Forum Discussion
Android COPE Devices randomly wiping
Hello,
Recently our COPE profile in ZT is not functioning.
The device will go through the enrollment, it gets registered correctly in our tenant (Entra/Intune) and we can get to the home screen just fine.
However, after some time the device will receive the following notification:
“Your organization has set up this device to be managed by your organization. If this is an error, contact your device’s provider. All data on the device will be deleted. Your device will automatically reset in 2 hour.”
The config in ZT and the one in Intune match (token is correct and the DPC extras are fine). This profile was working up until 2 weeks ago.
We’re stumped. We recreated a different COPE profiles with the required DPC extras as per Microsoft’s documentation, tried removing compliance policies and device configurations to make it a plain profile. No luck, still receives the reset notification.
Phones tested: Samsung A15, Samsung A16 all running the latest Android 16OS with the latest security patch. Any help would be appreciated, thank you!
10 Replies
During enrollment ensure you use ideally a Wifi which is not limited (no FW,...) and not using a proxy to ensure the device and the portal get the relevant information that the device was enrolled using ZTP. For testing, enroll only via mobile data for example. (Maybe you did this test already?)
If for some reason this doesn't happen, the device might not detect correctly it was going through ZTP (but for example DPC identifier or so) and then the mentioned error message is displayed and device wiped 2 hours later for security reasons (default).
Have tried mobile hotspot, wifi, mobile data.
All leads to the same outcome of wiping after enrollment.
Definitely not linked. I know that doing so forces a default configuration so I did not create the association.
My profile is created in Intune and then the token is used in ZT as per Microsoft’s recommendation.
EMM DPC is also set to Intune.
HiEmilie_B ,
I contacted Microsoft to help with this.
I am currently testing some recommendations that they have asked me to make.
Mainly changing the EMM DPC from Microsoft Intune to Android Device Policy.
I have had mixed results where some devices are working and some are not.
I am hoping someone can come back to me confirming this is either a Microsoft Intune issue (not playing nice with android os 16) or Google Zero Touch not playing nice with Intune.
I remember, a couple of months ago, i lend a Pixel to a colleague. He had the same incident because, i dont know why, he was flashing Qr Code for enrollment... precision, the QR Code made the same configuration as ZTE but the device was wiping each time.
It is the only time, i saw that
But it makes sense, if you use the QR for configuration, the device doesn't contact the ZTP as it has already gotten some configuration.
But if it contacts the ZTP afterwards, it detects it was not going through it (afaik even the configuration might be the same, it doesn't compare those) and comes up with the wipe as the configuration from QR may differ from the one in ZTP.
If you use ZTE, you don't need to use a QR. Always use QR OR ZTE, never "both".
