Hi Jason, 

Thanks a lot for a quick reply. 

The situation:

We did not have zero touch before. We just used Intune and the profiles to enroll devices manually. We have now decided to move to zero touch portal and we have created a new business id which ends with our domain. This new business id is different from the gmail account which is now connected to Intune Managed google play store. As you know you just can't replace the id. From what I have read, you finrst need to disconnect, then delete the organization, un-enroll and then unbind. Unfortunately we can't login in to the current gmail account which is connected with the managed google play store. Nobody knows the password. 

As explained previously, we have over 100+ Android devices in our organization. Is there any, I mean any possibility to do this change without needing to un-enroll and ten re-enroll all these devices?

Note: We have a reseller and they have already added their id to zero touch portal. So when we now log in to zero touch portal, we can see the reseller there. But we can't order devices from them, as we have not /are unable to connect the new zero touch portal id to the managed google play store account.

I hope I have explained the situation in detail. 

Thank you again for your prompt response.

Regards

IT Group.

Hi there

Ok, per my above - 

You can add the new Google account to your enterprise bind for management by logging in to Play admin settings with the original account and adding the new one there. (Link is in my above comment).

You'll need to perform account recovery on the original account to gain access to add a secondary account. No way around that normally. 

Just to highlight also, bind management isn't supported by Google Workspace accounts at the moment, so if you created a new account with "an existing email address" that's fine, if you used a new GW account that won't work.

To your other comments, there is absolutely nothing stopping you from purchasing devices right now. Once you have a customer account for ZT and have created configs that point to your MDM you're set. 

You don't even need to link ZT to your EMM through iframe integration, but if you needed to do that you can do with any Google account.

Thank you Jason.

I will try your suggestion and repot back. 

My other doubt, from what I know of, the zero touch enrolled devices get the apps through the Intune managed app store. So the Intune managed app store should be connected with same account that Zero touch portal is connected to. Am I right?

Thanks again. 

Have a great day ahead. 

Hi there,

No, they're two wholly different systems. Zero-touch does no device management, rather it directs devices in to an EMM solution for enrolment. 

ZT effectively ends when the DPC is downloaded and picks up the enrolment token passed to it via ZT config. Devices are then enrolled into the enterprise created with the Google account used to bind to the EMM and the EMM takes care of everything.

Google accounts associated with ZT are literally there for management of the ZT console only, they don't go near the devices themselves. 

Hi Jason,

Thank you for the reply.

Forgive me for clarifying again. You mentioned that ZT has no relation with DPC. But if the DPC account is different from the ZT account, will that cause any issues? If so, how will the devices get the apps from managed play store?

Also, could we keep this request opened or on hold until the issue is resolved? It shouldn't take much time.

No relation. The EMM handles app deployment once enrolled. All apps, policies, and devices are associated with the enterprise ID created when doing the bind with the EMM. 

ZT just sends the devices to that EMM.