Hello everyone.
I'm totally new here. This is my first post on XDA.
Recently I bought a 2nd hand phone, Samsung Note 10 Plus with a very good condition. Everything seems to me perfect when I purchased it. All features are working great.
Recently I tried to add an educational google account that was provided from one of educational institution.
When I tried to add this account on this particular phone, it's showing an error that -
"Can't create work profile!!
The security policy prevents the creation of a work profile because a custom OS has been installed on this device."
(I'm posting the screenshot also)
I don't know why it's showing this error message, because I'm not using any custom OS, according to my knowledge. I got official OTA update after purchasing it.
So as far as I know, it's running on stock OS.
The model number of my Note 10 Plus is "SCV45". It's a Japanese variant named "au".
What is reason of this error behind it? I didn't install any custom OS nor root my phone. I don't know the previous history as it's a 2nd hand phone. What should I do now to fix this issue. Please help me as I'm new to this thread.
Settings>About Phone>Status>Phone Status
Phone status should be "Official" otherwise it's been rooted and the Knox efuse tripped.
Can you set up/use Secure Folder?
Thanks for your earliest reply.
Here, phone status is showing "Official".
But after using some days, I get t know about "Knox Security" & I found heart breaking fact that my phone's "Knox Security" is void & I have to live with it as there is no workaround for that issue. (Found on XDA)
But the fact is, currently I didn't found any root access & from the about section, it's showing Official OS.
Then why it's giving error msg that I am using custom OS?
I got to know from xda that if knox security is tripped then I can't use some of Samsung app like Samsung Pass, Secure Folder, Samsung Heath....
But why I can't use a work profile when I am running on stock OS & which is not ever rooted (according to my knowledge).
So what I can do now to fix this issue?
Please help.
So much for that efuse trip method indicator... there are other ways to tell. Lol, always thought that one worked. You're questions have me curious as well.
My guess it was Knox efuse, but as for work profile not sure if it was or is tied together with Knox.
I avoid the Knox features as they're rules are convoluted... and I have no need for them.
You might want to reflash the firmware to be on the safe side. There are many here that can give you a better appraisal about this than me though.
I run stock N10+'s.
Lastly you could consider returning the device if it has been rooted in the past and the seller didn't state so.
blackhawk said:
So much for that efuse trip method indicator... there are other ways to tell. Lol, always thought that one worked. You're questions have me curious as well.
My guess it was Knox efuse, but as for work profile not sure if it was or is tied together with Knox.
I avoid the Knox features as they're rules are convoluted... and I have no need for them.
You might want to reflash the firmware to be on the safe side. There are many here that can give you a better appraisal about this than me though.
I run stock N10+'s.
Lastly you could consider returning the device if it has been rooted in the past and the seller didn't state so.
Click to expand...
Click to collapse
I didn't think so it is tied with knox security. Because I have used that work profile on another mobile other than a Samsung phone. So there is no link up between my work profile and the knox security.
Now I want to reflash the stock firmware by Odin3. But the problem I faced is, when I visited SamMobile for downloading the exact firmware, I didn't see any model number with "SCV45".
All the model numbers are like - SM-N975F, SM-N975U, SM-N975U1, SM-N975N... & so on.
So, should I flash any of them? I can't choose the proper version.
My mobile is snapdragon variant.
If I flash any of the version, what will happen?? I need to know about that.
And lastly, about returning the device.
I have purchased it as 2nd hand, and the first unit that I got, has the hardware problem. So I already returned that one. So they already gave me a replacement.
So I know, there must be some issues & I have to accept that as I am getting at very cheap price. But the last one I received, is totally in fresh condition. Even the screen paper that comes with intact phone, is still there. I have checked all the the hardware and sensors. All are working perfectly. And battery backup is also good. I am getting almost 7.5hr SOT. I have checked the battery cycle. Battery discharge cycle count is 164 (I don't know whether it is modified or not). I checked the other phones that have battery discharge cycle count is almost 500 to 700.
That's why I pick this last one. All seems perfect. Only have the issues with knox security, but I get to know about that later. And knox security is also not important for me. But at least I need to use my work profile.
