Now Loading
Logo Image

Proget Console

Home  /  Proget Console  /  Administrator guide  /  Policies  /  Samsung Knox

Samsung Knox

Password
Password required
  • Policy defines requirements for device password. Once done, user must set the device password.
    • Force complicated password
  • The user must have entered a password containing at least numeric characters with no repeating (4444) or ordered (1234, 4321, 2468) sequences.
    • Password length
  • The policy defines the minimum length of the password used on the device.
    • Required number of numerical characters
  • Policy defines the number of numerical characters in the device password.
    • Required number of lower case characters
  • Policy defines the number of lower case characters in the device password.
    • Required number of capital characters
  • Policy defines the number of A-Z capital characters in the device password.
    • Required number of special characters
  • Policy defines the number of special !@#$%^&*()_+<>:”?{}| characters in the device password.
    • Number of attempts to unlock
  • Policy defines the number of incorrect password attempts followed by a device wipe.
    • Number of passwords saved
  • Policy defines how many prior passwords the device should remember while changing the password.
    • Password expiration
  • Policy defines how long the password may be used and sets the time for the user to change the password on the device.
    • Allow unlock device using fingerprint
  • Policy determines whether the user can use a fingerprint to unlock the device. If the policy is disabled, the user must enter a password to unlock the device. Fingerprints saved before the policy was applied will still be available.
    • Allow the iris scanner
  • The function allows the user to configure the iris scanner and use this function to unlock the device. This rule applies only to devices running Android 9.0 and later.
    • Allow face recognition
  • The function allows the user to configure face recognition and use this function to unlock the device. This rule applies only to devices running Android 9.0 and later.
    • Require lock screen message
  • Policy determines whether a defined message is visible on the locked screen of the device. This rule applies only to devices running Android 7.0 and later.
    • Lock screen message
  • In the window, you can define the message that is sent to the device and displayed on the locked screen of the device. The global variables are active in the popup pane. So, if you set {UserDisplayName} to a device with this policy, a value matching the global variable for that user will be sent.
    • Require device lock with wrong password
  • The policy allows you to enter a device lock after a certain number of unsuccessful attempts to enter the password by the user. The policy works simultaneously with the policy “Number of attempts to unlock”. The policy is not supported since Android 10.0.
    • Number of unlocking attempts
  • The policy determines the number of incorrect attempts to enter a password that the user can perform before blocking the device.
    • Message on a blocked device
  • Enter the message that you want to display on the blocked device.
    • Phone number
  • Enter the phone number to which the user can make a call when the device is locked.
    • Apps
    Allow using cookies
  • Policy defines if browser may use cookies.
    • Allow autocomplete of fields
  • Policy defines if browser may use autocomplete.
    • Allow use of JavaScript
  • Policy defines if browser may use JavaScript.
    • Allow pop-ups
  • Policy defines if browser should block pop-ups.
    • Allow use Google Play
  • Policy determines whether a user can install apps from the Google Play store. Policy requires Knox Standard SDK 1.0.0.
    • Allow Android Backup Service
  • Policy determines whether the user can backup the device using Google services. Device backup is stored on Google’s servers. Policy requires Knox Standard SDK 2.0.0.
    • Allow uninstall apps
  • Policy determines whether the user can uninstall the applications installed on the device.
    • Functionality
    Allow camera
  • The policy allows the use of the camera. If unchecked, the camera will not work in all apps, including the Proget app.
    • Allow voice calls while roaming
  • Policy determines whether the user can make voice calls when the device is in roaming. Policy requires Knox Standard SDK 3.0.0
    • Allow use of Bluetooth
  • Policy determines whether you can use Bluetooth.
    • Allow use of NFC
  • Policy determines whether you can use NFC.
    • Allow Wi-Fi
  • Policy determines whether the device can connect to a Wi-Fi network. If the policy is disabled and then re-enabled, the device cannot connect to the Wi-Fi network until it is restarted.
    • Allow Wi-Fi Direct
  • Policy determines whether the device can use Wi-Fi Direct technology, including S Beam functionality on Samsung devices. Policy requires Knox Standard SDK 4.0.0
    • Allow VPN
  • The policy specifies whether the device can establish and change VPN settings natively. External applications can still establish a VPN connection. Policy requires Standard SDK 2.2.0
    • Allow mobile data usage while roaming
