top of page

Android (AOSP) with Intune

AOSP stands for Android Open Source Project. A common base operating system (OS) provides core functionality. AOSP, or the Android Open Source Project, is the foundation for all of the Android OS variants you know and love. The AOSP receives regular bug fixes, which get packaged and delivered to Android smartphones in the form of monthly security patches. Google also unveils major new features each year at its I/O developer




Microsoft Endpoint Manager now supports Android Open Source Project (AOSP) devices in a public preview. Organizations need an easy way to enable workers to safely use collaboration and productivity apps, such as Teams, while protecting company data shared when performing critical workflows, as a growing number of these purpose-built mobile devices are used by workers in the enterprise on the front lines.

Endpoint Manager will support RealWear for corporate AOSP management for the first time. RealWear devices can be added to Microsoft's digital estate at scale with the Teams integration announced last year, and Endpoint Manager allows customers to manage and protect the endpoint experience for frontline workers in the same way they manage endpoints for information workers.


Now we have:

Google Mobile Services (GMS)

Android Open Source Project (AOSP)


Google Mobile Services (GMS)

A Google GMS device is a certified device, which means Google owns this. A device must be approved by them to run GMS and access their "Mobile Services". GMS cannot be accessed by Huawei devices. Intune requires access to GMS to connect to Android Enterprise


Android Open Source Project (AOSP)

GMS is certified by Google in any way; AOSP is not, but open source that can be used by anyone. Android is an open source operating system for mobile devices and a corresponding open source project led by Google.

If our users need to access our data from AOSP devices in the future, GMS will not be a barrier. Therefore, Microsoft wants to support all devices

AOSP devices won't have access to Google techs like Chrome, YouTube, and Google play store since that falls under the GMS license.

When Huawei lost access to US technologies, it could no longer license GMS but could keep using AOSP. As such, Huawei began replacing GMS features with its in-house Huawei Mobile Service (HMS). However, this means that apps that rely on GMS have to be rebuilt using HMS to work correctly. Hence why you can’t be guaranteed to find your favorite Android apps on the latest Huawei devices.


Android Open Source Project (AOSP) and Endpoint Manager Intune

With the new AOSP management option for corporate devices, the device can either be provisioned as a device assigned to a single user (or a user-associated) device or as a shared device. This is important because it gives organizations the flexibility about how they deploy the device. For example, for RealWear devices, these devices can now be deployed to allow a fleet of frontline workers who may work at a common location to share devices. This may reduce the total cost of endpoint ownership. Alternatively, RealWear devices can be provisioned for single use should the frontline workers be widely dispersed, enabling each worker to effectively complete their specific tasks when required and providing organizations the choice on how to securely manage the device.


AOSP devices are corporate-owned devices built on the Android Open Source Project (AOSP) platform that aren’t integrated with Google Mobile Services (GMS). AOSP offers two management modes, one for user-associated devices and one for devices enrolled without any user association. Intune enrollment for AOSP devices is in public preview. For more information, see:





How to manage AOSP

When we go to configuration profiles, we will see the following, and the exciting Profile type is Device Restrictions.



When you create or modify APP in the Microsoft Endpoint Manager admin center, you will see new options available in the Device types drop-down menu:

  • Android Enterprise dedicated devices with Azure AD Shared mode

  • AOSP user-less devices

  • AOSP user-associated devices





393 views
bottom of page