That is the Japanese variant.
If you're stateside a Samsung Experience center at a Best Buy can run advanced diagnostics on it and reflash it if needed.
I would stay on Android 10. Either 9 or 10 run well. 11 not so much so and 12 is a mess, both have fully active cpu cycle sucking scoped storage.
blackhawk said:
That is the Japanese variant.
If you're stateside a Samsung Experience center at a Best Buy can run advanced diagnostics on it and reflash it if needed.
I would stay on Android 10. Either 9 or 10 run well. 11 not so much so and 12 is a mess, both have fully active cpu cycle sucking scoped storage.
Click to expand...
Click to collapse
When I purchased the Mobile, It has Android 10. I've upgarde to andoird 11 just. Everything is working fine except that issue.
Can I flash SM-N975U or SM-N975U1 firmware? there will be any problem??
Related
I got impatient last night and finally bit the bullet and rooted. Froze a bunch of apps (including Knox ofcourse) and made some changes with MultiWindow and Wanam Xposed. I tried playing one of the movies I bought wiht the $50 Samsung cred and it says: "This item expired. Connect to PC and download license."
Anyone else see this and know how to fix?
Thanks!
alias747 said:
I got impatient last night and finally bit the bullet and rooted. Froze a bunch of apps (including Knox ofcourse) and made some changes with MultiWindow and Wanam Xposed. I tried playing one of the movies I bought wiht the $50 Samsung cred and it says: "This item expired. Connect to PC and download license."
Anyone else see this and know how to fix?
Thanks!
Click to expand...
Click to collapse
If you're device status show "custom" you probably won't be able to use Samsung's DRM protected apps. It breaks AllShare Cast also.
BarryH_GEG said:
If you're device status show "custom" you probably won't be able to use Samsung's DRM protected apps. It breaks AllShare Cast also.
Click to expand...
Click to collapse
Well I did have a "Custom" status, but I used Wanam to trick the system to saying "Official" again. When it said custom, checking for updates would fail. Now that it is tricked it says that the tablet is up to date. So I think that if Hub used that as a gauge it would work. I am worried that it is going deeper than that and checking the Warranty Bit in the bootloader. OR it could be checking to see if another program is available (like Knox) but since I froze it, it's failing.
Thoughts?
alias747 said:
Well I did have a "Custom" status, but I used Wanam to trick the system to saying "Official" again. When it said custom, checking for updates would fail. Now that it is tricked it says that the tablet is up to date. So I think that if Hub used that as a gauge it would work. I am worried that it is going deeper than that and checking the Warranty Bit in the bootloader. OR it could be checking to see if another program is available (like Knox) but since I froze it, it's failing.
Thoughts?
Click to expand...
Click to collapse
I connect to secure networks and have stayed away from rooting my N3 and N10.1-14 because with KNOX I can't take a chance that some flag somewhere in the s/w would be tripped preventing me from connecting and potentially having to replace my device. KNOX hasn't been around for that long and there are tons of threads across multiple forums swearing that "XYZ" method is KNOX safe. Pre-N3/N10.1-14 I'd root my device, clean it up, and then un-root it while still keeping "official" status. Now, who knows?
I've had a terribly laggy experience on my SM-P605 ever since turning it on for the first time. The original firmware was Vodafone infested so I spent the first week trying to find bloat free versions before trying custom editions (xKat).
Long story short my Knox is triggered but I am no closer to fixing any of the really annoying issues:
- WiFi constantly reconnects (35 other devices are fine)
- Google Chrome top bar 'jiggels' (distracting)
- Mobile data and WiFi stop working after 2+ days and only work again after rebooting
- Video playback in embedded web pages stutters
I'm fed up and would like to finally have a properly working device, my 3 year old S3 (i9300) running CyanogenMod exhibits none these issues...
My question: Is there a way I can reset Knox, apply a stock firmware and get Samsung to credit the unit?
Nope, once tripped it cannot be reset (un-tripped)
Sent from my SM-P600 using Tapatalk
As to the Knox warranty bit, it probably CAN be un-tripped, however, no-one knows how to do it (yet...?) ...
