Logo Entgra

All documentations
Android Device Policies | Entgra Iot Server

Android device policies

Add a policy

Pre-requisites

1.Go to devicemgt portal and click on Add policies (https://{IP}:{port}/devicemgt/policy/add)

image

2.Click on Android from “DEVICE TYPES”

image

3.Create your policy. In this tutorial, let’s create a passcode policy. After defining the settings, click CONTINUE.

  A profile in the context of Entgra IoT Server refers to a collection of policies.
  For example, in this use case you are only creating one policy that is the passcode policy.
  If you want to, you can add an restrictions policy too. 
  All these policies will be bundled as a profile and then pushed to the devices.

4.Select the policy type.

There are two types of policies.

  • General Policy: General policy is applied to the device by default.
  • Corrective Policy: Corrective policy is applied to the device when the general policy is violated. When the general policy is not violated the correctiv policy is disabled.

If you wish to apply a corrective policy with a general policy,

First apply a corrective policy by selecting the policy type as the corrective policy.

image

Then apply a general policy by selecting the policy type as the general policy.

image

Select the corrective policy to be applied when this general policy is violated.

image

5.Click CONTINUE.

6.Define the user groups that the passcode policy needs to be assigned to:

  Select the set user role/s or set user/s option and then select the users/roles from the item 
  list.
  Let's select set user role/s and then select ANY.

image

  Select the Select Groups option and then select the groups from the item 
  list.

image

7.Click CONTINUE.

8.Define the policy name and the description of the policy.

image

9.Click SAVE AND PUBLISH to save and publish the configured profile as an active policy to the database.

If you SAVE the configured profile, it will be in the inactive state and will not be applied 
to any devices. 
If you SAVE AND PUBLISH the configured profile of policies, it will be in the active state.

10.To publish the policy to the existing devices, click APPLY CHANGES TO DEVICES from the policy management page.

View a policy

1.Go to devicemgt portal and click on View policies (https://{IP}:{port}/devicemgt/devicemgt/policies image

Publish a policy

1.Click View under POLICIES to get the list of the available policies.

image

2.Click Select to select the policy or policies that are not in the publish state and you wish to publish.

image

3.Click Publish.

image

Unpublish a policy

1.Go to devicemgt portal and click on View policies (https://{IP}:{port}/devicemgt/devicemgt/policies

image

2.Click Select to select the policy or policies that are not in the publish state and you wish to publish.

image

3.Click Unpublish

image

4.Click YES to confirm that you want to unpublish the policy.

image

5.Now your policy is unpublished and is in the inactive/updated state. Therefore, the policy will not be applied on devices that enroll newly with Entgra IoT Server.

image

Verify the policy enforced on a device

1.Click View under DEVICES

image

2.Click on your device to view the device details. Click Policy Compliance.

3.You will see the policy that is currently applied to your device.

Manage the policy priority order

You can change the priority order of the policies and make sure the policy that you want is applied on devices that register with Entgra IoT Server.

1.Click View under POLICIES to get the list of the available policies.

image

2.Click POLICY PRIORITY.

image

3.Manage the policy priority: Drag and drop the policies to prioritize the policies accordingly. Manage the policy priority order by defining the order using the edit box.
image

4.Click SAVE NEW PRIORITY ORDER to save the changes.

5.Click APPLY CHANGES to push the changes, to the existing devices.

Updating a Policy

1.Click View under POLICIES to get the list of the available policies.

image

2.On the policy, you wish to edit, click on the edit icon.

image

3.Edit the policy:

a.Edit current profile and click CONTINUE.
b.Edit assignment groups and click CONTINUE.   
c.Optionally, edit the policy name and description.

Click SAVE to save the configured profile or click SAVE AND PUBLISH to save and publish the configured profile as an active policy to the database.

Description of Available Android Policies

Policy Description
Passcode Policy Enforce a configured passcode policy on Android devices. Once this profile is applied, the device owners won't be able to modify the password settings on their devices.
Restrictions Restrict predefined settings on Android devices. Once this profile is applied, the device owners won't be able to modify the configured settings on their devices.
Encryption Settings Encrypt data on an Android device when the device is locked and make it readable when the device is unlocked. Once this profile is applied, the device owners won't be able to modify the configured settings on their devices.
Wi-Fi Settings Configure the Wi-Fi settings on Android devices. Once this profile is applied, the device owners won't be able to modify the configured settings on their devices.
Global Proxy Settings This configurations can be used to set a network-independent global HTTP proxy on an Android device. Once this configuration profile is installed on a device, all the network traffic will be routed through the proxy server.
Virtual Private Network These configurations can be used to define settings for connecting to your POP or IMAP email accounts. Once this configuration profile is installed on an iOS device, corresponding users will not be able to modify these settings on their devices .
Certificate Install Settings Restrict predefined settings on Android devices. Once this profile is applied, the device owners won't be able to modify the configured settings on their devices.
Work-Profile Configurations Configure these settings to manage the applications in the work profile.
COSU Profile Configuration This policy can be used to configure the profile of COSU Devices.
Application Restriction Settings Blacklist or whitelist mobile application for Android devices.
Runtime Permission Policy (COSU / Work Profile) This configuration can be used to set a runtime permission policy to an Android Device.
System Update Policy (COSU) Configure the settings to install system updates on single-purpose or COSU devices.
Enrollment Application Install Enforce applications to be installed during Android device enrollment.