Forum Discussion
Solved
Edit Intune QR Code to include wifi and Cellular Data
I have been following google docs on editing Intune QR code to include WIFI details to auto connect to wifi during enrollment based on the details i have updated the QR code and then using Notepad++ Plugin to generate QR Code with the edited details. When i scan to enroll it gives me error: Wrong QR Code. I have repalced token and checksun details for security purposes here .
{
"qrCodeContent": {
"android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME": "com.google.android.apps.work.clouddpc/.receivers.CloudDeviceAdminReceiver",
"android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM": "XXXXX",
"android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION": "https://play.google.com/managed/downloadManagingApp?identifier=setup",
"android.app.extra.PROVISIONING_WIFI_PASSWORD": "XXX",
"android.app.extra.PROVISIONING_WIFI_SECURITY_TYPE": "WPA",
"android.app.extra.PROVISIONING_WIFI_SSID": "FlatNetwork",
"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE": {
"com.google.android.apps.work.clouddpc.EXTRA_ENROLLMENT_TOKEN": "XXXXX"
}
},
"expirationDate": "2025-12-31T18:29:59.920206Z"
Thanks everyone I appreciate your help in figuring out the issue. after our discussion I started focusing on Notepad++ QR plugin. It appeared to be an issue with the plugin, after writing the .json , we have to select it and hit the QR plugin to generate the QR . While selecting the code it was removing the last letter which happened to be this '}' . I had to select few empty lines and then it picked the character and created the QR and wallah!!! it worked.
My overall solution to edit the intune QR CODE is as follows:
1. Export the json from intune or simply try google lens and scan to get the script.
2. Edit as per requirement like wifi and cellular data.
3 Use notepad++ plugin to generate the QR code as I mentioned above.
This way i don't have to expose the script to any online untrusted website.
So, you are not talking about an Intune QR but a Zero-Touch QR.
If i compare your Wifi settings etc. it looks fine but i have never seen a expiration data after the QR code and also different data arrangement (different from what i successfully generate with my own tool for differnt MDM).
Are you sure it shouldn't be something like this:{
"android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME": "com.google.android.apps.work.clouddpc/.receivers.CloudDeviceAdminReceiver",
"android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM": "XXXXX",
"android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION": "https://play.google.com/managed/downloadManagingApp?identifier=setup",
"android.app.extra.PROVISIONING_WIFI_PASSWORD": "XXX",
"android.app.extra.PROVISIONING_WIFI_SECURITY_TYPE": "WPA",
"android.app.extra.PROVISIONING_WIFI_SSID": "FlatNetwork",
"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE": {
"com.google.android.apps.work.clouddpc.EXTRA_ENROLLMENT_TOKEN": "XXXXX",
"expirationDate": "2025-12-31T18:29:59.920206Z"}
}In intune it allows to enroll the device as Kiosk device , setup only has one option which allows to set an expiration date of the token and this is what we see in the json. Below is the code that gets generated and it does work , but when i edit it to include wifi details it doesnt work.
{
"qrCodeContent": {
"android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME": "com.google.android.apps.work.clouddpc/.receivers.CloudDeviceAdminReceiver",
"android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM": "XXXX",
"android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION": "https://play.google.com/managed/downloadManagingApp?identifier=setup",
"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE": {
"com.google.android.apps.work.clouddpc.EXTRA_ENROLLMENT_TOKEN": "XXXX"
}
},
"expirationDate": "2025-12-31T18:29:59.920206Z"
}I used your code but that doesnt work either.
Your QR code is invalid due to the "qrCodeContent", and the expiration line. Here's a version which should work for you -
{ "android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME": "com.google.android.apps.work.clouddpc/.receivers.CloudDeviceAdminReceiver", "android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM": "XXXXX", "android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION": "https://play.google.com/managed/downloadManagingApp?identifier=setup", "android.app.extra.PROVISIONING_WIFI_PASSWORD": "XXX", "android.app.extra.PROVISIONING_WIFI_SECURITY_TYPE": "WPA", "android.app.extra.PROVISIONING_WIFI_SSID": "FlatNetwork", "android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE": { "com.google.android.apps.work.clouddpc.EXTRA_ENROLLMENT_TOKEN": "XXXXX" } }NB, I haven't tested it since it's full of dummy data 🙂
Moombas there's no such thing as a zero-touch QR. Same payload, different format. ZT only needs the DPC Extras and not the rest of the above 🙂
Thanks for the response Jason, i had earlier tried it without the qrcontent and expiration date but it gives the same error.
