I would like to ask, if somebody tried enroll Kiosk devices with Android via programmed NFC tags.
I found this great blog post and followed steps inside. But I'm unable to even start process of enrolling, tried on Android 5.1, 7.1.2 and 8.0.
I tried original way from blog post with only replacing token, but original link from post for DOWNLOAD_LOCATION seems to be dead, so I took link from Android Developers also I computed new SHA-1 check sum which should be 837C87477198CB2DFBFB6CA44829AF2921F3544B for latest version of downloaded apk. Inserted my enrollment token from Microsoft Intune Portal. Encryption is skipped according to fact that Lollipop is not encrypted by default and enrolling device could not be plugged to AC or is not charged to 70%.
I created with NFC Tools PRO (android app) new Custom record of data for application/com.android.managedprovisioning and inserted lines below.
android.app.extra.PROVISIONING_SKIP_ENCRYPTION=true
android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION=https://play.google.com/managed/downloadManagingApp?identifier=setup
android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM=837C87477198CB2DFBFB6CA44829AF2921F3544B
android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME=com.google.android.apps.work.clouddpc/.receivers.CloudDeviceAdminReceiver
android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE=com.google.android.apps.work.clouddpc.EXTRA_ENROLLMENT_TOKEN\=TOKEN
Then I write lines to NFC tag, no errors, everything looks fine.
Reading of tag show everything correctly wrote.
My device boots after factory reset and I place NFC tag to device's NFC antena.
And proccess immediately fails with "Oops! Couldn't set up your device. Contact your IT department."
Other enrollment methods works (QR code, ...) great but I need NFC method for Android 5.1 because other enrollment methods are not supported by this version of android.
Every reply will be highly appreciated.
so this code is finally working for Android 5.1. Wrote to NFC Tag with NFC Tools PRO
android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED=true
android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION=https\://play.google.com/managed/downloadManagingApp?identifier\=setup
android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_CHECKSUM=g3yHR3GYyy37-2ykSCmvKSHzVEs
desc=InTune
android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE=com.google.android.apps.work.clouddpc.EXTRA_ENROLLMENT_TOKEN\=<secret from Intune>
android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_NAME=com.google.android.apps.work.clouddpc
Please note that, this code is only for Microsoft Intune EMM (as you can see there is desc=InTune)
Thanks for all comments!