• The NFC provisioning method supports devices running Android 6 or newer.
• The device to be provisioned must have the NFC capability switched on.
• The device to be provisioned must be new or factory reset before starting.

Before you can start enrolling devices, you must prepare either an NFC tag or a programmer device that you will then use to transmit the enrollment settings to the devices.

• For Android 10 and later devices, the NFC provisioning is possible with the NFC tag only because Android Beam is deprecated in Android 10. This means that devices running Android 10 or later do not support file transfer between devices by tapping them together.
• Android 6 - 9 devices can be provisioned using the programmer device method.

If you are using the Premium version of GoTo Resolve MDM and you are interested in using the application management features for Android, then it is recommended to configure the managed Google Play Enterprise for your GoTo Resolve MDM site before enrolling the devices. Doing this will simplify the creation of managed Google Play accounts for the devices.

During the NFC provisioning, the devices will be enrolled in GoTo Resolve MDM as Fully managed devices. During the enrollment, GoTo Resolve MDM configures the devices according to the enrollment settings specified on your GoTo Resolve MDM site.

You can configure settings such as the Wi-Fi configurations, GoTo Resolve MDM enrollment credentials, language, and time zone for device setups. These settings are encoded in the enrollment QR code that you must read with GoTo Resolve MDM's NFC app when you're preparing the programmer device or creating the NFC tag. You find the configurations on the Enrollment > Android Enterprise page in GoTo Resolve MDM.

The layout of the screen may look different in the product.

More information about some of the settings:

• Keep system applications - Defines if the system applications are allowed on enrolled Android devices.
• Use mobile data for enrollment - The setting is for using mobile data instead of WiFi for enrollment of Android 10 or above devices. Checking this hides the possibility to configure Enrollment Wi-Fi, and devices will be enrolled with cellular data.
• Enrollment Wi-Fi settings - If you prefer WiFi enrollment, configure the network and password. You can choose to remove the WiFi configuration from the device after enrollment.
• Additional Wi-Fi settings - Configure the WiFi that stays in the device after enrollment. Allow the device to connect to the hidden WiFi by enabling the setting Additional Wi-Fi is hidden.

Fully managed devices are always tagged with the device owner tag during the enrollment in GoTo Resolve MDM. GoTo Resolve MDM also creates a managed account for each device during the enrollment if a user has been assigned to the device on GoTo Resolve MDM AND managed Google Play Enterprise has been enabled for the GoTo Resolve MDM site.

1. Get a device running an Android version between 6 and 9 that has a camera and NFC.
2. Download and install the GoTo Resolve MDM NFC provisioning application to the device.
3. Navigate to the Enrollment > Android Enterprise page on your GoTo Resolve MDM site and configure the enrollment settings for the NFC provisioning.
4. Use the device to read the enrollment settings from the QR code on that page.
   Note: You can use this device as the programmer device to transmit the enrollment information to other Android 6 - 9 devices simply by tapping them together.
5. If you want to create the NFC tag, you will now need another Android device with an NFC tag writer app installed. This device must run Android version 6 - 9.
6. Open the NFC tag writer app and read the enrollment information by tapping the device together with the programmer device.
7. Then use the device to write NFC tag(s) containing the enrollment information.
8. Read the NFC tag with a new or factory-reset Android device to begin the NFC provisioning of the device.

The following video shows how you can create an NFC card with your Wi-Fi settings, and how is it used to enroll devices to GoTo Resolve MDM in fully managed (device owner) mode.

In the NFC enrollment method, fully managed devices are enrolled automatically to GoTo Resolve MDM using mass enrollment and might not have a user configured. Therefore, you need to assign a user for the device after enrollment. You can do that through the device page on GoTo Resolve MDM.

You can also use device identifier CSV import before enrollment to upload a list of the serial numbers and user relations that are checked and linked automatically during enrollment. i.e. if you know beforehand that a certain device is given to a certain user at some point.

You may also need to initiate the creation of a managed Google Play account for mass-enrolled devices through GoTo Resolve MDM after you have assigned users for the mass-enrolled devices. You can create managed accounts by selecting desired users from the Users page and then using the Managed Google Play > Create managed Google Play account button from the page toolbar.

Factory reset is the only way how users can remove management from fully managed Android devices.

Administrators can prevent device users from performing a factory reset on fully managed Android devices using a GoTo Resolve MDM configuration profile.

See Preventing factory reset on fully managed Android devices.

• Enroll an Android device in fully managed device mode using a QR code
• Android zero-touch enrollment
• Samsung Knox Mobile Enrollment