I am new to MDM deployment, and I have our organization's requirements - specifically:
1. The ability to erase the entire phone if needed
2. The ability for users to add apps through google play or apple store on their own (without the admin having to approve the app).
I have tried both the device ownership setup and also the work profile BYOD. As I understand it, the device ownership has the ability to erase the entire phone - but I have not figured out a way to allow applications to be added by the user themselves - there is no access to the open google play store. The work profile BYOD allows for the google play store, as it is outside the container - but the "erase phone" ability is limited to the work profile container only.
Is there any settings that I am missing that will allow for both of those requirements?
You absolutely want to use device owner mode.
I think this might be a System App restriction. To remove it do something like:
Systems Manager/Settings/<choose a profile>
-Add the restriction "Android System Apps"
Change the "List Type" to "Blacklist".
As long as you define no apps - everything will now be allowed.
I have same requirements :
Device Owner Mode + Standard Public Playstore.
Somebody can help us ?
Device owner 100%
You will have a managed account, you can then add another Google account which has access to play store just like any other, you just need to switch between the two within the play store (top left i believe)
One of my colleagues has a deployed S9 like this so if you have any questions let me know
Just to follow up, here are some screenshots.
To switch between Personal and Work accounts you click the other accounts icon