Quickly Factory Reset Samsung Tablet Despite MDM Blocking Factory Restore

A user recently provided me with a tablet which was using IBM’s MAAS360 MDM (Mobile Device Management) which was not allowing the user to functionally use the tablet. The tablet was stuck in kiosk mode and had severe limitations imposed on it from a previous life as a company’s work device. Now decommissioned, the user wanted to be able to use the tablet without all of the restrictions and apps previously required by the organization. Unfortunately the company was no longer around to provide the administrator passcode to disable the MDM software.

Deciding that this would be an interesting challenge, I accepted the tablet and began to get to work on it. There were several potential ways to attempt bringing the tablet back to a usable state.

The first and easiest option would be to perform a factory reset which would wipe the operating system, apps, and files on the tablet, bringing it back to the original state. This requires that the default recovery partition still be intact on the device.

Secondly, and slightly more difficult, would be to flash (copy) the original ROM of the tablet. Fortunately there are many communities built around these devices and there was an available stock (default) image that I could download.

The third option would be to flash a custom recovery partition using TWRP which is popular for Android users who wish to install custom operating systems.

I will walk through the different options and what I tried, the challenges encountered, and ultimately what succeeded in the end.

Proceed further at your own risk. Although this worked for me, performing these actions could irreparably damage your device. I provide this information as an educational post, and log of what I worked on, and take no responsibility for your unique use case and consequences.

How to Factory Reset

How to Enter Recovery Mode

For the Samsung Galaxy Tab E you enter recovery mode by first powering down your tablet by holding down the power button until the screen prompts for the power off option. Hold down

Home Button + Volume Up + Power Button

simultaneously until you enter recovery mode which looks similar to the following screenshot.

Using the volume buttons move up or down until the selector is on

Wipe data/factory reset

and hit the power button to run the command. If it prompts you to say yes, highlight y or yes and hit the power button again. Check the system messages to see if it was successful. If you receive the error “MDM Does Not Allow Factory Reset” then we need to try the next step.

How to Flash a ROM (Operating System)

Prerequisites

• Windows laptop with USB cable for tablet
• Samsung USB developer drivers
• Odin ROM flashing utility
• ROM to flash with

Download Samsung USB Developer Drivers

Go to https://developer.samsung.com/mobile/android-usb-driver.html and download the SAMSUNG_USB_Driver_for_Mobile_Phones.exe and install.

Download Odin

Odin is an internal Samsung flashing utility. However it appears to have leaked on the internet and is a common method for users who wish to flash their phones/tablets to do so. Visit the XDA-developers forum to get the latest version of Odin here.

Find and Download Correct ROM for your device

Typically you will browse the XDA-developers forums for your specific device to see what official and unofficial ROMs are available. Luckily for me a user has posted the original stock image at this forum link. The ROM is hosted on this site which has a fairly slow download — it took about 4 hours to download and was 1.3 GB in size. It is Android Nougat 7.1.1

Here’s a supposedly alternate version, however it requires you to be a premium user and is untested by me at this time. https://www.sammobile.com/samsung/galaxy-tab-e/firmware/SM-T377P/SPR/download/T377PVPU3CQI4/192072/

Unzip this to a location that you can remember. It should be a “.tar.md5” file.

How to Enter Download Mode

Download mode can be entered from the recovery mode and selecting “Reboot to bootloader”. Otherwise, power down your tablet by holding down the power button until the screen prompts for the power off option. Hold down

Home Button + Volume Down + Power Button

simultaneously until you either enter download mode or receive a prompt warning that writing a custom ROM could impact the stability of the device. Follow the onscreen instructions to continue and enter download mode.

At this point with the tablet plugged into the computer and Odin open, you should see at least one COM port light up blue with the USB port your tablet is plugged into.

Click the AP button and browse to your unzipped firmware. Select it and after a few seconds (depending on how long it takes to load, be patient) the filename will appear in the text box to the right of the AP button. Go into options and make sure re-partition and nand erase are unchecked. Click start.

Note: I also tried with nand erase and the MDM lock still prevented me from being able to wipe everything.

If successful you will see a green success message in the big square above your USB COM connection icon. If it fails you will get a red failure. Check your mobile screen, it may say something like “MDM mode can’t download“. If this is true then we can try replacing the bootloader with a custom one.

How to Exit Download Mode

If you didn’t have auto reboot checked the download page on the tablet may appear paused even after the success or failure message in Odin. Holding down the power button does nothing. The quickest way is to hold

Home + Volume Center + Power Button

After several seconds the tablet will reboot.

How to Flash a Custom Recovery Partition (TWRP)

There are multiple reasons why you might want a custom recovery partition. It is primarily used so that custom software can be installed on the device. These can be modifications such as rooting the device or completely replacing the firmware of the device with a custom ROM. This is because the default recovery partition might not let you install a custom ROM by default.

Prerequisites

• Windows laptop with USB cable for tablet
• Samsung USB developer drivers
• Odin ROM flashing utility
• TWRP for your specific model to flash with

In my case I wanted to replace the current ROM with the stock ROM in the factory default state and I thought this would help. Go through the same process as in the above “How to flash a ROM” portion of this guide.

Go to TWRP to find the correct version for your device. These are device specific and will not work if you select the wrong one. For the Sprint SM-T377P the correct version is here. You can follow the Odin Install Method listed on the TWRP page but I’ll walk through my steps here.

(Note: The 3.1.X version actually did not work for me and I had to use TWRP v 2.8.7 available here.

Download the TWRP .tar file.

Boot the tablet into download mode and attach the tablet to the computer via USB. Open Odin, and click the AP/PDA button select the .tar file. (You do not need to untar this)

Once you see the green success you can reboot the tablet, or if you had selected auto reboot the tablet will reboot on its own. If it failed with the message “MDM mode no download” we need to try the last option.

How to Force Factory Reset With MDM Installed

As mentioned before, this tablet had the IBM MAAS360 MDM software installed which limited what could be done with the tablet. As a result none of the above methods worked until running through the following steps.

1. Go to settings –> lock screen and security
2. Under “Screen lock type” Create a pattern or pin
3. Set “Do not require pattern/pin when device turns on” to OFF
4. Under the Secure Lock Settings enable “Auto factory reset”
5. If available, disable “Find my phone”
6. Restart device
7. Enter password wrong 15 times for factory reset warning
8. Reboot
9. Enter password wrong 15 times for factory reset warning
10. Reboot
11. Device will take a long time to boot and may sit on flash screen. I’m not sure if I hit the right buttons, but I think volume down + home button revealed that the device was reverting to the factory defaults

Once the device has finished wiping and restoring to factory defaults any custom options such as Custom ROMs or Custom recovery partitions can now be added via download mode without the MDM block. Otherwise you can enjoy the device in the stock configuration.

Force Samsung Emergency Recovery with Samsung Kies

If you replaced recovery partition with a custom recovery partition and are using a default ROM, you may get an error like

The operating system on your device has been modified in an unauthorized way. Try downloading software updates using Smart Switch on your computer or visit a customer service center.

The potential fix for this is to use Samsung Kies to restore all the default firmware. You will need Samsung Kies, Download mode on your device, the serial number, and model number of the device (SM-T377P). The serial number can be found on the box or on the battery on the back of the device.

Check out the guide at this link for further information: https://forums.androidcentral.com/ambassador-guides-tips-how-tos/544742-guide-force-samsung-emergency-recovering-samsung-kies.html

Provided serial number and model information Kies will download and install the firmware, wiping the device completely and restoring it to a stock state.