support for these APIs creates uncertainty, as future Android updates could cause these settings to stop working or become unreliable. This post will explore the impacts of Samsung Knox API deprecation on Intune settings for Android Device Administrator (DA) managed devices.

Samsung’s decision to stop supporting several Knox APIs affects various configurations within Microsoft Intune, which can create challenges for IT administrators responsible for managing Android DA devices in enterprise environments. We will discuss the critical areas impacted and the potential risks associated with ongoing functionality.

Patch My PC

What Options are Available to Manage Android Devices with Intune?

Samsung-Knox-API-Deprecation-Impacts-Intune-Settings

You can manage Android devices using one of the following Android Enterprise options.

Personally Owned Work Profile Devices
Corporate-Owned Devices with Work Profile
Fully Managed Devices
Dedicated Devices

What is the Samsung Knox SDK?

Samsung Knox API Deprecation Impacts Intune Settings for Android Device Administrator Managed Devices 1

The Samsung Knox SDK is a consolidated package that combines several previous SDKs, including Knox Standard SDK, Knox Premium SDK, Knox Customization SDK, Knox ISV SDK, Knox UCM SDK, and Knox VPN SDK. It provides a single SDK package to simplify developers’ development processes.

Samsung Knox API Deprecation Impacts Intune Settings for Android Device Administrator Managed Devices

Let’s discuss how Samsung’s deprecation of Knox APIs Impacts Intune Settings for Android Device Administrator-Managed Devices. Samsung’s deprecation of Knox APIs impacts several critical management settings within Intune. The Key Affected Intune Settings are explained below.

Steps
Log In to the Microsoft Intune Admin Center 
Click on Devices> Android > Configuration
Click on Create
Select the Platform as Android device administrator
Samsung Knox API Deprecation Impacts Intune Settings for Android Device Administrator Managed Devices – Table 1
Samsung Knox API Deprecation Impacts Intune Settings for Android Device Administrator Managed Devices - Fig.1
Samsung Knox API Deprecation Impacts Intune Settings for Android Device Administrator Managed Devices – Fig.1

Device Restriction Settings

Device restriction settings for Android devices in your mobile device management (MDM) solution allow for effective management of device features. Administrators use these settings to control specific device features, such as app installations, network settings, and security configurations. The deprecation of Knox APIs may affect the enforcement of these restrictions, leading to reduced control over devices running Android DA.

  • Devices > Android > Configuration
  • Select the Platform as Android Device Administrator
  • Select the Profile type as Device restrictions
Samsung Knox API Deprecation Impacts Intune Settings for Android Device Administrator Managed Devices - Fig.2
Samsung Knox API Deprecation Impacts Intune Settings for Android Device Administrator Managed Devices – Fig.2

Compliance Settings

In Intune, you can configure various compliance settings for Android Device Administrator devices as part of your mobile device management (MDM) solution. With the Knox APIs no longer supported, certain compliance checks may no longer be enforceable, impacting organizations’ ability to ensure devices meet their security standards.

  • Devices > Android > Compliance
Samsung Knox API Deprecation Impacts Intune Settings for Android Device Administrator Managed Devices - Fig.3
Samsung Knox API Deprecation Impacts Intune Settings for Android Device Administrator Managed Devices – Fig.3

Trusted Certificate Profiles

To effectively manage certificates within your organization, creating trusted certificate profiles is essential before deploying other certificate types like SCEP, PKCS, or PKCS imported profiles is necessary. The Knox API deprecation could disrupt certificate management on Android DA devices, potentially weakening secure communications.

Samsung Knox API Deprecation Impacts Intune Settings for Android Device Administrator Managed Devices - Fig.4
Samsung Knox API Deprecation Impacts Intune Settings for Android Device Administrator Managed Devices – Fig.4

Essential Steps for Administrators Managing Android DA Devices with Intune

Administrators managing Android Device Administrator (DA) devices with Intune should check their profiles and settings in the Intune Admin Center. Profiles containing deprecated APIs will have notes highlighting their potential impact. Samsung recommends that organizations switch from Android Device Administrator to Android Enterprise management.

Samsung Knox API Deprecation Impacts Intune Settings for Android Device Administrator Managed Devices - Fig.5
Samsung Knox API Deprecation Impacts Intune Settings for Android Device Administrator Managed Devices – Fig.5

Join the LinkedIn Page and Telegram group to get the latest step-by-step guides and news updates. Join our Meetup Page to participate in User group meetings. Also, Join the WhatsApp Community to get the latest news on Microsoft Technologies. We are there on Reddit as well.

Author

Anoop C Nair has been Microsoft MVP from 2015 onwards for 10 consecutive years! He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is also a Blogger, Speaker, and Local User Group Community leader. His primary focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc.

Leave a Comment