There are two options of integrating Headwind MDM into the AOSP (including GrapheneOS):
1. Using the Provisioning app (which should be signed with platform keys) as described here: https://h-mdm.com/hmdm-aosp/ Please note: this method DOES NOT require Headwind MDM mobile agent to be signed with platform keys. This method works for all versions including a free Community version.
2. Signing Headwind MDM with platform keys. This only works with a special build (which uses shared user ID "android.uid.system" and includes the code for adjusting system config files to become the Device Owner). This special build is available in the Premium and Enterprise license packages only, please contact the support to get it (free trial available!).
In the second method, Headwind MDM adjusts system files to become the device owner, and these changes only become available after the reboot. Therefore, the provisioning process wouldn't be smooth enough. Here are the provisioning steps:
- Run Headwind MDM manually until it requests the first interactive permission;
- Reboot the device
- Run Headwind MDM manually once again. It should already have the device owner permissions so it completes the provisioning.
If errors persist, check the logcat for details.
In general, we recommend using the first method to integrate Headwind MDM in the AOSP. Use the second method (signing with platform keys) only if the first method is not available (for example, the ROM source code is not available).