Now Loading
Logo Image

Proget Console

Home  /  Proget Console  /  Administrator guide  /  Policies  /  Android Enterprise Device Owner

Android Enterprise Device Owner

Password
Password required
  • Policy defines requirements for device password. Once done, user must set the device password.
    • Force complicated password
  • The user must have entered a password containing at least numeric characters with no repeating (4444) or ordered (1234, 4321, 2468) sequences.
    • Password length
  • The policy defines the minimum length of the password used on the device.
    • Required number of numerical characters
  • Policy defines the number of numerical characters in the device password.
    • Required number of lower case characters
  • Policy defines the number of lower case characters in the device password.
    • Required number of capital characters
  • Policy defines the number of A-Z capital characters in the device password.
    • Required number of special characters
  • Policy defines the number of special !@#$%^&*()_+<>:”?{}| characters in the device password.
    • Number of attempts to unlock
  • Policy defines the number of incorrect password attempts followed by a device wipe. The policy does not support Direct Boot if restoring the device to factory settings is forbidden.
  • Number of passwords saved
  • Policy defines how many prior passwords the device shodivd remember while changing the password.
    • Password expiration
  • Policy defines how long the password may be used and sets the time for the user to change the password on the device.
    • Allow unlock device using fingerprint
  • Policy determines whether the user can use a fingerprint to unlock the device. If the policy is disabled, the user must enter a password to unlock the device.
    • Allow the iris scanner
  • The function allows the user to configure the iris scanner and use this function to unlock the device. This rdive applies only to devices running Android 9.0 and later.
    • Allow face recognition
  • The function allows the user to configure face recognition and use this function to unlock the device. This rdive applies only to devices running Android 9.0 and later.
    • Require lock screen message
  • Policy determines whether a defined message is visible on the locked screen of the device.
    • Lock screen message
  • In the window you can define the message that is sent to the device and displayed on the locked screen of the device. The global variables are active in the popup pane. So, if you set {UserDisplayName} to a device with this policy, a value matching the global variable for that user will be sent.
    • Require device lock with wrong password
  • The policy allows you to enter a device lock after a certain number of unsuccessfdiv attempts to enter the password by the user. The policy works simdivtaneously with the policy “Number of attempts to unlock”.
    • Number of unlocking attempts
  • The policy determines the number of incorrect attempts to enter a password that the user can perform before blocking the device
    • Message on a blocked device
  • Enter the message that you want to display on the blocked device
    • Phone number
  • Enter the phone number to which the user can make a call when the device is locked
    • Apps
    Allow uninstall apps
  • Policy determines whether the user can uninstall the applications installed on the device.
    • Allow access to public apps in the Google Play Store
  • The policy determines whether a user has access to public apps in the Google Play Store.
    • Specify how to grant permissions for apps
  • Policy determines how the permissions for applications are granted. Policy determines whether application permissions are granted automatically, are automatically discarded, or whether the user can decide.
    • Business apps updates
  • The policy allows to define how business apps should be updated.
    • Allow install apps in metered connections
  • The policy determines whether the device can install applications in metered connections. If your network has a data limit, you can define whether the device will install applications.
    • Force the use of Play Protect
  • The policy forces the use of Play Protect to verify the security of unknown apps.
    • Functionality
    Allow use of Bluetooth
  • Policy determines whether you can use Bluetooth
    • Allow sharing via Bluetooth
  • The policy specifies whether the user can share data via Bluetooth.
    • Allow camera
  • The policy allows to use of camera. If unchecked, the camera will not work in all apps, including the Proget app.
    • Allow microphone
  • The policy allows to use of microphone. If unchecked, the microphone will not work in all apps, including the Proget app.
    • Allow configuring mobile networks
  • Policy determines whether the user can change the mobile network settings such as network access points, operating mode, network operators.
    • Allow mobile data usage while roaming
  • Policy determines whether the user can use cellular data when the device is in roaming. If the policy is disabled, the user cannot use the Internet while the device is in roaming.
    • Allow tethering configuration and mobile hotspots
  • Policy determines whether the user can set up a tethering and mobile hotspot.
