10

I am using a Nexus 7 which is updated to Android 4.3. I have an application which requires Device Admin rights to Lock/ Wipe device. I have given Device Admin right to my application on Owner Profile. So when i switch to another user profile, i can see my application in list of Device Admin apps. However when i give a Lock command on this non Owner user profile, i get the exception as

"java.lang.SecurityException: No active admin owned by uid XXXXXX".

DevicePolicyManager isActiveAdmin () method also returns true on this profile still it fails to take action and crashes the application.

I assume that once device admin is set for Owner user profile, its automatically applied to all other user profiles.Any idea then why is this happening ? Also, is there any documentation that points out on what care should my application take in order to handle Multiple user profiles in case my app requires device admin rights

Ajeett
  • 814
  • 2
  • 7
  • 18
Alok Kulkarni
  • 2,153
  • 19
  • 31
  • 1
    "I assume that once device admin is set for Owner user profile, its automatically applied to all other user profiles" -- I certainly would not assume that. I would assume that other profiles, particularly restricted ones, have no ability to work with device admins. That being said, I am not aware of any documentation in this space. – CommonsWare Sep 23 '13 at 13:41
  • what i said was based on observation on my Nexus 7 . I will check forcing acivation of DeviceAdmin on other profiles and update here. – Alok Kulkarni Sep 23 '13 at 15:19
  • Try uninstalling the app, and reinstalling the apk on that user account, and then adding it as a device administrator and launching the app. – hichris123 Oct 04 '13 at 01:26
  • This option does not seem user friendly at all. Still i will gv it a try – Alok Kulkarni Dec 30 '13 at 08:15

1 Answers1

8

Have you set in device_admin_sample.xml what admin policy comply with your App expected behaviour?

Set the admin paramenters as

 android:label="@string/enterprise_device_admin" 
        android:permission="android.permission.BIND_DEVICE_ADMIN"> 
     android:resource="@xml/enterprise_device_admin" />

Here is a typical content for your file device_admin_sample.xml:

<activity android:name=".app.DeviceAdminSample"
        android:label="@string/activity_sample_device_admin">
    <intent-filter>
        <action android:name="android.intent.action.MAIN" />
        <category android:name="android.intent.category.SAMPLE_CODE" />
    </intent-filter>
</activity>
<receiver android:name=".app.DeviceAdminSample$DeviceAdminSampleReceiver"
    android:label="@string/sample_device_admin"
    android:description="@string/sample_device_admin_description"
    android:permission="android.permission.BIND_DEVICE_ADMIN">
    <meta-data android:name="android.app.device_admin"
        android:resource="@xml/device_admin_sample" />
    <intent-filter>
        <action android:name="android.app.action.DEVICE_ADMIN_ENABLED" />
    </intent-filter>
</receiver>

Further reading with step by step instructions that is also worth checking:

Avanz
  • 7,466
  • 23
  • 54