How did you get it work? I installed it but when my desktop boots up and I click on the G Logo and I click the arrow to try to enter the credentials it says " Your administrator doesn't allow you to sign in with this account. Try a different account" It does not even give me the options to enter the log in credentials 

That typically happens when you have not set an allowed domain, take look at step 2 for details

Hi Newman thanks for the quick response I really appreciate it! I have been working on this all day and would like to get this fixed ASAP because I have a new employee starting on Monday. Step was already made look at the attached pics, is there anyway we can contact each other directly ASAP let me know so I can get this done. This thing does not give me the chance to enter the log in info at all!

Sorry I'm not available today but this should fix it.  When you set it in the admin console, there can be a delay in the propagation of the registry edits.  Manually add the registry edits and you should be good to go.

Setup

1. From the Windows Start menu, click Run.
2. In the Run box, enter regedit.
3. In Registry Editor, go to HKEY_LOCAL_MACHINE\Software\Google, right-click Google, and click New
    

    

   Key to create a folder.
4. Name the folder GCPW.
5. Right-click the GCPW folder and click New
    

    

   String Value.
6. For the name, enter domains_allowed_to_login.
7. Double-click the name and, in the Value data box, enter a comma-separated list of allowed domain names. For example: example.com, example.org, example.net.
8. Click OK.

I tried that but I am still getting the same issue, Like I said it does not even allow me to enter the log in credentials when I boot up the computer any other suggestions?

Man I thought that should do it.  The only other thing I'm aware of is on the troubleshooting site, but since you have already added the allowed domain to the registry this may not do a thing but it's worth a shot. If it doesn't work if you haven't already open a support case open one.

1. On the device, open Task Scheduler.
2. In the Task Scheduler library, right-click GoogleUpdateTaskMachineUA and click Run.
3. Wait a few minutes for the policies to update.

You can also uninstall and reinstall is also worth a shot if the above doesn't work.

Looks like those last 2 steps you mentioned worked! Thank you so much!

Hi cbonilla94,

Are you using Windows 11 Home or Windows 11 Pro on the machine that you were having problems signing in with?

GCPW works fine on Windows 11 Home machines for me since I originally created the query. However, I recently tried a Windows 11 Pro machine and I could not get past the sign in screen - similar to the issue you encountered.

I contacted google support and they stated that Windows 11 Pro is not currently supported which is disappointing.

So I am contemplating rolling the machine back to Windows 10 Pro to be abel progress.

Thanks.

I am using Windows 11 home, Did you try the last 2 steps? That fixed the issue for me.

Hi @cbonilla94 ,

I added the allowed domains record and that seemed to solve it for me thankfully which is great!

Thanks!

Hi Luca,

That is great to know!

Windows 11 Home worked fine for me with previous installs but the Windows 11 Pro would not allow me to sign in.

I added the allowed domains in regedit and that seemed to solve it now thankfully on the Windows 11 Pro device!

Thanks again.

Hey Luca, are you able to get the administrative privileges to function? For me if I set the settings to allow local administrator rights for the user within Workspace. Or if I include some admin accounts to include, neither are passed to the Windows 11 device. Policy status code 500 is observed in the logs with failure. Other custom policies applied don't seem to deploy to the device either.
 For me on my test I can install the tool, sign-in as a user, but admin rights aren't applied or adjusted, lock screen timeouts etc nothing is applied. So negates the point of using it as an MDM to some degree. Unless there's a workaround?

Hi Adam
usually (in my environment) it takes at least a complete reboot after 10 minutes for GCPW to apply policies after first login in the Google user on Win 11. On Win 10 it's faster (almost immediately).
Also policies are not applied if:
- machine hasn't a pro license (of course)
- it's not configured as a Work device on the Admin Console
- has already been used once and no wipe happened (old Google user working as intended, the second and onwards not so much, no admin policy is applied)

To be sure that everything works I ask people to login with their work google account, open Chrome to create their profile and sync bookmarks/password if present. Then wait the remaining part of 10 minutes. From there log out and log back in. Since we mandate a lock screen image if they see that all is good, otherwise we need to step in and force the sync after asking to reboot the laptop for safety.

You say

---

@Adam__ wrote:

Or if I include some admin accounts to include, neither are passed to the Windows 11 device.

---

You mean the part of the Google Admin console that lets user with a specific name to not be hidden (and that you need to create manually) or something else? 

Thanks Luca,

I'll give it another go via a fresh laptop and test out this 10 minutes wait. But just to confirm on Windows 11 Pro devices your able to pass policies which you have defined under Google Workspace Mobile and endpoints--Windows Settings ?

Items such as Account settings --> Administrative privileges (Defining a local admin account to be added to the device)

Windows updates and custom settings to achieve things like lock screen after x minutes via the OMA-URL paths?

After chatting to Google they informed me that all of these settings only function on Windows 10 devices and Windows 11 support is yet to be rolled out. Which is crazy considering Windows 11 has been with us for many years 🙂

If you have first hand experience of all these policies passing through though, just a 10 minute wait and reboot as the work around I'll have a another play.

Thanks

WDAC or Applocker