As you may know, a working, Knox-resetting Odin package for one of Note 3 variants leaked some time ago (heh don't get too enthusiastic, it does work only on the specific variant of Note 3 with specific bootloader version...). This seems not to be very helpful, however, it confirms that resetting Knox IS possible (at least on Exynos based devices). It also confirm that Samsung did not tell us all the truth, stating that the Knox is absolutely unrecoverable, because it is based on e-fuse (so it gets physically blown when Knox is triggered) - it seems that either e-fuse is a myth or there are some "substitution" e-fuses included in the hardware.
But as for now, it is true that you unfortunately cannot do anything with the triggered Knox (BUT there is a chance that Samsung service centre won't notice that... there were also ideas such as putting the device into microwave oven for 2-3 secs so the device will be damaged in a way making it impossible for samsung to check the knox status, but they shall be considered as illegal...)
And as to your issues with the device - have you tried adding:
ro.securestorage.support=false
to your build.prop (or changing the value from "true" to "false" if the property "ro.securestorage.support" is present there...).
I got a popup asking to autoupdate the Samsung security policies. Does anybody know what the Samsung Security Policy updates update? I obviously declined the automatic updates, but was wondering if anybody knows if there are consequences either way.
I'm pretty sure this is Knox related. I've declined it myself only to be asked about a dozen more times since. Seems like it finally gave up though. If anyone else has input, I'd be interesting hearing what they know.
Sent from my SM-N910V using Xparent Green Tapatalk 2
My thought is to decline but i would be interested in hearing what a developer thinks.
I want to bump this question. I just had a notice to allow security policy updates. The terms and conditions that must be accepted state that the "updates may add new security policies and delete any existing policies, if necessary. The service may detect and delete any downloaded software which contains malware." Since I have a Developer Edition, am rooted and have many apps that have been granted Super User permissions, I'm wondering if these security updates could delete or alter those permissions or otherwise affect root.
I updated it on my rooted dev edition and I've had no ill effects (so far) I know it required a lot of permissions but it's a security update from the manufacturer for god sake. The last thing I wanted was some security policy to go without being updated. Maybe that's my IT mindset. I was less hesitant to install because I already have root, unlocked bootloader, and a backup, so worse case scenario I could have just restored my nand.
commissionerg said:
I updated it on my rooted dev edition and I've had no ill effects (so far) I know it required a lot of permissions but it's a security update from the manufacturer for god sake. The last thing I wanted was some security policy to go without being updated. Maybe that's my IT mindset. I was less hesitant to install because I already have root, unlocked bootloader, and a backup, so worse case scenario I could have just restored my nand.
Click to expand...
Click to collapse
Agree with this on all points, but, like @GirLuvsDroid said, it sure would be nice to know exactly what these updates are doing.
I have also been declining them, but since you took the plunge for us (and I thank you!) and to your point, that we have backups, I will take it next time.
I have a rooted dev version, and I used Titanium (I bought the premium), and I froze the Knox services, as well as the security policy updates. It stopped the popup and my phone still works fine.
Re: Moving apps
I am about to help my husband root his 8.4 Tab Pro. But before I even do this for him, I need to know if I'm wasting my time.
What he wants is to be able to move his apps to his micro sd card. He says he doesn't have any room on his tablet.
So is that possible to do, once rooted?
Thanks
ms.journie said:
I am about to help my husband root his 8.4 Tab Pro. But before I even do this for him, I need to know if I'm wasting my time.
What he wants is to be able to move his apps to his micro sd card. He says he doesn't have any room on his tablet.
So is that possible to do, once rooted?
Thanks
Click to expand...
Click to collapse
Apps will have to be re-downloaded from the Play Store Store assuming he had gotten them there. In the possible case of Amazon Apps, you'll need to get it from them.
But, it sounds to me like you'd want to look for Titanium Backup, which should help you setup that task
I have no clue as to which version ot the Tab Pro you might have T320 (WiFi), or the T325 (LTE).
Either way, if your husband will somehow require the Knox (Security functions), of that Device.... STOP NOW!
