- Knox Configure (KC)
- Knox Mobile Enrollment (KME)
- Knox Manage (KM)
- Knox Enterprise Firmware-over-the-Air (Knox E-FOTA)
Some users are experiencing an issue when enrolling a device into a KCS solution. The KCS solution will launch, check for an assigned profile, then close with no error message and proceed to the Android setup wizard. When a dumpstate log is captured from the affected device, the following error is shown:
The Samsung Knox warranty bit has been tripped. Available on all Samsung Knox-compatible devices, the Knox warranty bit is a security feature that detects if unofficial software has been installed on your phone. This prevents malicious attempts to access your data.
The Knox Warranty Bit, a one-time programmable bit e-fuse, detects if a non-Knox kernel is loaded on the device. The warranty bit has a value of “0” but changes to “1” if an older or unofficial Android build is installed on the device, indicating that the security of the Knox container has been compromised. If the Knox Warranty Bit has been tripped, the device is prevented from using Knox services.
A tripped Knox Warranty Bit cannot be reverted, and Knox services will not work on the device. To restore functionality for KCS solutions, a hardware replacement of the device’s Printed Board Assembly (PBA) is required.
If you see an error in the format below during the enrollment process, it typically indicates that the warranty bit has been blown.
“[ENROLLMENT ERROR] because a custom OS is or has been installed on this device.”
To check if your device’s Knox Warranty Bit has been tripped, see the Knox Platform for Enterprise technical FAQs.
- To learn more about what happens when the Knox Warranty Bit is tripped, see the Secured by Knox before purchase FAQs.