Device Account Policy
Last updated April 29th, 2025
You can use Device Account policies to specify which accounts can be used on your devices with Knox Service Plugin.
-
In the Knox Service Plugin app configuration, enable device-wide policy controls or work profile policy controls depending on how your devices are deployed.
Base setting in managed configuration Value Device-wide policies > Enable device policy controls To configure for company-owned devices (fully-managed or with a work profile), set to True. Work profile policies > Enable work profile policies To configure for personal devices with a work profile, set to True. -
Under Device account policy, set Enable Device Account Policy controls to True, then you can configure the following settings:
- Samsung account configurations — Select whether a Samsung Account for Business, or the device user’s personal Samsung Account is used on your managed devices.
Currently, Samsung Account for Business is only supported on Galaxy S24 and S25 devices running OneUI 7.0. It will be available on a wider range of Samsung galaxy devices with Android 16.
- Enable Device Account policies — Set True, then add a new configuration under Device Account Policy Configurations and fill in these fields for each configuration:
- Add Account Type to Addition Blocklist — Select which account types can’t be added to your devices.
- Add Accounts to Addition Blocklist — Specify specific accounts that can’t be added to your devices. You can add a comma separated list of accounts, and use wildcards to specify multiple accounts.
- Samsung account configurations — Select whether a Samsung Account for Business, or the device user’s personal Samsung Account is used on your managed devices.
Is this page helpful?