Back to top
Home / Knox Authentication Manager / How-to guides /

Test device syncing

Last updated October 28th, 2024

After you deploy Knox Authentication Manager, you can perform a device-to-device syncing test to verify that Knox Authentication Manager works as expected.

Prerequisites

Before you can perform this test, ensure the following:

  • The devices have the same group ID or are on the same Wi-Fi subnet, depending on how you configured Knox Authentication Manager in your UEM.
  • The devices are plugged in and charging.
  • Your network’s configuration and firewall allows devices to communicate with one another using the UDP and TCP port numbers specified in the managed configuration.
  • Port 443 and URLs that end with *.firebaseio.com have been added to your firewall’s allowlist to allow communication with Firebase.
  • Your network’s firewall exceptions allow time.android.com – UDP port 123. This lets Knox Authentication Manager to communicate with the NTP (Network Time Protocol) server to determine the most up-to-date user profile when performing device-to-device syncing.

Test device syncing

To test device syncing, you need two devices with Knox Authentication Manager installed that are in the same device group or on the same Wi-Fi subnet, depending on how you configured Knox Authentication Manager in your UEM. For instruction purposes, these devices will be referred to as Device A and Device B.

  1. Dock or plug in Device B.
  2. Enroll a new user account with Knox Authentication Manager on Device A.
  3. Dock or plug in Device A and wait 1-2 minutes for the devices to sync.
  4. On Device B, enter the enterprise ID you used to create the new user account on Device A. If Knox Authentication Manager signs in to the account without asking you to re-enroll the account, then the devices synced successfully.

Potential issues

Devices may not sync if:

  • The UDP/TCP port number is blocked by your enterprise’s network policy.
  • HTTPS or port 443 is blocked so devices can’t communicate with Google Firebase.

Devices may not sync if:

  • A device’s storage is full.
  • A device has lower than 5% power.
  • A device’s storage is encrypted. Since Knox Authentication Manager’s application data is stored in the Credential Encrypted (CE) storage location, if a device is rebooted but not unlocked, the CE storage is encrypted.

Devices may not sync if in the Knox Authentication Manager configuration in your UEM:

  • Devices aren’t under the same org ID, group ID, and group key.
  • The UDP/TCP port number is invalid or conflicts with other services on the device.

Devices may not sync if:

  • A device was just charged out of the network range.
  • A device was powered off when charged.

On this page

Is this page helpful?