Hi all,

I'm using Samsung Knox Service Plug-in (KSP) to push policies to our fleet of 2 device types below:

Samsung Galaxy Tab A7 Lite (SM-T227U).
Samsung Galaxy Tab A9+ (SM-X218U).

I followed the steps outlined in these 3 articles to grant Special Access Permissions to SOTI MobiControl and the Files by Google app, but have not seen all policies succesfully apply to the Tab A7 Lite.

https://docs.samsungknox.com/admin/knox-platform-for-enterprise/knox-service-plugin/kbas/kba-1261-grant-special-permissions-for-an-app/

https://docs.samsungknox.com/admin/knox-platform-for-enterprise/knox-service-plugin/kbas/kba-1151-policies-not-applying-after-installation-on-device/

https://discussions.soti.net/articles/000002579

All policies are being applied to the Tab A9+, but only some policies are applied to the Tab A7 Lite. I pushed KSP via Managed Google Play, and have tried pushing the configuration policies in both the Managed App Config page and the Profiles section using OEMConfig for Samsung. I have entered valid Knox Platform for Enterprise (KPE) license keys, and yet I'm not sure why all policies don't take effect on the Tab A7 Lite. In debug mode, the Knox Service Plug-in app states all policies have applied successfully, or that the latest policies have already been applied, and yet this isn't true as the special access permissions aren't turned on for MobiControl, one of the policies I configured. I have sent logs, including Configuration Results, Received Policies, and dump state device logs to Samsung support, but no one has been helpful so far. Battery restriction shows as unrestricted when I followed the steps in Samsung's knowledge base. I also don't receive any errors of any kind in the KSP app while debug is on. It only says that all policies have successfully been applied, even though they have not upon checking after, so I'm not sure what to try next.

The policies I configured to be pushed are:

Device-wide policies (Selectively applicable to Fully Manage Device (DO) or Work Profile-on company owned devices (WP-C) mode as noted)  

Enable device policy controls             ON

Application management policies  

                                Enable application management controls                 ON

                                Battery optimization allowlist: com.samsung.android.knox.kpu

                                Package Name for Auto-Launch: com.samsung.android.knox.kpu

                Enable permission controls             ON

Permission Controls

1. Permission Policy: Notification Access

Package or Component Name: net.soti.mobicontrol.androidwork/net.soti.mobicontrol.notification.SotiStatusBarNotificationListenerService

1. Permission Policy: All files access, Appear on top, Change system settings, Alarms & Reminders, Usage data access, ALL
   Package or Component Name:net.soti.mobicontrol.androidwork/net.soti.mobicontrol.ui.MainActivity

1. Permission Policy: All files access
   Package or Component Name: com.google.android.apps.nbu.files

The policies not being applied are:

All Files Access

Notification Access

For the apps:

SOTI MobiControl

Files by Google

This only affects Samsung Galaxy Tab A7 Lite devices (SM-T277U). They are running Android 14, although some are running Android 13. The version of Knox Service Plug-in is 1.4.72 (24.06)

The Galaxy Tab A9+ (SM-X218U) hasn’t had any issues and all policies are applied successfully. The issue is only with Galaxy Tab A7 Lite devices.

Any assistance would be greatly appreciated.