Forum Discussion
Solved
Best practice for the managed Google Play Account in Intune/MEM
Hi All, I'm looking for some advice on the best practice for setting the first step of Android enrollment in Microsoft Intune/MEM. What is the best practice for security and management, when ...
There isn't a real, outlined best practices here.
You don't need a Exchange license per say, you could use this solution - https://msendpointmgr.com/2020/08/08/2-for-1-mail-enable-unlicensed-admin-accounts/
I would use one Professional account if possible, will be the easiest way
I mostly create a general Google account that is shared across the organization and can be linked with Intune.
The managed Google Account is not that important, if you would ever loose access. You can link it again and re-add your apps.
In comparison, if you loose access to your Apple account, you need to re enroll your device
The managed Google Account is not that important, if you would ever loose access. You can link it again and re-add your apps.
In comparison, if you loose access to your Apple account, you need to re enroll your device
Thijs LecomteThanks for your answer !
This gmail account doesn't receive any email we need to check for MEM/InTune or Google Play ?
Can we change the password and add MFA for this account without breaking InTune integration ?
I have read that if we loose access to the Google Play account in InTune, to change this account with a new one, we need first retire all enrolled Android device and then enroll all devices. This will have a big impact for user, or there is a easier way to do this?
Thanks,
- Hi
You don't really need the check emails, except if you would require approval for app updates maybe.
I haven't personally tried enabling MFA on the account. It's something to try out I guess.Thijs Lecomte When we want to use Android Zero-Touch, do we need to use the same account (Intune Google Play Account) or this can be 2 different account ?
Apparently Google is asking to use a professionnal account to access to Zero-Touch portal.
If we use a professional account, this account need also to have an Exchange Online licence always activated with an enabled mailbox ?
Thanks !
- Yeah, you can use a different account. They are essentially two different things
