How to remotely lock or unlock device enrolled in Knox Manage
Last updated July 26th, 2023
Categories:
Environment
- Knox Manage (KM)
- Android Enterprise (AE) Device Owner (DO) mode
- Fully managed devices with a work profile
- Android Legacy devices
Overview
This knowledge base article guides you through several scenarios in which you may want to remotely lock or unlock a device enrolled in Knox Manage:
- How to lock a lost phone without erasing its data
- How to unlock a device that is locked by another UEM and not connected to the Internet
- How to unlock a device that is locked by another UEM and connected to the Internet
- How to lock a device after too many unsuccessful login attempts
How do I remotely lock a phone in Knox Manage without erasing its data?
- In your KM console, go to Device and select the checkbox next to the device that was lost.
- Click on Device Command > Device > Lock Device.
- In the Lock Device window, fill in the Message and Phonebook fields with the appropriate contact information.
- Click OK.
The below screen is shown on the device after the Lock Device command is sent:
How do I unlock a device that is locked by another UEM and not connected to the Internet?
If a device enrolled in KM is locked by another UEM and does not have an Internet connection, the user must enter a 9-digit code to unlock it. To access this code:
- In your KM console, go to Device and find the device that was lost.
- Click on the device name.
- In the Security tab, next to the Lock Device line, the 9-digit unlock code is displayed.
Entering the 9-digit code only removes the lock screen. You must enter the correct device password to unlock the device.
A new unlock code is generated after every use, preventing the same code from being used again.
How do I unlock a device that is locked by another UEM and connected to the Internet?
- In your KM console, go to Device and select the checkbox next to the device that was lost.
- In the menu that appears, click on Device Command > Device > Unlock Device.
How do I lock a device enrolled in Knox Manage after too many unsuccessful login attempts?
If you are using an Android Enterprise profile:
- In your KM console, go to Android Enterprise > Security.
- In the Fully Managed column, enter a value for the Maximum Failed Login Attempts policy.
- Under If the maximum number of unsuccessful login attempts is exceeded, select Lock device.
If you are using an Android Legacy profile:
- In your KM console, go to Android Legacy > Security.
- Enter a value for the Maximum Failed Login Attempts policy.
- Under If the maximum number of unsuccessful login attempts is exceeded, select Lock device.
A device locked with this method can also be unlocked with the two methods mentioned above.
The below lock screen is shown on the device after the profile is pushed:
On this page
Is this page helpful?