Category filter

Configure Username Passthrough for Samsung Knox Mobile Enrollment

Samsung Knox Mobile Enrollment (KME) is a quick and efficient way to enroll large quantities of corporate-owned devices without manually configuring every single one. In addition, to make the enrollment process more hassle-free, KME supports the use of usernames and passwords to authenticate device users when enrolling devices via Samsung Knox.

Hexnode UEM, with the support of the ‘Username Passthrough’ feature offered in KME, allows you to automatically pass the username (the user’s email address in the Hexnode portal) of the device user during the enrollment process. The Username field on the authentication page of the Hexnode MDM app will be pre-populated and greyed out, thus preventing the user from altering this field. The users must then complete the authentication process by entering the credentials provided to them. The advantage of this feature is that you can force only a specific user to enroll the device in Hexnode.

Notes:


The Username Passthrough functionality is supported only on Knox 2.8+ devices enrolled under a Device Owner profile.

To enforce Username Passthrough on devices, you must first upload the users’ credentials (only the ‘User ID’ is required) in the Knox Admin Portal.

To enter credentials for a single user:

  1. Sign-in to your Knox Admin Portal.
  2. Navigate to Devices from the left-hand navigation menu.
  3. Select the respective device.
  4. Enter the credentials in the User ID field and click Save.
    Configuring Knox Username Passthrough on the device details page in Knox Admin Portal.

    Notes:


    The value entered here should be same as the Email of the user in the Hexnode repository.

To enter credentials for a bulk set of users:

  1. Sign-in to your Knox Admin Portal.
  2. Navigate to Devices from the left-hand navigation menu.
  3. Click on BULK ACTIONS > ASSIGN USER CREDENTIALS AND PROFILE
    Uploading user credentials for a bulk set of users to configure Knox Username Passthrough in Knox Admin Portal.
  4. Upload the .csv file and click Submit.
     Uploading user credentials in bulk to configure Knox Username Passthrough in Knox Admin Portal.

After uploading the credentials in the Knox Admin Portal, you can send enrollment requests to the users via email from the Hexnode portal:

  1. Navigate to Enroll > All Enrollments > Invite > Email.
  2. Set the domain as Local.
  3. To send invite to:
    • Single User: Select the required user from the dropdown.
    • Bulk Users: Upload the .csv file containing all the users and their details.

What happens at the device end?

The value provided in the User ID field in the Knox Admin Portal is automatically passed through to the Hexnode MDM app during enrollment. Consequently, the Username field on the authentication page of the Hexnode MDM app will be pre-populated with this value. The user won’t be able to alter this field but will still be prompted for the password.

  • Enrolling Devices