What happens when an administrator selects an Android device on the Symantec Management Platform (SMP), right-clicks on it, chooses Device Security and Unenroll device?
Unenrolling will remove a device's enrollment from the management server and the device will no longer communicate with the management server.
Once Unenroll device is clicked, a dialog box will pop-up which asks the administrator whether they would like to request device information before unenrolling. This information request is optional.
Once the admin clicks OK, an action to "UnEnroll" (and "SendInfo", if the admin chose) is queued up. Please do not submit instructions to unenroll the device more than once: repeated action commands may cause the SMP to become out-of-sync with the SMS 7.2 Android client.
The Android device will become unenrolled a time later, as dictated by the interval specified for actions in the Communications tab of the policy that is applied. (Manually checking in from the Android device will cause an instant unenrollment, and Androids which are configured to use Google Cloud Messaging should also experience a speedy unenrollment.)
Once unenrolled, the device will revert to an unenrolled status and the Mobile Security client will not function until the device enrolls to a server with valid credentials once again.
In the Symantec Management Console, information about the device will still be present in the Manage Android devices screen, but the device will have the status of Unenrolled. Logs and other details about the device will be available for examination and the license applied to that device will still be counted. The unenrolled device will be listed as "Administrator disabled" in the Device Overview screen, as seen below.
It is possible for the end-user to unenroll themselves without uninstalling the Symantec Mobile Security app. If they manually remove Mobile Security from Device Administrators on their Android, the client will revert to an unenrolled state.