Skip to content

Set up Android Enterprise - Overview

When you set up Android Enterprise for your organization, you can choose between two different scenarios.


After you’ve set up Android Enterprise, you can check the active scenario under Setup > Google setup > Android Enterprise > Android Enterprise mode.

Managed Google Play Account scenario

This is the easiest method to set up Android Enterprise for your organization.

  • Sophos Mobile guides you through the process of setting up a managed Google Play account for your organization.
  • Sophos Mobile manages the whole user account lifecycle.
  • A user can only have ten devices enrolled at the same time. This is an Android limitation.


    To mitigate this limitation, you can enroll the devices without assigning a user. See User-less Android devices.

  • You can create several Google Play accounts for your organization, for example, if you have more than one Sophos Central account or want to manage some devices with a different Enterprise Mobility Management (EMM) provider than Sophos Mobile.

Managed Google Domain scenario

Use this method if you already have a Managed Google Domain or if you want to manage the accounts of your Android Enterprise users outside Sophos Mobile.

  • You register a Managed Google Domain with Google and prove domain ownership.
  • You bind Sophos Mobile as an EMM provider to your Managed Google Domain.
  • Sophos Mobile creates user accounts as needed. Other than that, Sophos Mobile does not manage the account lifecycle.
  • Users enroll their devices in Sophos Central Self Service Portal. You can't enroll them in Sophos Central Admin.

Restrictions of the Managed Google Domain scenario:

  • You can’t use QR Code enrollment.
  • If your organization has multiple domains added to their Google Workspace account, you can bind only one to Sophos Mobile. Users with an email address at one of the other domains can’t enroll devices with Sophos Mobile.