Since Android 2.2, new device policy management APIs allow developers to write “device administrator” applications that can control security features of the device, such as the minimum password strength, data wipe, and so on. Users can select the administrators that are enabled on their devices. For more information, see the android.app.admin classes or the example application code in DeviceAdminSample.java.
Below is the steps to make an application to be a device administrator:
1: Import android.app.admin.DeviceAdminReceiver and android.app.admin.DevicePolicyManager packages.
2: Add an inner class, which extends DeviceAdminReceiver, to your application.
public static class MyAdmin extends DeviceAdminReceiver {
// implement onEnabled(), onDisabled(), …
}
3: Add below two fields to your application.
DevicePolicyManager mDPM;
ComponentName mAdminName;
4: Initalize above two field variables in the OnCreate() method.
mDPM = (DevicePolicyManager)getSystemService(Context.DEVICE_POLICY_SERVICE);
mAdminName = new ComponentName(this, MyAdmin.class);
5: Enable the administration somewhere:
if (!mDPM.isAdminActive(mAdminName)) {
// try to become active – must happen here in this activity, to get result
Intent intent = new Intent(DevicePolicyManager.ACTION_ADD_DEVICE_ADMIN);
intent.putExtra(DevicePolicyManager.EXTRA_DEVICE_ADMIN,
mAdminName);
intent.putExtra(DevicePolicyManager.EXTRA_ADD_EXPLANATION,
“Additional text explaining why this needs to be added.”);
startActivityForResult(intent, REQUEST_ENABLE);
} else {
// Already is a device administrator, can do security operations now.
mDPM.lockNow();
}
Note: The application should check the result of the ACTION_ADD_DEVICE_ADMIN. Add below code lines in the onActivityResult() method:
if (REQUEST_ENABLE == requestCode)
{
if (resultCode == Activity.RESULT_OK) {
// Has become the device administrator.
…
} else {
//Canceled or failed.
…
}
}
6. Add a receiver into the AndoidManifest.xml of your application.
<receiver
android:name=”app_class_name$MyAdmin”
android:label=”@string/xxx”
android:description=”@string/xxx”
android:permission=”android.permission.BIND_DEVICE_ADMIN” >
<meta-data
android:name=”android.app.device_admin”
android:resource=”@xml/my_admin” />
<intent-filter>
<action android:name=”android.app.action.DEVICE_ADMIN_ENABLED” />
</intent-filter>
</receiver>
Note: The label and description strings should be added in the res/values/strings.xml. The meta-data file should be added to the res/xml/. The my_admin.xml in our example are as follows:
<device-admin xmlns:android="http://schemas.android.com/apk/res/android"> <uses-policies> <limit-password /> <watch-login /> <reset-password /> <force-lock /> <wipe-data /> </uses-policies> </device-admin>
May 24, 2011 at 11:08 pm |
Still can’t get this to work.. getting frustrated.. seems like a permissions issue but I’ve checked and doublechecked.. can you share a running example? airdamien@gmail.com
05-24 19:06:05.285: WARN/DeviceAdminAdd(11506): Unable to retrieve device policy ComponentInfo{com.blue.bigadmin2/com.blue.bigadmin2.deviceadminreceiver}
May 25, 2011 at 6:49 am |
Here is a Dev Guide for Device Administration: http://developer.android.com/guide/topics/admin/device-admin.html.
The samples\android-\ApiDemos\src\com\example\android\apis\app\DeviceAdminSample.java is a best example for this feature.
Let me know if you still have problems.
June 9, 2011 at 12:16 pm |
hii guys i have been working on this and i have doubt is there any way or hack by which i can get my app is “active admin” without expliclty getting permission via the activity with “ACTION_ADD_DEVICE_ADMIN ” intent.
Is there any other way to get the permission other than thru activity??
June 10, 2011 at 9:04 am |
There is no silent or automatic way to enable the device admin. This has been confirmed by an Android framework engineer in this post:
http://groups.google.com/group/android-developers/browse_thread/thread/7ae1aaa328a14b24#
Best regards,
Ming
July 8, 2011 at 1:03 pm |
Thank you for this post!
I tried implementing this using the notes at: http://developer.android.com/guide/topics/admin/device-admin.html#top
But it was your post that helped me implement this!
July 11, 2011 at 1:04 am |
I’m glad that you have made it.
Best regards,
Ming
August 19, 2011 at 8:42 am |
Why is it that when you disable the device administrator and restart your phone, the device administrator is enabled again inside select device administrators? Thanks.
September 22, 2011 at 4:41 pm |
still can’t get this to work, can someone PLEASE add an example
October 4, 2011 at 8:17 am |
05-24 19:06:05.285: WARN/DeviceAdminAdd(11506): Unable to retrieve device policy ComponentInfo{com.blue.bigadmin2/com.blue.bigadmin2.deviceadminreceiver}
Got this error, too. Don’t have a clue how to get this to work. Can you please help? Thanks