Android device management (for Enterprise Development)

Device management

Android 2.2 and later versions provide a set of device Management APIs to manage Android mobile phone devices, including device lock and camera disabling (4.0 and later), erase user data (also can erase the data in sdcard, but to 2.3) and a series of device management policies, see the definition of devicepolicymanager class (http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html ), the following are some specific steps ~

Declare and define policies

Before using the device management function, you must declare and define the device policies to be used in RES/XML/device_admin.xml, which will be executed by our applications, if you are not running
Res/XML/device_admin.xml declare and define the policy, it will throwSecurityExceptionException. The definition is as follows:

<device-admin xmlns:android="http://schemas.android.com/apk/res/android">    <uses-policies>        <limit-password />        <watch-login />        <reset-password />        <force-lock />        <wipe-data />        <expire-password />        <encrypted-storage />        <disable-camera />        <disable-keyguard-features />    </uses-policies></device-admin>

Receive some events in device management

During device management operations, important events may need to be known according to the specific business logic. For example, if you cancel a device management event, this event is very important, we must know that the user has done this operation, so as to perform some logic processing or prompt the user, there are many events here will not be said here, For details, see deviceadminreceiver (http://developer.android.com/training/enterprise/device-management-policy.html#CreateDeviceAdminReceiver ), we can inherit deviceadminreceiver and override some callback methods, which may be as follows:

Public class adminreceiver extends deviceadminreceiver {@ overridepublic devicepolicymanager getmanager (context) {return Super. getmanager (context) ;}@ overridepublic componentname getwho (context) {return Super. getwho (context);}/*** disable */@ overridepublic void ondisabled (context, intent) {toast. maketext (context, "Disable device management", toast. length_short ). show (); super. ondisabled (context, intent) ;}@ overridepublic charsequence ondisablerequested (context, intent) {return Super. ondisablerequested (context, intent);}/*** activate */@ overridepublic void onenabled (context, intent) {toast. maketext (context, "start device management", toast. length_short ). show (); super. onenabled (context, intent) ;}@ overridepublic void onpasswordchanged (context, intent) {super. onpasswordchanged (context, intent) ;}@ overridepublic void onpasswordfailed (context, intent) {super. onpasswordfailed (context, intent) ;}@ overridepublic void onpasswordsucceeded (context, intent) {super. onpasswordsucceeded (context, intent) ;}@ overridepublic void onreceive (context, intent) {super. onreceive (context, intent) ;}@ overridepublic ibinder peekservice (context mycontext, intent Service) {// logger. D ("------" + "peekservice" + "------"); return Super. peekservice (mycontext, service );}}

Of course, you still need to register in the manifest file like a normal aggreger. Note that during the registration process, you still need to reference the policy list we just defined.

        <receiver            android:name=".receiver.AdminReceiver"            android:description="@string/device_des"            android:label="@string/device_label"            android:permission="android.permission.BIND_DEVICE_ADMIN" >            <meta-data                android:name="android.app.device_admin"                android:resource="@xml/device_manager" />            <intent-filter>                <action android:name="android.app.action.DEVICE_ADMIN_ENABLED" />            </intent-filter>        </receiver>

Activate a device Administrator

Before executing the policy, we must turn our application into a device administrator. In this way, the permission is used to execute some device management policies, because device management involves operations on devices or user data, therefore, this step must let users know and let users choose. We cannot do this silently in the background, but I personally think this is not a good operation, even if many users give him a prompt and give him the option, they will not understand it, this may cause some nasty damages to some illegal applications (directly clear all the data in the sdcard)

Private void setdevicemanager () {// get the device management service mpolicymanager = (devicepolicymanager) getsystemservice (context. device_policy_service); // adminreceiver inherits from deviceadminreceiver mplcmanagercn = new componentname (this, adminreceiver. class); If (! Mpolicymanager. isadminactive (mplcmanagercn) {activeadminmanager (mplcmanagercn );}}

/*** Activate Device Manager */private void activeadminmanager (componentname CN) {// start device management (implicit intent)-In androidmanifest. set intent = new intent (devicepolicymanager) in XML. action_add_device_admin); // permission list intent. putextra (devicepolicymanager. extra_device_admin, CN); // description (additional explanation) intent. putextra (devicepolicymanager. extra_add_explanation, getstring (R. string. device_des); startactivityforresult (intent, 100 );}

After the command is executed, the following page is displayed to allow the user to select whether to activate the device administrator.

We can know the user's choice by overwriting onactivityresult (INT requestcode, int resultcode, intent data ).

@Overrideprotected void onActivityResult(int requestCode, int resultCode, Intent data) {super.onActivityResult(requestCode, resultCode, data);Log.i("INFO", "requestCode : " + requestCode + "   resultCode:"+resultCode );}

When you select activate, we can execute the declared policy. Here we will only introduce the use of the erased data policy.

mPolicyManager.wipeData(0);

The wipedata () method only receives 0 andWIPE_EXTERNAL_STORAGEWhen the table is in the "0" era, only user data is cleared (whether the app uninstalls all the data stored by the app on your mobile phone or not ).WIPE_EXTERNAL_STORAGEThe data in the sdcard is also cleared, which requires special attention.

Note that the device management API is added after 2.2. Therefore, you need to determine the version of the device operating system in a specific application to see if the policy is supported. Among all policies, password policies are the most complex and complete. If you want to learn more, go to ghost and go to http://developer.android.com/guide/topics/admin/device-admin.htmlfor a more detailed introduction.

Reference: http://developer.android.com/training/enterprise/device-management-policy.html#CreateDeviceAdminReceiver

Http://developer.android.com/guide/topics/admin/device-admin.html