Force wiped Chrome devices to re-enroll
Chrome version 35 and later.
For administrators who manage Chrome devices for a business or school.
By default, wiped or recovered Chrome devices are forced to re-enroll into your domain. Re-enrollment ensures that the devices remain managed and policies you set are enforced on the device.
- Don’t force devices that are used in developer mode to re-enroll. Instead, put them in a different organizational unit and turn off forced re-enrollment for that organization.
- If a device is no longer going to be managed by your domain, you should deprovision the device instead.
When forced re-enrollment is turned on...
- Chrome 68 and later—Wiped or recovered devices automatically re-enroll in your domain when they connect to a network. If automatic re-enrollment fails, users can close the error message to switch to the manual re-enrollment screen.
- Chrome 67 and earlier—The user has to re-enroll the device before they can use it. If they don't, they can't sign in, browse in guest mode, or see the consumer sign-in screen.
Turn forced re-enrollment on or off
From the Admin console Home page, go to Device managementChrome management.
If you don't see Device management on the Home page, click More controls at the bottom.
- Click Device settings.
- On the left, select the organization where you want to turn forced re-enrollment on or off.
For all users, select the top-level organization. Otherwise, select a child organization.
- Configure the Forced Re-enrollment setting:
- To turn it on, select Force device to re-enroll into this domain after wiping.
- To turn it off, select Device is not forced to re-enroll after wiping.
- Click Save.
Settings typically take effect within minutes, but it might take up to an hour to propagate through your organization.