Rooting to replace the Recovery, or OS WILL PERMANENTLY TRIP THE KNOX FLAG. Thus rendering Knox Security useless.
Assuming there is anything worth backing up it might well be inside there. And the ONLY TIME you have to back it up is before you trip the flag.
Once tripped there is no going back ever, and as I stated Knox will be dead to the Device, along with any hosted data that was part of it
Otherwise I wouldn't be to pressed about his Apps...
Ichijoe said:
Apps will have to be re-downloaded from the Play Store Store assuming he had gotten them there. In the possible case of Amazon Apps, you'll need to get it from them.
But, it sounds to me like you'd want to look for Titanium Backup, which should help you setup that task
I have no clue as to which version ot the Tab Pro you might have T320 (WiFi), or the T325 (LTE).
Either way, if your husband will somehow require the Knox (Security functions), of that Device.... STOP NOW!
Rooting to replace the Recovery, or OS WILL PERMANENTLY TRIP THE KNOX FLAG. Thus rendering Knox Security useless.
Assuming there is anything worth backing up it might well be inside there. And the ONLY TIME you have to back it up is before you trip the flag.
Once tripped there is no going back ever, and as I stated Knox will be dead to the Device, along with any hosted data that was part of it
Otherwise I wouldn't be to pressed about his Apps...
Click to expand...
Click to collapse
Thank you for this info!
I just asked him if he uses his knox security, and he says he doesn't because he has bit defender and malwarebytes. So since he doesn't use that program I guess I can go ahead and proceed.
ms.journie said:
Thank you for this info!
I just asked him if he uses his knox security, and he says he doesn't because he has bit defender and malwarebytes. So since he doesn't use that program I guess I can go ahead and proceed.
Click to expand...
Click to collapse
I'd like to think I'm up on most thing security wise. But, I'm not aware of those Apps. being on Android. Specifically MicroSoft's Bitdefender.
To describe what knox is (besides a means to void ones warranty), its a very secure business ordinated front end, that only come into its own when the Employer
also has a knox backend server running, to control it.
So long as thats NOT the case... Flash it!
If on the other hand it might be, I'd advise against it, as you can never go back from a Knox 0x1 state.
It will also (On newer Device that support it), brick up things like Google Pay.
Thankfully the Tab Pro does not have that feature to lose.
I have determined that I at least will need to unlock my bootloader which I am already loathing since that means everything on my phone will get reset. We also don't even have signed firmware for this device. I don't care about root, but I also don't use any of this pay nonsense. I do play a certain game that will moan about my phone being modified though. I was already looking at the nougat thread regarding root and passing everything but I'm not interested in magisk and the headache that comes with having to deal with safetynet updates.
Far as I understand:
1. Get TWRP, can I get away with just booting it and not actually flashing?
https://forum.xda-developers.com/mo...recovery-unofficial-twrp-moto-z-play-t3495629
2. I guess tomparr's zimage kernel zip found here: https://www.androidfilehost.com/?fid=457095661767134479 is required since the system is going to be changed for what I want to do
3. Steps somewhere a long the lines of this http://www.theandroidsoul.com/enable-tethering-nougat-alongside-android-pay/
a. Add the net.tethering.noprovisioning=true line
b. Open Terminal emulator on your device and issue the following commands one-by-one:su
settings put global tether_dun_required 0
exit
If I am understanding anything wrong or anyone wants to point me at anything else to read that would be great.
[rant] What an annoying experience this has been, before a few hours ago I praised motorola(lenovo) for what an amazing phone this was, that is until I got that ridiculous update pushed to my phone. Yes, it is definitely snappier and more responsive, but I'm not giving up functionality because the developer of the dammed OS caved into pressure from carriers. I bought an unlocked phone an no carrier has any right to restrict any of my phones features just because they think they can. I work in an office where login into the wif is a thing and I will have multiple devices with me sometimes, so I used to just bluetooth tether the other devices from my main phone and not have to deal with mutliple logins, there are also times when out and about where my gf's signal isn't great and she will use my data to be able to keep using her phone. DAMMIT THIS IS FRUSTRATING.... [/rant]