Unlinking Zero Touch Account from deleted Enterprise
Hi, we are currently trialing automatic device enrollment using a Zero Touch Account and baramundi Management Suite as our EMM solution. It all worked well, until I deleted the Android Enterprise account before unlinking it from our Zero Touch account. When I now try to create a new enterprise and link it to our Zero Touch account, it says that it's already linked and I can't proceed to the actual Zero Touch console within the iFrame in the EMM. Sadly I can't change the display language for the iframe. It says "Choose accounts to be linked" and the light grey part next to the checkbox says "already linked". I'm only presented the option to go back and choose another Google account. There doesn't appear to be an option on the web portal version of Zero Touch (https://enterprise.google.com/android/zero-touch/customers/) to unlink the enterprise either. When I try to delete the enterprise it warns me to unlink the Zero Touch account before proceeding and tells me that all enterprise related data will be deleted after 30 days. So my question is: Is there another way to unlink the enterprise from the Zero Touch Account or do I simply wait for 30 days and then the link is deleted automatically? Peter
Zero Touch Portal - Error Message
Hi Team, I have created a new configuration item and linked it to Microsoft Intune token. Then I have decided to remove the Intune token configuration before removing the configuration file from Zero touch (which I dont think it should matter). Then I went to remove the configuration item from Zero touch and was getting a strange error message, see below. Now I'm left with a configuration item in Zero touch that I can't remove. Can someone please help or reach out, that would be great. Also, let me know if there is anything else you require from my end.
Application report not getting collected on Xiaomi mix fold devices
We have couple of users who have the Xiaomi Fold device and in the application report section of status report notifications we are only getting the android device policy app. None of the other applications are getting returned. Is this a known issue? How can we debug the issue? I was not able to see anything obvious in the device logs. We are getting the full application report for the other devices.
Is there an alternative way to perform the same function as UpdateApplication on Android 15?
Hi everyone, We are currently managing Samsung enterprise devices via Knox Manage under Android Enterprise DA mode (Device Admin) . Our in-house application previously used the UpdateApplication API to update itself silently without user interaction. This worked well under Android 14. However, after updating to Android 15, this API no longer functions. Based on the Samsung Knox SDK documentation, it appears that UpdateApplication is now restricted to Device Owner (DO) and Profile Owner (PO) apps. We have tried to assign all delegated scopes to our app via Knox Manage policy settings (Android Enterprise → App Restrictions → Delegated Scopes for Apps). Unfortunately, the API call still fails. ✅ What we’re looking for: - Is there any alternative methods that allows silent or managed updates of enterprise apps on Android 15, without being a DO/PO app? - Or is DO/PO elevation now the only viable path? - If so, is there an official onboarding flow or protocol to request DO/PO designation for an app via Knox Manage? Any guidance, references, or examples would be greatly appreciated. Thank you! — Environment: - Android 15 - Knox Manage (latest) - Samsung A9+ tablets - Device Admin mode
Impact of Intune's NFC restriction setting on IC card reading and Nearby Share
Hello, I'm managing Android Enterprise devices via Intune and would like to confirm the behavior of a specific device restriction setting related to NFC. ■ Device: AQUOS wish4 (Android), enrolled as a fully managed device ■ Policy applied: Device configuration profile with "Beam data using NFC (work-profile level)" set to Block ■ Policy configuration path in Intune Admin Center: Microsoft Intune Admin Center > Devices > Manage devices > Configuration Platform: Android Enterprise Profile type: Template > Device restrictions Configuration settings > General - Beam data using NFC (work-profile level): Block ○ Background and expectation: My understanding is that this setting is intended to block NFC-based data transfer (i.e., Android Beam) within the work profile. However, I initially assumed it might also block general NFC usage, such as reading contactless transit cards or using mobile wallet services. ○ Test scenario and results: After applying the policy to a fully managed AQUOS wish4 device, I observed the following: The NFC toggle remains available and functional under: Settings > Connection settings > More connection settings > NFC I installed an app that reads contactless transit cards used for public transportation (e.g., Suica or PASMO in Japan) and confirmed that it successfully retrieved the card balance via NFC ○ Interpretation: Based on this behavior, I suspect that the policy only affects the deprecated Android Beam feature, which used NFC for peer-to-peer file sharing. It does not block general NFC functionality such as card reading or mobile payments, nor does it impact newer sharing technologies like Nearby Share or Quick Share, which rely on Bluetooth and Wi-Fi Direct. ■ Questions: Is my understanding correct that "Beam data using NFC (work-profile level)" only restricts Android Beam functionality and does not affect general NFC usage? Is there a way to restrict Nearby Share / Quick Share on fully managed Android devices via Intune, or would that require a different configuration or approach? Any insights, documentation references, or shared experiences would be greatly appreciated. Thank you!
