1 page.title=Implementing Device Administration 2 @jd:body 3 4 <!-- 5 Copyright 2015 The Android Open Source Project 6 7 Licensed under the Apache License, Version 2.0 (the "License"); 8 you may not use this file except in compliance with the License. 9 You may obtain a copy of the License at 10 11 http://www.apache.org/licenses/LICENSE-2.0 12 13 Unless required by applicable law or agreed to in writing, software 14 distributed under the License is distributed on an "AS IS" BASIS, 15 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 See the License for the specific language governing permissions and 17 limitations under the License. 18 --> 19 <div id="qv-wrapper"> 20 <div id="qv"> 21 <h2>In this document</h2> 22 <ol id="auto-toc"> 23 </ol> 24 </div> 25 </div> 26 27 <p>This page walks you through the many features in Android 5.0 and higher 28 platform release that need to be enabled and validated on devices to make them 29 ready for managed profile and device owner user cases that are essential to using 30 them in a corporate environment. In addition to the related Android Open Source 31 Project (AOSP) code, there are a number of additional components required for a 32 device to function with managed profiles.</p> 33 34 <h2 id=requirements>Requirements</h2> 35 36 <p>The following uses-feature need to be defined:</p> 37 38 <pre> 39 android.software.managed_users 40 android.software.device_admin 41 </pre> 42 43 <p>Confirm with: <code>adb shell pm list features</code></p> 44 45 <p>It should not be a low-RAM device, meaning <code>ro.config.low_ram</code> 46 should not be defined. The framework automatically limits the number of users 47 to 1 when the <code>low_ram</code> flag is defined.</p> 48 49 <p>By default, only applications that are essential for correct operation of the 50 profile should be enabled as part of provisioning a managed device.</p> 51 52 <p>OEMs must ensure the managed profile or device has all required applications by 53 modifying:</p> 54 55 <pre> 56 vendor_required_apps_managed_profile.xml 57 vendor_required_apps_managed_device.xml 58 </pre> 59 60 <p>Here are examples from a Nexus device:</p> 61 62 <code>packages/apps/ManagedProvisioning/res/values/vendor_required_apps_managed_device.xml</code> 63 64 <pre> 65 <resources> 66 <!-- A list of apps to be retained on the managed device --> 67 <string-array name="vendor_required_apps_managed_device"> 68 <item>com.android.vending</item> <!--Google Play --> 69 <item>com.google.android.gms</item> <!--Required by Play --> 70 <item>com.google.android.contacts</item> <!--Google or OEM Contacts--> 71 <item>com.google.android.googlequicksearchbox</item> <!--Google Launcher --> 72 <item>com.google.android.launcher</item> <!--Google Launcher or OEM Launcher --> 73 <item>com.google.android.dialer</item> <!--Google or OEM dialer to enable making phone calls --> 74 </string-array> 75 </resources> 76 </pre> 77 78 <code> 79 packages/apps/ManagedProvisioning/res/values/vendor_required_apps_managed_profile.xml 80 </code> 81 82 <pre> 83 <resources> 84 <!-- A list of apps to be retained in the managed profile. This includes any Google experience apps required. --> 85 <string-array name="vendor_required_apps_managed_profile"> 86 <item>com.android.vending</item> <!-- Google Play --> 87 <item>com.google.android.gms</item> <!-- Required by Play --> 88 <item>com.google.android.contacts</item> <!-- Google or OEM Contacts --> 89 </string-array> 90 </resources> 91 </pre> 92 93 <h3 id=launcher>Launcher</h3> 94 95 <p>The launcher must support badging applications with the icon badge provided 96 in the Android Open Source Project (AOSP) to represent the managed applications 97 and other badge user interface elements such as recents and notifications.</p> 98 99 <p>Update the Launcher to support badging. If you use <a 100 href="https://android.googlesource.com/platform/packages/apps/Launcher3/">launcher3</a> 101 in AOSP as-is, then you likely already support this badging feature. 102 </p> 103 104 <h3 id=nfc>NFC</h3> 105 106 <p>On devices with NFC, NFC must be enabled in the Android Setup Wizard and 107 configured to accept managed provisioning intents:</p> 108 109 <code>packages/apps/Nfc/res/values/provisioning.xml</code> 110 111 <pre> 112 <bool name="enable_nfc_provisioning">true</bool> 113 <item>application/com.android.managedprovisioning</item> 114 </pre> 115 116 <h3 id=setup_wizard>Setup Wizard</h3> 117 118 <p>The Android Setup Wizard needs to support device owner provisioning. When it 119 opens, it needs to check if another process (such as device owner provisioning) 120 has already finished the user setup. If this is the case, it needs to fire a 121 home intent and finish the setup wizard. </p> 122 123 <p>This intent will be caught by the provisioning application, which will then 124 hand over control to the newly set device owner. This can be achieved by adding 125 the following to your setup wizards main activity:</p> 126 127 <pre> 128 @Override 129 protected void onStart() { 130 super.onStart(); 131 132 // When returning to a setup wizard activity, check to see if another setup process 133 // has intervened and, if so, complete an orderly exit 134 boolean completed = Settings.Secure.getInt(getContentResolver(), 135 Settings.Secure.USER_SETUP_COMPLETE, 0) != 0; 136 if (completed) { 137 startActivity(new Intent(Intent.ACTION_MAIN, null) 138 .addCategory(Intent.CATEGORY_HOME) 139 .addFlags(Intent.FLAG_ACTIVITY_NEW_TASK 140 | Intent.FLAG_ACTIVITY_CLEAR_TASK 141 | Intent.FLAG_ACTIVITY_RESET_TASK_IF_NEEDED)); 142 finish(); 143 } 144 145 ... 146 } 147 </pre> 148