OK interesting. I pulled this from my environment, so if you edit it accordingly with your details it should work. NB the admin signature checksum isn't private, no need to edit it out 🙂
{ "android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME":"com.google.android.apps.work.clouddpc/.receivers.CloudDeviceAdminReceiver", "android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM":"I5YvS0O5hXY46mb01BlRjq4oJJGs2kuUcHvVkAPEXlg", "android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION":"https://play.google.com/managed/downloadManagingApp?identifier=setup", "android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE":{ "com.google.android.apps.work.clouddpc.EXTRA_ENROLLMENT_TOKEN":"XxxXXXxxXXxxXXx" }, "android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED":false, "android.app.extra.PROVISIONING_USE_MOBILE_DATA":false, "android.app.extra.PROVISIONING_WIFI_SSID":"MyWIFINetwork", "android.app.extra.PROVISIONING_WIFI_SECURITY_TYPE":"WPA", "android.app.extra.PROVISIONING_WIFI_PASSWORD":"password123" }still same , not sure if this is because of Notepad++ Plugin, is there any other tool that you recommend. We generally don't put these details on any website because of security concern.
{
"android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME": "com.google.android.apps.work.clouddpc/.receivers.CloudDeviceAdminReceiver",
"android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM": "I5YvS0O5hXY46mb01BlRjq4oJJGs2kuUcHvVkAPEXlg",
"android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION": "https://play.google.com/managed/downloadManagingApp?identifier=setup",
"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE": {
"com.google.android.apps.work.clouddpc.EXTRA_ENROLLMENT_TOKEN": "XXX"},
"android.app.extra.PROVISIONING_USE_MOBILE_DATA":true,
"android.app.extra.PROVISIONING_WIFI_SSID":"FlatNetwork",
"android.app.extra.PROVISIONING_WIFI_SECURITY_TYPE":"WPA",
"android.app.extra.PROVISIONING_WIFI_PASSWORD":"XXX"
}
You
In intune it allows to enroll the device as Kiosk device , setup only has one option which allows to set an expiration date of the token and this is what we see in the json. Below is the code that gets generated and it does work , but when i edit it to include wifi details it doesnt work.
{
"qrCodeContent": {
"android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME": "com.google.android.apps.work.clouddpc/.receivers.CloudDeviceAdminReceiver",
"android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM": "XXXX",
"android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION": "https://play.google.com/managed/downloadManagingApp?identifier=setup",
"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE": {
"com.google.android.apps.work.clouddpc.EXTRA_ENROLLMENT_TOKEN": "XXXX"
}
},
"expirationDate": "2025-12-31T18:29:59.920206Z"
}I used your code but that doesnt work either.
asif before i wrote my own ZT-QR-code generator for our company i used this to create those QR codes: https://barcode.tec-it.com/de/MobileQRCode?data=This%20is%20a%20QR%20Code%20by%20TEC-IT%20for%20mobile%20applications
But same as jasonbayton wrote: I have never seen that "qrCodeContent" and "expirationDate" but this could be because we don't use Intune currently. But i took a look into the past where we tested Intune (using Zero-Touch Portal but the data there is the same as you provide in the QR-Code) and even there i see those things.
Please test without those things again.Also look at this video: https://www.youtube.com/watch?v=4cejyznoN5Q
At 01:01:02 you could scan that QR with a reader (just to get the data) and even an epiration date is there, there's nothing like this in the QR data. Only Intune does need to know that this token expires at some time so a QR code using an expired token just won't work.qr code content and expiration date is specific to Intune , i am not including these values when i am generating the QR code. I believe this may because if Notepad++ Plugin thats not able to generate the right qr code.
Thanks everyone I appreciate your help in figuring out the issue. after our discussion I started focusing on Notepad++ QR plugin. It appeared to be an issue with the plugin, after writing the .json , we have to select it and hit the QR plugin to generate the QR . While selecting the code it was removing the last letter which happened to be this '}' . I had to select few empty lines and then it picked the character and created the QR and wallah!!! it worked.
My overall solution to edit the intune QR CODE is as follows:
1. Export the json from intune or simply try google lens and scan to get the script.
2. Edit as per requirement like wifi and cellular data.
3 Use notepad++ plugin to generate the QR code as I mentioned above.
This way i don't have to expose the script to any online untrusted website.
