I have created Android enterprise then enrolled the device on using the QR code, the device does say its enrolled and managed by Organisation. But the weird part is it trying to get the list of device return empty object, and also the app which I had put on policy to be forced to install didn't install. What could be the problem in my enrollment?
Related
I found an application & they are using Device Identity as user login. After uninstall & install its showing same DeviceID.
When I test this app on my android device. The device identity doesn't match with this String.
String android_id = Settings.Secure.getString(this.getContentResolver(),
Settings.Secure.ANDROID_ID);
But when I tried this on android emulator string matched with that app device ID.
But in my physical Device....
Showing on that app: 93edad60438f8004
Getting String Device ID: 5f1cf6393c37ae96
How can I get device ID as that application?
That App on Emulator
Emulator Device ID
As of Android 26, every app on the device gets told a different Android ID for privacy reasons. This prevents companies from being able to share data on a user without his permission by just correlating the device id.
Also, a device id should NEVER be used as login credentials. I can get a version of Android that allows me to claim whatever id I want on an emulator with a quick recompile of AOSP. It can be spoofed way too easily. If you need to be able to log in a device, use a randomly generated key from your server and encrypt it with a key stored in the keystore. Do not count on an hardware identifier. They can be spoofed, and just as importantly you can't revoke them without breaking the user's ability to use your app. With a randomly generated token you can invalidate it server side and the user just has to log in again.
From my last posted question below,
Not getting any idea about the workflow of managing an android device from another device using an pre installed android in both devices
I am here today with new problem. I used android management api to create enterprise, enrolling a device with device policies(Used the sample provided in here a link. But what I am trying to achieve I am not getting it. I want the app to be able to disable all normal apps and camera when parent app blocks them in childs device from its own device using android management api. But what I am getting is that upon upload of enrollment of the policy using enrollment token I see a separate work profile is being created in android device which is not my requirement in the app.
So if anyone out here can help me out in this one be very thankful.
TL DR:
To fully control a device you must enroll it in DEVICE OWNER mode.
I'll try to stick only to this question and address your other concerns answering the other.
You can enroll a device mainly in two modes WORK PROFILE and DEVICE OWNER, one is thought for enterprises that want to allow a BYOD model, the other for enterprises that provide company owned terminals and who wants exert full control on them.
From the docs: https://developers.google.com/android/management/provision-device
The work profile provisioning methods create a work profile on a device. A work profile is a self-contained space that separates work apps from personal apps (see employee-owned devices for more information). On devices with work profiles:
Android Device Policy is installed within the work profile.
devices.managementMode is set to PROFILE_OWNER.
Most policies and commands apply to the work profile only.
The fully managed and dedicated device provisioning methods provide enterprises with full management control over a device:
Android Device Policy is installed on the device's personal (primary) profile.
devices.managementMode is set to DEVICE_OWNER.
Policies and commands apply to the entire device.
Your idea probably needs DEVICE_OWNER mode but here there is the big problem, to enable them you must enroll a device that is factory reset!
So you need a much specific process to prepare a device before use, you cannot achieve a so strict control on a device just installing an app and control it from outside permissions or not. It's against the logic of a "personal device".
I am new to android and I was making an app using firebase authentication to let a user create an account and sign in. While making the app, I set the minimum android version to Marshmallow. Every thing works well when I run the code on the emulator.
I have made a variable name isAdmin and a EditText which is secret code, so when a user creates an account, if the user knows the secret code, he or she will get admin rights, else no admin rights will be given.
The problem is that when I run the app on the emulator it works fine, when I run using USB debugging in my phone it works fine, but when I generate an apk in Android Studio and install that app on my mobile and then I create an account, the app crashes without showing any error and when I look into my firebase database, all details like first name, last name exist in database but the variable isAdmin does not exist in the database.
I don't know why this variable is not getting stored in the database.
My phone is Marshmallow xiomi redmi 3s
I need to install my app only on some devices and does not allow installation on another devices.
I thought that maybe I can pair a unique ID to install apps.
I can do this?
How I can block the installation of a single application on some devices?
You cannot control app installation based on Device Id (IMEI) either by google play store or direct install... However you can check at the start of the launcher activity, you can check that the Device Id (or Imei) is in the list of imei you are allowing... Then allow user to use the apk... ELSE finish() the launcher activity... You can also give message to user stating "Unauthorized access" or something similar...
I thought that maybe I can pair a unique ID to install app
There's no platform provided, reliable uniquie ID of the device.
How I can block the installation of a single application on some devices?
You cannot block installation on device - as long as device meets your manifest requirements (screen, libs, platform version etc) user will be able to install your app.
Google provides you with this option also. If you have an account in the developer console of android, in the apk column you can see the list of devices your app supports. Out of that you can deselect the ones you don't want in your list.
At the time you are uploading the apk to play store, its very easy to deselect the devices you don't want your app to run on.
I am currently investigating ways of remotely updating an Android app installed on a number of devices. The app in question is to be used on phones which we will provide to a number of demonstrators as part of product presentations. For this reason we don't want to publish the app on Google Play to be available for the public at large.
I've read that you can restrict access to the device on Google Play, but only according to criteria such as location, device type, android version, etc. Another way is to set up a version for beta testing, for which you can select testers, however this is only available to those who are part of a Google group or a Google+ community (according to here).
I've come across another post which details how to install an apk programmatically, however it appears to install the apk automatically, ie it doesn't appear to check whether or not the update is actually a new version.
One idea I have in mind is to upload new version on a repository and broadcast to devices which have the app installed, of which we have stored device ids. Is this possible?
What we do is sync periodically to a remote server during data entry on the app. During this sync, we check to see whether the device has the latest version of the software. If it doesn't, the new apk is downloaded and the user is prompted to install the software.
This is accomplished using a separate installer app we created. We have a service that keeps the app alive in the background, so it looks like the user never actually leaves the app during the install.
Would be happy to post code on the installer.
You can see the self installer here: https://github.com/techartist/SelfInstall-Jelly-Bean/
You should try Beta by Crashlytics, it's email-based.
You should try beta or alfa testing in gplay.
Also you can hardcode the date of ending and not to open application after this date.