Hi Melvin,

Thank you for posting in SOTI Central.

I've compiled a few resources that should be helpful to you, ultimately if the service account cannot be used. You might be able to add an additional Admin to the Enterprise Binding as directed by the last URL. The other links will be useful to further understand how this function works on the Google side.

https://support.google.com/googleplay/work/answer/7040932#zippy=%2Cadd-an-admin
https://support.google.com/googleplay/work/answer/6138458
https://support.google.com/googleplay/work/answer/7042126
https://play.google.com/work/adminsettings (Adding Admin)

Regards,

Thanks for the response!

The thing is, we already have the Managed Play store and do have the organization ID but whenever I try to add the managed enterprise to Soti it states that it's not supported voor G Suite accounts (G Suite is not currently supported by managed Google Play Accounts, please choose a non-G Suite account to continue.). 

The account I'm using is able to logon to the managed play store and see the admin settings (not able to add/remove admins though). Therefore I thought I needed to use an service account but those don't have a password but P12 authentication key which can't be set through the MDM?

Am I missing anything? Or am I trying to do something that's not possible. 

Think I got the answer, you either use the Google Domain bind for your devices and make sure users login or you use the managed enterprise for device accounts.

Bit annoying that the domain bind cannot handle the device accounts for you. Follow up question would be how to handle private apps as this means there will be two seperate organisations for managing your devices (Google Domain for corporate owned personally enabled devices and Managed Enterprise for company owned single use devices).

I think your problem stems from switching from Google G-sutie to a third-party MDM solution.  If you can have all COPE/COSU devices previously enrolled in G-suite to be factory reset and the re-enrolled to the same Soti MobiControl, then they all can be managed without any issue.  This is the same if you switch from one 3rd party MDM solution to another 3rd-party solution.  Same for Apple devices too.

First of all thanks for the response. Maybe I should've been more clear on the actual issue. Therefore an elaborated version of what we're up against. 

Our organisation uses Google Workspace (formerly G Suite) but we don't manage our company owned devices there we used to use Workspace One (formerly Airwatch) for the company owned devices. We do use basic management from Google Workspace to set some security requirements for personally owned devices. For all company owned devices (COSU) we use Workspace One. 

With the move towards Soti we want to introduce COPE into the organisation, Soti will be managing company owned devices (COSU/COPE) after the migration from Workspace One. Currently I've activated the Google Domain binding within Soti so COPE should be fine after a colleague logs in, the Google Domain binding doesn't handle the managed play store device accounts though so we'd need to create an additional organisation to create the devices accounts for the COSU devices right? 

Next to this we're deploying applications to the private play store of the organisation that's running Google Workspace so those applications won't automatically be available in the to be created organisation to leverage COSU. Would that mean that we'd need to deploy the private apps to both organisations?

It feels counter intuitive to create an additional organisation to setup device accounts for the managed play store.