Request for Access to Android Enterprise Partner Portal Zero-touch Reseller Login
We are from Alphatech India and recently received a notification that our application to join the Carrier & Device Reseller Partner Program was declined. However, we would like to highlight that we are actively involved in large-scale deployments of Android-based mobile devices for enterprise customers across India. Access to the Android Enterprise Partner Portal, specifically the Zero-touch enrollment feature, is critical for us to streamline device provisioning and deliver a seamless experience to our clients. We request the community's guidance on how we can meet the eligibility requirements or explore any alternative process to gain access to the Zero-touch Reseller Portal. We are fully committed to meeting the necessary standards and are ready to provide any required documentation. Your support and direction on this matter would be greatly appreciated.
Barcode setup without ENROLLMENT_TOKEN
Hi We are preparing to enroll over 600 Zebra and Honeywell barcode scanners into Microsoft Intune. These devices are distributed across more than 250 locations and span over 35 distinct configuration profiles. To ensure a smooth rollout, especially for our non-technical users, we aim to automate the enrollment process as much as possible—minimizing manual input and reducing the risk of user errors, including Wi-Fi setup. Our intended workflow is for users to simply scan a QR code at the initial "Hi there" screen. This QR code should contain the necessary Wi-Fi configuration and trigger device provisioning via the Google Zero-Touch portal, bypassing the setup wizard entirely. However, when we generate a QR code using the following JSON configuration, the Wi-Fi settings are not being applied as expected. After the QR code is scanned, the device proceeds to the Wi-Fi setup screen, where users are required to manually enter the network configuration. According to Google’s documentation, the EXTRA_ENROLLMENT_TOKEN is optional. Is it possible to fully automate this step without including the token, or is it required in practice for the Wi-Fi configuration to be applied correctly? Any help would be much appreciated—thank you! { "android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME": "com.google.android.apps.work.clouddpc/.receivers.CloudDeviceAdminReceiver", "android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM": "I5YvS0O5hXY46mb01BlRjq4oJJGs2kuUcHvVkAPEXlg", "android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION": "https://play.google.com/managed/downloadManagingApp?identifier=setup", "android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE": { "android.app.extra.EXTRA_PROVISIONING_WIFI_SSID": "**SSID**", "android.app.extra.EXTRA_PROVISIONING_WIFI_PASSWORD": "**PASSWORD**", "android.app.extra.PROVISIONING_WIFI_SECURITY_TYPE": "WPA", "com.google.android.apps.work.clouddpc.extra.EXTRA_PROVISIONING_SKIP_USER_CONSENT": true, "com.google.android.apps.work.clouddpc.extra.EXTRA_PROVISIONING_SKIP_USER_SETUP": true, "com.google.android.apps.work.clouddpc.extra.EXTRA_PROVISIONING_SKIP_ACCOUNT_SETUP": true, "com.google.android.apps.work.clouddpc.extra.PROVISIONING_SKIP_EDUCATION_SCREENS": true } }