    • Allow edit Wi-Fi configuration
  • Policy determines whether the user can add new Wi-Fi connections. If policy is disabled, the ability to set up new connections is blocked. Wi-Fi connections which was added before policy implementation will continue to be active but will be not editable.
    • Specify settings for Wi-Fi sleep configuration
  • Policy determines the Wi-Fi sleep settings when the device is idle.
    • Allow removing added Wi-Fi networks
  • The policy specifies whether the user can delete Wi-Fi networks added by the administrator using the Wi-Fi profile.
    • Allow Airplane Mode
  • Policy allows to enable airplane mode on your device. Available from Android 9.
    • Allow user-configured VPN
  • Policy determines whether the user can manually configure the VPN profile and change the settings of already added VPN connections. VPN profiles which was added before policy implementation will continue to be active.
    • Allow outgoing calls
  • Policy determines whether the user can make outgoing calls.
    • Allow SMS messages
  • Policy determines whether the user can send and receive SMS.
    • Allow USB file transfer
  • Policy determines whether the user can transfer data from and to the device using a USB connection.
    • Allow mounting physical media
  • Policy determines whether the user can mounting physical media such as SD card and flash drive using USB OTG.
    • Set time automatically
  • Policy determines whether the user can change the time settings. If the policy is enabled, the user cannot manually change the time on the device.
    • Set timezone automatically
  • Policy determines whether the device can automatically change the time zone. If the policy is enabled, the user cannot change the time zone on the device.
    • Allowed input methods
  • Policy determines whether the user can use any input method (for example, a keyboard), only the input methods provided by the device, or only the input methods provided by the device plus additional input methods you specify.
    • Allowed App
  • Add an allowed app package ID, e.g. com.android.example
    • Allowed accessibility services
  • Policy determine accessibility services that the user can access. By default, the user can use any accessibility service. System accessibility services may be for example Voice Assistant.
    • Allowed App
  • Add an allowed app package ID, e.g. com.android.example
    • Default launcher
  • Policy determines the package ID of the launcher app that must be used on the device. For this rule to apply to the device, you must push the launcher app to the device.
    • Limit mobile data usage by apps
  • Provide the package ID of apps that will not be able to use the internet via mobile data. Available from Android 9.
    • Force Always on VPN
  • The policy forces indicated VPN app to maintain the connection continuously.
    • Add VPN app
    Block internet access when VPN is not connected
  • The policy disable internet access if the VPN connection with the selected apps is not established. Available from Android 10.
    • Add exceptions
  • After adding apps to the exceptions, they will be able to connect to the internet despite the blockade being set. Available from Android 10.
    • Allow to change the screen wallpaper
  • Policy determines whether the user can change the screen wallpaper
    • Allow backup services
  • The policy determines whether the user can use backup services.
    • Security
    Allow adding and delete user accounts
  • Policy determines whether the user can add and delete accounts such as the email account.
    • Allow take screenshots
  • Policy defines if user may do screenshots
    • Allow developer mode
  • Policy determines whether the user can enable Developer Mode. If the policy is disabled, the Developer Mode return to the default settings.
    • Allow safe boot of the device
  • Policy determines whether the user can start safe mode on the device. In safe mode, the device starts up without the third party applications.
    • Allow factory reset
  • Policy determines whether the user can restore the device to factory. Restoring device to factory removes the MDM agent and device will be unmanaged.
    • Use Factory Reset Protection Get Google ID
  • The policy force the use of Factory Reset Protection. If the device is restored to factory settings, you will be required to enter the Google ID account details listed below.
    • Allow the user to deactivate the MDM agent
  • The policy determines whether the user can deactivate the device from the MDM agent.
    • Allow clearing of application data
  • Policy allows to clear Proget app data. Clearing the data will disconnect the device from the system.
    • Allow installation of non Google Play apps
  • Policy determine whether a user can install non-Google Play apps using the ACTION_INSTALL_PACKAGE mechanism.
    • Allow adding and deleting Google accounts
  • Policy determines whether the user can add and delete Google account. If the policy is disabled, the user cannot add new and delete existing Google accounts.
