Force wiped Chrome devices to re-enroll

Chrome version 35 and later.

For administrators who manage Chrome devices for a business or school.

By default, wiped or recovered Chrome devices are forced to re-enroll into your domain. Re-enrollment ensures that the devices remain managed and policies you set are enforced on the device.


  • Don’t force devices that are used in developer mode to re-enroll. Instead, put them in a different organizational unit and turn off forced re-enrollment for that organization.
  • If a device is no longer going to be managed by your domain, you should deprovision the device instead.

When forced re-enrollment is turned on...

The user has to re-enroll the device before they can use it. If they don't, they can't sign in, browse in guest mode, or see the consumer sign-in screen.

Turn forced re-enrollment on or off

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in

  2. From the Admin console Home page, go to Device managementand thenChrome management.

    If you don't see Device management on the Home page, click More controls at the bottom.

  3. Click Device settings.
  4. On the left, select the organization where you want to turn forced re-enrollment on or off.
    For all users, select the top-level organization. Otherwise, select a child organization.
  5. Configure the Forced Re-enrollment setting:
    • To turn it on, select Force device to re-enroll into this domain after wiping.
    • To turn it off, select Device is not forced to re-enroll after wiping.
  6. Click Save.

Settings typically take effect within minutes, but it might take up to an hour to propagate through your organization.

Was this article helpful?
How can we improve it?