SOTI Pulse Logo

Samsung MAC Randomisation

JH
Jonny Hill
Paragon Fleet Solutions Ltd

Hi Community! I have a support case raised with SOTI on this, but thought I would reach out to the community to see if anyone else has experienced this issue so far.

We have a wifi payload assigned to our devices via a profile that applies a number of wifi profiles to the devices for the various SSIDs that we have broadcasting around our sites. We also have a DHCP MAC filter applied at our sites.

More recent versions of Android have MAC Randomisation functionality and in recent versions (Android 11 etc), it is enabled by default. MAC Randomisation is not suitable in our environment, due to the DHCP MAC Filter. We therefore turn this off for our Corporate SSIDs (not via MobiControl) to allow the devices to seamlessly connect to wifi via the DHCP MAC Filter.

The issue we are now facing, is that Android 11 devices on the latest security patches (Details below) have Random MAC turned back on every time the device is rebooted. Random MAC is only turned back on for wifi profiles that we enforce via MobiControl payload. Any SSIDs (Known networks) on the device that are manually entered (not via MobiControl), do not have Random MAC turned on after reboot.

This appears to be a bug perhaps, but not sure how to try and remediate against this. Currently, we are having to tell users of these affected devices, not to reboot them.

Make: Samsung

Model: Various

MobiControl version: 15.0.2.1049

Agent version: Samsung ELM 14.5.5.1023/14.4.3.1074

Android OS: Android 11

Knox version: 3.7.1

Knox API level: 34

Android Security Patch June 2021

Devices on previous OS versions and older versions of Knox are not affected.

android-plus samsung
4 years ago
Android
ANSWERS
J
JCMOD@SOTI
4 years ago (edited 4 years ago)

Hi Jonny,

Thank you for posting in SOTI Central.

We're currently investigating this internally in order to explore the possibility of toggling this function on and off. The internal reference is MC-106753.

What I also suggest you do is raise a Feature Request and ask for it to be linked to that internal reference, you can raise an FR via support@soti.net and then make sure to cover these questions in your initial email:

1. What is the business problem – use real-life scenario(s) to describe the problem/pain points.
2. Number of users impacted by this problem and how often.
3. What is being done to work around this problem.
4. What is the proposed solution?

Once that's done, then it's a matter of our internal teams concluding the investigation and the technical discussions with OEM's in order to introduce the feature. And if more Feature Requests are raised, it will help us internally with the alignment of our available resources.

Note - We also have updated our Log a Case functionality recently, I suggest raising Support Cases with that in mind.

Regards,

Similar Discussions