Unable to very Google account after reset due to Android for Work registration
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-30-2023 08:00 AM
1. Device initially set up using afw#setup to register on Intune without Google account
2. Device secured with passcode and given to user
3. User has left, without wiping the device and passcode unknown
4. Wiped the device via recovery mode
5. Setting device up again for new user, now being asked to Very your account
We do not know the @android-for-work.gserviceaccount.com account so we cannot get back into the device, essentially bricking it. How do we go about verifying the account?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-30-2023 08:13 AM
Those accounts don't have a password you'd be able to input even if you did know it.
Do you permit adding accounts via policy? If so is it possible instead the user has added their own Google account and this is what FRP is locked against? Assuming maybe, you could make contact with the user to assist in the unlock provided the departure is amicable.
If not you're going to have to reach out to the OEM for service to have the FRP bit wiped, or if you use Samsung, KME can disable it too. There are means of doing this yourself with Samsung (ODIN) or MTK-powered (flashtools) devices, but that's unofficial.
Consider in future -
- Wiping from intune rather than hard reset
- Leveraging the FRP emails option in-policy to whitelist a particular Google account should wiping from intune not be possible. It's not a great API all things considered, but it'll work in a pinch.
- Unlinking Zero-Touch from MDM provider in Admin discussions
- Why Zero Touch enrollment not start automatically? in Admin discussions
- Google assistant with work account in Admin discussions
- Managed Google Play Android enrollment by intune.microsoft.com in Admin discussions
- Microsoft Intune bind - Something went wrong - Your account wasn't created in Admin discussions