Android device management - Unable to enroll: DEVICE_MODE_QUARANTINED
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-09-2024 04:06 PM
Hello everyone,
New to Google device management and hoping someone is able to help me out. I had tried to enroll various Android devices in COPE, Work Managed and Work Profile (BYOD) modes but each of them are failing at the "Registering profile" screen. It look like the Work Profile has been created, but does not appear to be functional and devices are not appearing in the Google admin console.
Pertinent (I think) are of the logcat logs are showing:
10-09 18:06:39.752 22672 28291 I clouddpc: [PolicyLogHelper.java:logPolicies:103] Device mode: quarantined
10-09 18:06:39.752 22672 28291 I clouddpc: [PolicyLogHelper.java:logPolicies:105] Got policy. Size: 0
10-09 18:06:39.752 22672 28291 I clouddpc: [OverrideLayer.java:loadFromFile:98] No override for compliance_rules
10-09 18:06:39.752 22672 28291 I clouddpc: [EventLogManagerImpl.kt:logMessage:1641] Event logged: PolicyPulled details: [id=default, version=0, mode=DEVICE_MODE_QUARANTINED] metadata: [isNetworkConnected=true]
10-09 18:06:39.753 22672 28291 I clouddpc: [EventLogManagerImpl.kt:logMessage:1641] Event logged: PolicyPulled details: [currentPolicy=PolicyIdentifiers(policyName=default, policyVersion=0), flowId=f02e170ef5ae087b3d825321c3dbee57bb0cd4aa3b1bba061dd934da8cb7937b] metadata: [isNetworkConnected=true]
10-09 18:06:39.754 22672 28291 I clouddpc: [RestoreUtilImpl.kt:getRestoreIntent:66] Getting restore intent
10-09 18:06:39.756 22672 28291 E clouddpc: [PolicyUpdaterImpl.java:retryPullApplyAndExecuteCompliance:478] Policy update mitigation failed, 1 tries done, 0 tries left
10-09 18:06:39.756 22672 28291 E clouddpc: dbc: Device mode: DEVICE_MODE_QUARANTINED
Looks like my devices are being quarantined? Not sure what this means... Is there some kind of allow-list that I need to populate?
Appreciate any help you can offer!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-10-2024 10:53 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-11-2024 06:55 AM
Not sure about any policies that are being assigned - where would I confiture these? I tweaked the settings under Devices > Mobile & Endpoint > Settings > Android so they should have some kind of policy applied to them, not sure if this is what you mean though.
I'm wondering if it's a licensing issue - looks like Advanced Endpoint Management requires Business Plus. Our license is Google Workspace for Nonprofits.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-16-2024 12:13 AM
That may be something to discuss with Google Workspace support. Advanced management is indeed a requirement, but I don't believe it'll enrol if this isn't licensed in the first place. All I see from the logs is it not being able to fetch a policy and if you have management set up this shouldn't be the case.
- Managed Google Play Android enrollment by intune.microsoft.com in Admin discussions
- Difficulty getting Verizon (our reseller) to enroll us in Android Zero-Touch Portal in Admin discussions
- Why CellularTwoGState not working ? in Admin discussions
- Android device management - Unable to enroll: DEVICE_MODE_QUARANTINED in Admin discussions
- Smart watch notifications for work profile are being blocked by Android Management Policy in Admin discussions