Pixel and internal WiFi

ctchia · February 21, 2019, 1:59am

Hi

Anyone have had success enrolling a Pixel and getting a wifi cert profile to install? I have no problems with Samsungs, and I can manually install the root cert to a Pixel, but can’t get it to work with our internal PKI to connect to the internal WiFi

Regards

daniil_michine · February 21, 2019, 2:59am

Which version of Android? Is the Samsung and Pixel on the same version? What MDM platform? Are you using Android Enterprise? Are you providing the intermediate certs so that the trust chain is complete?

ctchia · February 21, 2019, 3:50am

Hi Daniil

Android 9.

Yes Samsung and Pixel are both 9.

Airwatch (on prem 9.5.0.19.

No enterprise, just legacy.

No intermediate, just the root and client. But I have tried intermediate without success.

daniil_michine · February 21, 2019, 6:47pm

It is likely the reason it is working on Samsung is due to SAFE/Knox APIs being used to leverage these functions.

Google have been deprecating the API calls for device admin, in terms of Device Admin API there is actually no API call to install credentials: https://developer.android.com/guide/topics/admin/device-admin.html

You should really look at migrating to Android Enterprise as the Device Admin API will be deprecated even further in next release of Android.

JasonBayton · February 21, 2019, 7:04pm

100%

You should hold little expectation of anything outside of Samsung being manageable with DA. The experience will be night and day when you do migrate. Your version of AW is a little behind also.

ctchia · February 24, 2019, 11:48pm

Thanks Daniil and Jason for your feedback. BTW, Daniil - always appreciate your posts on this forum and Jason - read your Android Enterprise post, very informative.

In regards to moving to Android Enterprise, does this mean that with Work Profile, you can’t manage/deploy WiFi anymore? With email, does this mean your limited to Gmail only (can’t use native mail client like Samsung)?

daniil_michine · February 25, 2019, 2:07am

With work profile it is possible to deploy both WiFi configuration and certificates and should be possible out of AirWatch.

Android does not have a “native” email client, so you can choose an email app and if this email app supports app config you can configure it remotely.

For example if your org is licensed to use Outlook, you can configure and use Outlook.

andrew_dawson · February 28, 2019, 4:49am

If you do not have a specific email client then fall back to gmail for you AE email deployment needs.

ctchia · March 8, 2019, 5:03am

With Android Enterprise, I’ve setup a new location group and some profiles to test out, but when I try to enrol, I get an error “ failed to register google account. Please enrol again” then option to only wipe or retry. Any suggestions? The Android EMM registration part is successful and test connection works