  • Policy determines whether the user can use cellular data when the device is in roaming. If disabled, the user cannot use the Internet while roaming.
    • Allow automatic sync while roaming
  • Policy determines whether the device can automatically synchronize data while roaming. If disabled, the user cannot synchronize data and cannot change these settings. Policy requires Knox Standard SDK 1.0.0
    • Allow WAP push while roaming
  • Policy determines whether the device can receive WAP messages while roaming. If disabled, the device cannot receive MMS messages. Policy requires Knox Standard SDK 1.0.0
    • Allow use USB OTG
  • Policy determines whether the user can connect external devices via USB OTG. If disabled, no external devices can be connected. Policy requires Knox Standard SDK 4.0.0
    • Allow Media Transfer Protocol (MTP)
  • Policy determines whether the user can send data via USB using MTP protocol. If disabled, photo uploads using PTP protocol are also blocked. Policy requires Knox Standard SDK 2.0.0
    • Allow microphone
  • The policy allows the use of the microphone. If unchecked, the microphone will not work in all apps, including the Proget app.
    • Allow audio recording
  • Policy defines if audio recording is allowed, including for voice calls, voice identification, and VoIP technology. Policy requires Knox Standard SDK 2.0.0
    • Allow video recording
  • Policy defines if video recording is allowed. Policy requires Knox Standard SDK 2.0.0
    • Allow date and time changes
  • Policy determines whether the user can change the date and time on the device. Policy requires Knox Standard SDK 3.0.0
    • Force automatic time sync
  • The policy determines whether the device should automatically update the date and time. Policy requires Standard SDK 2.0.0
    • Manage location services
  • Policy allows specifying the status of location services, dictating whether users must use, cannot use, or can choose to use location services. Not supported since Android 9.0. Policy requires KNOX Standard SDK 2.0.0.
    • Allow adding email accounts
  • Policy defines if users may add email accounts. Policy requires Knox Standard SDK 4.0.0
    • Allow Google auto-sync
  • Policy determines whether the device can automatically sync Google accounts and update apps from the Google Play store. If disabled, users can still sync accounts and update apps manually. Policy requires Knox Standard SDK 5.0.0
    • Allow multiple user accounts
  • Policy determines whether multiple user accounts can be created on the device. Policy requires Knox Standard SDK 4.0.0
    • Allow users to modify the Settings app
  • Policy determines whether the user can make changes to the device settings. Policy requires Knox Standard SDK 2.0.0
    • Allow to change the screen wallpaper
  • Policy determines whether the user can change the screen wallpaper.
    • Security
    Allow take screenshots
  • Policy defines if the user may take screenshots.
    • Allow Bluetooth tethering
  • Policy determines whether the device can share mobile data transfer with other devices using Bluetooth. If the policy is disabled, the user cannot change this setting. Policy requires Knox Standard SDK 2.0.0.
    • Allow USB tethering
  • Policy determines whether the device can share mobile data transfer with other devices using USB. If the policy is disabled, the user cannot change this setting. Policy requires Knox Standard SDK 2.0.0.
    • Allow Wi-Fi tethering
  • Policy determines whether the device can share mobile data transfer with other devices using Wi-Fi Hotspot. If the policy is disabled, the user cannot change this setting. Policy requires Knox Standard SDK 2.0.0.
    • Allow developer mode
  • Policy determines whether the user can enable Developer Mode. If the policy is disabled, Developer Mode returns to the default settings. Policy requires Knox Standard SDK 5.0.0.
    • Allow USB debugging mode
  • Policy defines the use of USB debugging mode. Policy requires Knox Standard SDK 2.0.0.
    • Require fast device encryption
  • Policy determines whether the user can use the device’s fast encryption option. Encryption will be accelerated, but only limited data will be encrypted. Policy requires a security password.
    • Allow SD card
  • The policy determines whether the user can use an external SD memory card. If the policy is disabled, the user and system administrator will receive information about the device’s incompatibility with the company’s policies.
    • Require SD card encryption
  • Policy forces the external SD memory card to be encrypted if supported by the device. Policy requires Knox Standard SDK 2.0.0.
    • Allow take screenshots
  • Policy defines if the user may take screenshots.
    • Allow Bluetooth tethering
  • Policy determines whether the device can share mobile data transfer with other devices using Bluetooth. If policy is disabled, the user cannot change this setting. Policy requires Knox Standard SDK 2.0.0.
    • Allow USB tethering
  • Policy determines whether the device can share mobile data transfer with other devices using USB. If policy is disabled, the user cannot change this setting. Policy requires Knox Standard SDK 2.0.0.
    • Allow Wi-Fi tethering
