How to setup KME (Knox Mobile Enrollment)

How do I setup my Samsung KME account with TinyMDM?

Knox Mobile Enrollment” is a simplified enrollment process for Samsung devices. On first start-up, the devices check whether a specific configuration has been assigned to them. If so, the fully managed device configuration process is launched, the right MDM is downloaded (here TinyMDM) and the device configuration is completed.

To benefit from this service, you must create a Samsung KME account use your professional email address. You will get a customer ID linked to your console, which you will have to communicate later on when ordering terminals. Then, choose an authorized terminal reseller and place your order by communicating your customer ID. The reseller, in the process of routing the ordered terminals, will load these terminals into your console: you will see them appear in your KME account and can start your settings below.

Prerequisites: having both a KME account and a TinyMDM account with a security policy

STEP 1: Connect to your KME account

✔ If you don’t have a KME account, you can create one here.
✔ Samsung devices will be assigned to your account by the reseller, you only need to give him your KME client number.

Memo: you can also use Knox Deployment application to report other devices via Bluetooth, NFC or WIFI.

Step 2: Create a MDM profile

✔ In MDM Profiles, click on Create Profile.

✔ Select Android Enterprise.

kme_profile

✔ Name the MDM profile and select TinyMDM in the list.

✔ Click on Continue.

✔ In Customer JSON Data (as defined by MDM), enter the text below. Replace XXXXXXXXXXXXXXXX by the TinyMDM policy’s ID that you want to apply on the devices (the ID is on Policy tab in your TinyMDM console). Be careful of the case-sensitiveness.

{"enrollmentId":"XXXXXXXXXXXXXXXX"}

✔ In Device settings, click on Disable system applications (by default). You will later be able to activate them one by one from your TinyMDM console.

✔ Fill in Company Name and click on Create.

Step 3: Link devices to their user using a CSV file

✔ In Devices tab, select the devices that you want to configure and click on Download devices as CSV to create the list of devices.

✔ Open and modify the file in a Microsoft Excel or Google Sheets format. In the first column, the devices IDs should appear (IMEI or serial numbers), with one line per device. In the second column, type in the user ID (email).

✔ Delete content of other columns. Make sure not to add any header. Do not leave any blank line.

✔ The CSV file should look like this:

✔ Save it as a CSV file (Files > Save as…), then in Save as type line, replace Excel document by .CSV file (Semicolon demilited).

Step 4: Apply the MDM profile to your Samsung devices

✔ To apply the TinyMDM configuration to your devices,  click on Bulk Actions (on the top line).

✔ Then, click on Bulk Configuration.

✔ Import your CSV file (all devices must pre-exist in the inventory).

✔ Select the desired MDM profile and add tags (not mandatory).

✔ Click on Submit.

Step 5: Devices are managed on first startup

✔ Devices are managed directly straight out of the box. On first startup, the devices check whether a specific configuration has been assigned to them, then download TinyMDM application and complete the configuration.

See the steps below:

ZTE 1

Choose the language

ZTE 2

Accept the terms of use

ZTE 3

Insert SIM card (if applicable)

ZTE 4

Connect to a network

ZTE 5

Device automatically detects it’s been assigned to TinyMDM

ZTE 6

Follow the installation wizard

ZTE 7

Accept TinyMDM terms of use

ZTE 11

Device is already all setup

Step 6: Devices and their user appear in your TinyMDM console.