- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-25-2023 03:00 AM
A bit of background on this, we're currently moving to use COPE Enrolment for all of our devices after using BYOD Enrolment for devices purchased by our org.
Utilising BYOD we had issues with users signing into their gmail accounts and leaving the business and we were locked out of the device by Factory Reset Protection (We've used Knox Mobile Enrolment to solve this). This all made sense as it was a BYOD device and for consumers etc it makes a lot of sense.
The problem we've encountered is even with COPE enroled devices, if a user doesn't remove their gmail account from the personal profile before resetting the device when the device is used again you're unable to use a Captive Portal network for setup again and this error message is received - "Unable to sign in to Wi-Fi AP. An unauthorised factory reset has been performed on this device. the sign-in screen cannot be accessed."
Even after enrolling the device using a WPA2/3 Network and signing in with the google account in question and manually removing it then resetting the device we still have this issue, it's as if the FRP flag gets set and isn't being removed for some reason.
It seems odd any network and even cellular allows you to continue but a captive portal connection doesn't.
Has anyone else encountered this issue?
Thanks.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-10-2024 05:54 AM
In case anyone else sees this, this has been resolved with Android 14.
Knox Mobile Enrollment 23.12 release notes | Samsung Knox Documentation
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-25-2023 03:04 AM
Have you considered using a combination of Zero Touch + disabling factory reset on these devices?
Zero Touch will force enrolment into your EMM, and disabling factory reset will only let user reset using the device recovery mode.
It should be easier than having to manage FRP.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-25-2023 03:26 AM
Hi Jeremy,
We're utilising Knox Mobile Enrolment today as we have Samsung devices, to clarify also our EMM is Intune, we wouldn't disable factory reset as we need a method for users to reset devices on their own if required. I also thought Device recovery mode doesn't let you bypass FRP?
Also would we not have the same issue with Zero touch? This issue happens before we even have a network connection.
Thanks for your help.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-25-2023 05:17 AM
Zero Touch will prevent device use if the device is not enrolled with an EMM.
For example, if you setup your device offline, as soon as the device connects to internet, it will force the user to wipe the device and start again.
Regarding Device recovery mode and FRP, it won't let you bypass FRP you're correct.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-26-2023 03:45 AM
That's not the problem we have unfortunately.
Thanks for your help.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-25-2023 09:14 AM
KME & ZT offer the same thing, but KME with Samsung devices allows you to clear the FRP bit on KME-enrolled devices. Can you validate your KME configurations have this set?
If it's set, can you try to get to the point of connecting, and captive portal complaining, then rebooting and seeing if the behaviour changes?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-26-2023 03:45 AM
Hi Jason,
There's not options in KME for this the device only needs to have a profile assigned which this one does but because this happens before the device can communicate with KME I'd still see this issue - Lock and unlock devices | Samsung Knox Documentation
Reboot and a factory reset doesn't change the behaviour, it seems to be FRP complaining and not specific to the captive portal itself, I've created a captive portal SSID at home and had the same issue.
Thanks for your help.
@Lizzie any thoughts on this?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-06-2023 10:12 AM
Problem
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-26-2023 03:52 AM
You should probably escalate through Intune & KME, that will be the proper channel to get support with your issue and escalate through Samsung, Intune and Google.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-06-2023 10:12 AM
Can't make calls
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-10-2024 05:54 AM
In case anyone else sees this, this has been resolved with Android 14.
Knox Mobile Enrollment 23.12 release notes | Samsung Knox Documentation
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-14-2024 11:14 AM
This is invasion of privacy!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-23-2024 08:41 AM
How to solve this problem if my another Samsung is like that problem how to remove this and how to sign in on my device?