  • Policy determines whether the device can share mobile data transfer with other devices using Wi-Fi Hotspot. If policy is disabled, cannot change this setting. Policy requires Knox Standard SDK 2.0.0.
    • Allow developer mode
  • Policy determines whether the user can enable Developer Mode. If the policy is disabled, the Developer Mode returns to the default settings. Policy requires Knox Standard SDK 5.0.0.
    • Allow USB debugging mode
  • Policy defines the use of USB debugging mode. Policy requires Knox Standard SDK 2.0.0.
    • Require fast device encryption
  • Policy determines whether the user can use the device’s fast encryption option. Encryption of the device will be accelerated, but only limited data will be encrypted. Policy requires a security password.
    • Allow SD card
  • The policy determines whether the user can use an external SD memory card. If the policy is disabled, the user and system administrator will receive information about the device’s incompatibility with the company’s policies.
    • Require SD card encryption
  • Policy forces the external SD memory card to be encrypted if supported by the device. Policy requires Knox Standard SDK 2.0.0.
    • Allow the user to deactivate the MDM agent
  • The policy determines whether the user can deactivate the device from the MDM agent.
    • Allow operating system updates
  • Policy determines whether the user can perform an operating system update. Policy requires Knox Standard SDK 3.0.0.
    • Allow Factory Reset
  • The policy allows resetting the device to factory settings.
    • Allow firmware recovery
  • Policy determines whether the user can start recovery mode to restore the operating system. Policy requires Knox Standard SDK 5.0.0.
    • Allow installation of non-Google Play apps
  • Policy determines whether a user can install apps other than from the Google Play store. If the policy is disabled, the user cannot change this setting on the device. If enabled, the user can access the interface allowing installs of non-Google Play store apps. Policy requires Knox Standard SDK 2.0.0.
    • Allow clearing of application data
  • Policy allows clearing Proget app data. Clearing the data will disconnect the device from the system.
    • Allow the user to de-activate the device administrator for the Proget application
  • The policy determines whether the user can deactivate the device administrator for the Proget application in device settings. If disabled, the user cannot deactivate the necessary rights for the Proget application and then disconnect the device from the MDM server.
    • Allow using two SIM cards at the same time
  • Policy determines whether you can use two SIM cards at the same time if the device supports two SIM card slots. If turned off, the device will be blocked until the second SIM card is removed. Not supported since Android 10.0.
    • Force device periodically connection to the server
  • Policy determines whether the device must connect to the MDM server at a specific time interval. Enabling this policy forces the device to contact the server periodically. The date of the last connection will be saved on the server each time.
    • Maximum time to lock
  • Policy sets the maximum time for user activity until the device locks. This limits the length that the user can set in device settings.
    • Time to lock (in minutes)
    Action after exceeding the inactivity time
  • Policy determines whether a defined action should be taken (Clear device data or Clear company data) after a specified period of inactivity. Action will be taken automatically if the last contact of the device with the server exceeds the defined inactivity time.
    • Inactivity time (in days)
    Action
    Block the SIM card with the PIN code for slot 1
  • Policy defines whether the device should save a permanent PIN code to unlock the SIM card for slot 1. Turning on a permanent PIN will block the company’s SIM card usage on another device.
    • PIN code for slot 1


    Block the SIM card with the PIN code for slot 2 (if applicable)
  • Policy defines whether the device should save a permanent PIN code to unlock the SIM card for slot 2. Turning on a permanent PIN will block the company’s SIM card usage on another device.
    • PIN code for slot 2


    Require device encryption
  • Policy forces the device to be encrypted if it is supported by the device.
    • Allow using Smart Lock
  • The policy defines the possibility of using Smart Lock on the device.
    • Bluetooth
  • The policy allows automatic unlocking of the phone when connected via Bluetooth to a trusted device.
    • NFC
  • The policy allows automatic unlocking of the phone using a trusted NFC tag.
    • Trusted places
  • The policy allows configuring Trusted places for automatic unlocking within a certain radius.
    • Face
  • The device will automatically unlock when it recognizes a trusted face.
    • On-body
  • The policy allows the device to remain unlocked when it is on the user’s body.
    • Voice
  • The policy allows unlocking the Google Assistant on the lock screen with a voice command.
    • Service password
  • The service password allows defining a password to unlock a blocked device, i.e., in lost mode.