从 Android 设备策略获取设备标识符
[英]get Device identifier from Android Device Policy
问题描述
We are trying out the EMM MDM app using Android Enterprise.
我们正在使用 Android Enterprise 试用 EMM MDM 应用程序。 So we enroll using Android Enterprise in Fully managed mode.因此,我们在完全托管模式下使用 Android Enterprise 进行注册。
We'll be having a per device policy mechanism, so every device will have a separate policy.我们将拥有一个针对per device policy机制,因此每个设备都会有一个单独的策略。 Now at the start, we don't have any info about who's the user, so we apply the default policy and then during setup (using setupActions), we open our custom app and ask the user to log in using username and password, that way we know who's the user.现在一开始,我们没有关于谁是用户的任何信息,所以我们应用默认策略,然后在设置过程中(使用 setupActions),我们打开我们的自定义应用程序并要求用户使用用户名和密码登录,即我们知道谁是用户的方式。
The issue is, we know the user, but we don't know on which device the user has logged into since we can't query IMEI/SerialNumber ( https://developer.android.com/training/articles/user-data-ids#best-practices-android-identifiers )问题是,我们知道用户,但我们不知道用户在哪个设备上登录,因为我们无法查询 IMEI/SerialNumber ( https://developer.android.com/training/articles/user-data -ids#best-practices-android-identifiers )
The issue is we make users log in from our app but in AndroidEnterprise, the device name is different.问题是我们让用户从我们的应用程序登录,但在 AndroidEnterprise 中,设备名称不同。
We want to create a mapping of username <---> device info from AE.我们想从 AE 创建用户名 <---> 设备信息的映射。
Can we query the Android Device Policy app someway to get any identifier so that we can map deviceId <---> username?我们能否以某种方式查询Android Device Policy应用程序以获取任何标识符,以便我们可以 map deviceId <---> 用户名? or any other suggested way?或任何其他建议的方式?
We can not send deviceName or anything in Managed configuration since, at that time, the user is not enrolled in AnroidEnterprise thus, we don't have that info.我们无法发送 deviceName 或托管配置中的任何内容,因为当时用户未注册 AnroidEnterprise,因此我们没有该信息。 see ref见参考
Also, anyone knows how can we interact with Android Device Policy somehow?此外,任何人都知道我们如何以某种方式与 Android 设备策略进行交互? to know which policy is applied?知道应用了哪种策略? etc. ETC。
2 个解决方案
解决方案1
1 2021-09-28 07:02:08
From Android 10 to read device Identifiers numbers, it required READ_PRIVILEGED_PHONE_STATE permission.从 Android 10 读取设备标识符号,需要READ_PRIVILEGED_PHONE_STATE权限。 However, apps installed from the Google Play Store cannot declare privileged permissions.但是,从 Google Play 商店安装的应用程序无法声明特权权限。
If you work with Android Management API, you can set policy DelegatedScope: CERT_INSTALL for your application to have a special permission that access to certificate installation and management.如果您使用 Android Management API,您可以设置策略DelegatedScope: CERT_INSTALL让您的应用程序拥有访问证书安装和管理的特殊权限。 So that we can use READ_PHONE_STATE permission on your app's manifest.这样我们就可以对您应用的清单使用READ_PHONE_STATE权限。
- From your application, you can got IMEI / SerialNumber从您的应用程序中,您可以获得IMEI / SerialNumber
- From your default policy, you have to set delegate scopes for your application根据您的默认策略,您必须为您的应用程序设置委托范围
"applications": [
{
"packageName": "your-app-package-name",
"delegatedScopes": [
"CERT_INSTALL"
]
}
]
解决方案2
0 2021-09-29 13:13:03
device.list can be used to check the list of devices enrolled in a specific enterprise, while devices.get may be used to check the details of a specific device. device.list可用于查看特定企业注册的设备列表,而devices.get可用于查看特定设备的详细信息。 You may want to check this link for the list information you may get using device.get.您可能需要检查此链接以获取使用 device.get 可能获得的列表信息。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.