    • Require device registration in Microsoft Entra ID
  • The policy enforces user registration in Microsoft Entra ID. If the policy is enabled, the device will be instructed to sign in to a Microsoft account in purpose of its registration.
    • Automatically set the user login
  • Setting this field will automatically insert the specified user login when logging into Microsoft account.
    • Allow using two SIM cards at the same time
  • Policy determines whether you can use two SIM cards at the same time if the device supports two SIM card slots. If the policy is turned off, the device will be blocked until the second SIM card is removed.
    • Block the SIM card with the PIN code for slot 1 (Samsung only)
  • Policy defines whether the device should save a permanent PIN code to unlock the SIM card. Turning on a permanent PIN will block the company’s SIM card usage on another device. Each time a company device is turned on, device will automatically unlocks the SIM card using the permanent PIN code. However, if the SIM card is moved to another device, it will remain locked because the PIN code is not known to the user. The policy applies to slot 1.
    • PIN code for slot 1
    Block the SIM card with the PIN code for slot 2 (Samsung only, if applicable)
  • Policy defines whether the device should save a permanent PIN code to unlock the SIM card. Turning on a permanent PIN will block the company’s SIM card usage on another device. Each time a company device is turned on, device will automatically unlocks the SIM card using the permanent PIN code. However, if the SIM card is moved to another device, it will remain locked because the PIN code is not known to the user. The policy applies to slot 2 (if applicable).
    • PIN code for slot 2
    Force device periodically connection to the server
  • Policy determines whether the device have to connect to the MDM server at a specific time interval. Enabling this policy forces the device to contact the server periodically. The date of the last connection will be saved on the server each time.
    • Maximum time to lock
  • Policy set the maximum time for user activity until the device will lock. This limits the length that the user can set in device settings.
    • Time to lock (in minutes)
    Action after exceeding the inactivity time
  • Policy determines whether a defined action should be taken (Clear device data, Clear company data or Block device) after a specified period of inactivity. Action will be taken automatically if the last contact of the device with the server exceeds the defined inactivity time.
    • Inactivity time (in days)
    Action
    Message on a blocked device
  • Enter the message that you want to display on the blocked device
    • Phone number
  • Enter the phone number to which the user can make a call when the device is locked
    • Allow using Smart Lock
  • The policy defines the possibility of using Smart Lock on device.
    • Bluetooth
  • The policy allows you to automatically unlock your phone when it is connected via Bluetooth to a trusted device, such as a watch or an in-car speakerphone.
    • NFC
  • The policy allows you to automatically unlock your phone using a trusted NFC tag.
    • Trusted places
  • The policy allows you to configure Trusted places. The device will stay automatically unlocked within a radius of up to 80 meters from the Trusted place.
    • Face
  • The device will automatically unlock when it recognizes your face. If you set up a trusted face, the device will search for it each time it starts, and it will unlock when it recognizes it.
    • On-body
  • The policy allows you to leave the device unlocked when the device is next to the user (e.g. in his hand, pocket or bag). The device will be locked only after the device has been put down (e.g. on a table); the lock will be activated automatically within a minute.
    • Voice
  • The policy allows you to unlock the Google Assistant when saying “Ok Google” on the lock screen, after the device recognized the previously recorded voice. You can give Google commands or open websites without the need to manually unlock the device.
    • Service password
  • The service password allows to define a password to unlock a blocked device, i.e. lost mode. The password defined in the policy works simultaneously with the password on the device card.
    • Lock screen notifications
  • Policy allows you to specify the maximum level of detail of information in notifications on a locked screen (the user can always reduce this level manually).
    • Store photos from locked device
  • Policy defines the maximum time for storing photos on the server taken during the lockdown of the device.
    • Managing operating system updates
  • The policy allows to specify how system updates are managed on your device.
    • Mode
    From
    To
    Location
    Manage location modes
  • The policy allows to define the mode in which the location on the device should be run. Feature available on devices with Android lower than 9.
    • Manage location state
  • The policy allows to set location services on the device. Available from Android 11.