SOTI Pulse Logo

Shared Device mode - Device PIN problem

N
Nick
O

Hi all,

We are in a bit of a pickle regarding Shared Device mode using EntraID

Currently we have this setup:

User Logs into device using their EntraID and password
Set Session PIN is prompted
Once connection to Entra is made, device moves to Post-Lockdown screen folder.

I have configured the Post-Lockdown screen so users cannot shut down the device without signing out first. This ensures the user signs out, the PIN is cleared, and the device is ready for the next user tomorrow.

Here is the problem

There have been instances where devices have powered off due to battery depletion or similar issues. As a result, the device shut down while the previous user was still logged in.

When the device is then charged and turned on, some users have forgotten the PIN they used, or its another user whos grabed the device and they do not know the PIN.

Because the Device PIN initiates BEFORE the SOTI MDM, it shows the device as Offline and I am unable to clear the passcode

This is a big issue and is basically bricking devices

Has anyone found a way around this?

shared device
yesterday
Android
ANSWERS
RS
Rafael Schäfer
yesterday (edited yesterday)

Only wiping the device is possible then (i hope you haven't set up FRP or set it up with an known acocunt to disable it).

That's one of the reasons why i would like to have direct_boot_support for MDM agents but as we raised an FRP to Mobicontrol, we got told that the agent is not build to fit this, sadly.

 

And if there would be a way around your experienced behavior, it would be a big security breach.

How about, making a force lockout when device reaches for example 10% battery?
Not sure if you can trigger that by script.

Similar Discussions