An issue has been detected in Samsung devices upgraded from Android 9 to 10, which resulted in the loss of Knox Platform for Enterprise (KPE) functionalities in Android Go and One UI Core devices. Knox Platform for Enterprise (KPE) enables you to manage Knox container and Knox APIs on Samsung devices and provides advanced security features such as customizing factory reset settings, enforcing passcode policy, web content filtering, etc. In One UI Core and Android Go devices, running Android 9.0 and above, Samsung deprecated the Knox Platform for Enterprise features and replaced it with Android Enterprise, since these devices by design do not support "
Secured by Knox
" designation, due to lack of hardware support.
Due to a defect in Android 9, some of the deprecated KPE features that were supported in earlier versions of Android One UI Core and Android Go devices were not discontinued, which allowed users to continue associating the security restrictions on these devices from MDM. In Android 10 release, the issue was fixed by Samsung, causing the KPE functionalities to be deprecated on Android - One UI Core and Android Go devices starting from Android 10. Hence, when Android - One UI Core or Android Go devices are upgraded from OS 9 to OS 10, MDM could no longer configure the KME features and the KPE security restrictions applied to the devices, affecting the management of these devices.
According to Samsung, the only devices impacted by this issue are devices that do not support Knox, including One UI Core and Android Go devices.
If the devices have already been updated from Android 9 to Android 10, follow the steps given below to regain device control
Once device control is regained and the Knox policies are removed, re-enroll the device as Device Owner. With the newly updated ME MDM application, device policies will be enforced using Android APIs instead of Knox APIs.
If the devices are not updated from Android 9 to Android 10 and are currently enrolled with MDM server, follow the steps provided below
For more details, refer this
document.