Android EMM Global Default Policy Change (14.9+)

What

Prior to version 14.9 of FIleWave, Password and Keyguard policies were included automatically in an Android Default Custom Policy. An Android Default Custom Policy sets certain device parameters for ALL managed Android EMM devices. In Version 14.9, this behavior is changed because inclusion of Keyguard/Password elements in the default policy can cause issues with BYOD enrollment, so those elements are now removed from all default policies.

When/Why

Default Policies are used to set global settings for enrolled Android devices. If you don’t use them, or are just starting now to use them, this article has no impact on your environment. If you used them prior though, and Keyguard and Password Policies are important to your environment, you MUST make the changes outlined below.

How

Because those two settings are removed from the default policy, you’ll likely want to make the following change BEFORE upgrade to ensure a seamless policy shift (afterword is OK too, but devices won’t have the policies in the meantime). Basically, it is a simple change…instead of including those policy configs in the global policy, we’ll just put them in a normal (fileset) policy and apply that by smart group instead. The best option would be to apply that policy via a smart group to all non-BYOD Android devices. Then, as soon as your server is upgraded, all devices that need the “new” policies will have them. Example fileset policy and smart group definition shown below:

Keyguard/Password Policy in a Fileset Policy
Smart Group to Assign Fileset Policy