I would like to build an enterprise application. So in these case. i want remotely manage my Android Device,
Example. I want to disable USB port my office users device & New application installation. Since device will be provided by us , So in order to main security.
How to achieve this. Did Google Provides any APIS
From the Dev Guide:
http://developer.android.com/guide/topics/admin/device-admin.html
Android 2.2 provides a Device Administration API that allows you to set certain policies for the device on which your app gets installed. There is also a step-by-step tutorial on the same page.
This API has been used in some of the existing apps that come bundled with the Android source code. For eg: Exchange Email.
The Device Administration API only supports certainpolicies. If you need to restrict the use of the device, it might also be a good idea to tie in your app with the Exchange Email (or a corporate account, since you mentioned it's for office users). A typical corporate Exchange account has a much larger policy set.
Related
I want create an app to restrict android system internet. I also want to block other applications and Bluetooth. (Without rooting device)
How can I achieve it using android device admin APIs?
Please let me know in case of any other solutions for enforcing such system level restriction.
These features are accessible to Profile owners and Device Owners. I would request you to Read about Google EMM and Device Provisioning. Google allows you to use their EMM API to manage devices via a Google EMM Community account. Alternativly you can use various 3rd party EMM or MDM solutions like Kardamom or IBM MaaS360
Our company is building an internal mobile app for corporate mobile devices. AirWatch is used as an MDM solution.
App would have to access data from internal servers (by calling Web.API services). Additionally, each user will have to use their AD (Active Directory) accounts to login to the app (verified against internal AD records). I envision this can be done through Web.API service as well?
I've researched that for existing applications AirWatch provides "App Wrapping" (link), which supposedly takes care of Authentication & App Tunneling (granting access and routing your Mobile App to internal corporate servers using AirWatch VPN).
However I don't have any info on how to implement this. Has anyone done anything similar? Any advice would be appreciated.
I've never done it before but according to the AirWatch documentation:
You can apply available AirWatch SDK and App Wrapping features to your internal applications to integrate your applications and add extra functionality.
Then, just have to implement your app, with or without the SDK but I advise you to integrate it, and upload it on the AirWatch Console. There, you can a procedure to enable App Wrapping and configure options.
Contact your AirWatch administrator to access App Wrapping Guide, Mobile Application Management Guide, AirWatch Software Develpment Kit for Android.
I have the following requirement for a client, could you advise me the correct direction.
Client wants and Android device which is fully controlled by device remote admin features. Where I need to accomplish following features.
Lock Play store so users cannot install apps
User access certain apps in certain time of the day
User should be able to use the phone only a specific.
All these parameters, can be changed from a remote admin panel.
Could you provide me with some article or something which helps me do that.
I see this : http://developer.android.com/guide/topics/admin/device-admin.html
Is it possible to deploy a mobile profile on an Android device that enforces the use of a pass-code lock by the end user? Similar to how with iOS devices a company can deploy a mobile configuration XML file which enforce settings like the pass-code lock requirement. Is there an equivalent of this for android ? If so which versions of android support this?
Thank you.
yes. the way you do it is to use Android's device admin facility.
Android 2.2 introduces support for enterprise applications by offering
the Android Device Administration API. The Device Administration API
provides device administration features at the system level. These
APIs allow you to create security-aware applications that are useful
in enterprise settings, in which IT professionals require rich control
over employee devices.
in a nutshell, you send the user through a short workflow that ask them to approve your app's activity as a device admin, then you can you use the DevicePolicyManager API to define security policies for the device (such as password policy).
the first link i provided is very good and it walks you through the whole process, so i won't try to duplicate that here.
Can any one help me out how to do MDM Integration in Android from client and server prespective?
I want to do an enterprise application which having lock and wipe functionality. I have no any clue of workflow of MDM in Android.
Thanks.
Android Device Admin API will do both things what you want to do (lock/wipe device and even more). An example is given and also you can find this complete source code in your Android SDK directory.
Now as client server perspective:
You have to implement your task (lock and wipe) in your android application (in client, i.e. known as agent). Now your application should be capable to communicate with your server or vice-verse.
I am 100% agree with adamk as he said "Remote controlling your application remains exclusively your responsibility - the Android framework does not provide (or enforce) any solution for that."
And Android gives your this feature too, as adamk said to use C2DM, he was right but now C2DM is deprecated, and GCM has been introduced, “a service that helps developers send data from servers to their Android applications on Android devices.” The service can send a message of up to 4 kb to an application on an Android device, most often to tell the application to retrieve a larger set of data. GCM will now handle all queueing and delivery for messages to Android applications.
You should read how to use GCM, and you can find sample code too. Download GCM Android Library from SDK Manager
and check android-sdk/extras/google/GCM directory
After establishing successful communication between your agent and server, evaluate msg in agent sent by server and perform desire action (lock/ wipe). This is again up to you how you define your message payload and how you handle those payloads in agent application.
Here is an article about Android MDM.
Happy Coding :)
You can use DeviceAdmin to gain privileges for managing the Lock preferences and performing device wipe (among other stuff).
(The user must add your app as a device administrator beforehand)
Remote controlling your application remains exclusively your responsibility - the Android framework does not provide (or enforce) any solution for that.
You may want to consider using Google's C2DM API, which is a convenient push mechanism.
As mentioned in the above answer, DeviceAdmin API can help. If you are using an Android device, you might know about the Android Device Manager (the web-based version) which allows you to manage your device. Basically, you can track, locate, lock, and wipe your device, some of the basic features of an MDM solution. So, in coding (though I am not a coding expert), you need to get access to the Device Manager (I guess, using some listener codes, or notification access).
Apart from this, MDM allows creating policies and groups of users (which would be a part of the coding in the app itself), then pushing the command over the internet (or OTA) to the connected device.
MDM also allows managing Apps and Data on the device, for which, you need the app to get access to the internal as well as external device storage.
Hope this helps. Good luck creating your MDM software