I have the following requirement for a client, could you advise me the correct direction.
Client wants and Android device which is fully controlled by device remote admin features. Where I need to accomplish following features.
Lock Play store so users cannot install apps
User access certain apps in certain time of the day
User should be able to use the phone only a specific.
All these parameters, can be changed from a remote admin panel.
Could you provide me with some article or something which helps me do that.
I see this : http://developer.android.com/guide/topics/admin/device-admin.html
Related
I am working on a mobile application and would like to inform users when an update is available, if that user's device is not managed by an MDM. If the device is MDM-configured, we don't expect the end user will be able to update the app without the configuration being changed by the administrator. To provide a better user experience, we want to provide relevant information. To do this, I'd like ideas to determine if an app (written in Kotlin/Swift) can poll for this type of information.
I saw some things in the Android Docs about checking for Restrictions Providers, but I think this is the wrong avenue. I'm not very familiar with this, so correct me if I'm wrong.
I want to give a mobile device to 10 employees with Device Administration installed application which is also connected with server. I can select the number of employees from server and i can push the mobile app to the selected employees.
The app should get downloaded and installed without getting the user permission. Is it possible to achieve? If it is yes then please provide me some links and examples. Just I want to restrict what are all the apps they can use it.
The functionality you're looking for is provided by EMM's (Enterprise Mobility Management). Some examples are Airwatch and MobileIron. Once your devices are provisioned using the EMM's... you can force install certain apps silently, enforce VPN's, security restrictions, track location and usage, lock the phone, and wipe data.
https://www.mobileiron.com/
http://www.air-watch.com/
Can any one help me out how to do MDM Integration in Android from client and server prespective?
I want to do an enterprise application which having lock and wipe functionality. I have no any clue of workflow of MDM in Android.
Thanks.
Android Device Admin API will do both things what you want to do (lock/wipe device and even more). An example is given and also you can find this complete source code in your Android SDK directory.
Now as client server perspective:
You have to implement your task (lock and wipe) in your android application (in client, i.e. known as agent). Now your application should be capable to communicate with your server or vice-verse.
I am 100% agree with adamk as he said "Remote controlling your application remains exclusively your responsibility - the Android framework does not provide (or enforce) any solution for that."
And Android gives your this feature too, as adamk said to use C2DM, he was right but now C2DM is deprecated, and GCM has been introduced, “a service that helps developers send data from servers to their Android applications on Android devices.” The service can send a message of up to 4 kb to an application on an Android device, most often to tell the application to retrieve a larger set of data. GCM will now handle all queueing and delivery for messages to Android applications.
You should read how to use GCM, and you can find sample code too. Download GCM Android Library from SDK Manager
and check android-sdk/extras/google/GCM directory
After establishing successful communication between your agent and server, evaluate msg in agent sent by server and perform desire action (lock/ wipe). This is again up to you how you define your message payload and how you handle those payloads in agent application.
Here is an article about Android MDM.
Happy Coding :)
You can use DeviceAdmin to gain privileges for managing the Lock preferences and performing device wipe (among other stuff).
(The user must add your app as a device administrator beforehand)
Remote controlling your application remains exclusively your responsibility - the Android framework does not provide (or enforce) any solution for that.
You may want to consider using Google's C2DM API, which is a convenient push mechanism.
As mentioned in the above answer, DeviceAdmin API can help. If you are using an Android device, you might know about the Android Device Manager (the web-based version) which allows you to manage your device. Basically, you can track, locate, lock, and wipe your device, some of the basic features of an MDM solution. So, in coding (though I am not a coding expert), you need to get access to the Device Manager (I guess, using some listener codes, or notification access).
Apart from this, MDM allows creating policies and groups of users (which would be a part of the coding in the app itself), then pushing the command over the internet (or OTA) to the connected device.
MDM also allows managing Apps and Data on the device, for which, you need the app to get access to the internal as well as external device storage.
Hope this helps. Good luck creating your MDM software
I would like to build an enterprise application. So in these case. i want remotely manage my Android Device,
Example. I want to disable USB port my office users device & New application installation. Since device will be provided by us , So in order to main security.
How to achieve this. Did Google Provides any APIS
From the Dev Guide:
http://developer.android.com/guide/topics/admin/device-admin.html
Android 2.2 provides a Device Administration API that allows you to set certain policies for the device on which your app gets installed. There is also a step-by-step tutorial on the same page.
This API has been used in some of the existing apps that come bundled with the Android source code. For eg: Exchange Email.
The Device Administration API only supports certainpolicies. If you need to restrict the use of the device, it might also be a good idea to tie in your app with the Exchange Email (or a corporate account, since you mentioned it's for office users). A typical corporate Exchange account has a much larger policy set.
a customer ordered us a tablet application, but they need a lot of access restriction to lock device functions such as:
Permit datas transfer only inside the application not outside
Restricted user access on the device (something close to admin and normal user permissions)
A framework/API that permit to create an internal mail reader/sender
Public API of iOS makes impossible to fulfill those requirements. I was wondering if Android makes life easier when there are those kind of restriction.
UPDATE: To make understand better the field of use. I'm talking about an application that "force" the device to be used just only with that application for an Enterprise use. The app is just like a CRM but the device should be blocked in some functions to make users only work with them and NOT playing or use facebook, market etc.
Not sure you can achiev all of those, but you should look into the device policy for android here and here.
1) Not sure what you mean by point 1. If you mean controlling all data transfer from the device, you might be a in a bind considering the only way to get a firewall running on android is by rooting the device. Perhaps you could look into writing a custom launcher/home like KidZone that only shows approved apps? - Not nearly as secure, though.
2) Honeycomb, so far, doesn't have multi-user support - though you can have multiple google accounts registered. The custom launcher could help in this regard though.
3) I don't see the point of doing this unless they already have a custom mail infrastructure in place. Otherwise just go with exchange.
Permit datas transfer only inside the application not outside
Do not request the INTERNET permission.
Restricted user access on the device (something close to admin and normal user permissions)
You would have to implement this yourself.
A framework/API that permit to create an internal mail reader/sender
I have no idea what this means.