Android Device Administrator Example

Building an enterprise level app for android could have never been easier. With this Android Device Administrator Example, I would explain how to detect active Android device policy managers. As I explained in my previous tutorial about Android DevicePolicyManager that Android has an inbuilt framework to implement device administration policies. With help of these policies one can force a device to have security features like passwords with quality parameters, and to count the failed attempts for a password. Also you can disable the device camera with Android Device Administrator.

The way I visioned the working of Android Device Administration APIs for enterprise apps, was that they would come in a bunch where one app would be a device admin, implementing the policies on a device. While other apps would just check if the appropriate policy has been implemented or not. If not not then the access to those apps would be denied. For better understanding I divided the tutorial into two parts, in the first part I showed how to implement DevicePolicyManager class and in this second part I would show how to detect the active device admin:

1. Android DevicePolicyManager Example
2. Android Device Administrator Example

1. Android DevicePolicyManager

Again before moving ahead with the Android Device Administrator Example I would like to give a brief intro to Android DevicePolicy Manager class. Android DevicePolicyManager class is a class used to implement security policies on a device. These policies could be anything like, that a device should have a password, a policy can define the minimum length of a password, no of special characters etc. With a policy we can also disable camera, wipe user data, watch failed password attempts and also encrypt user data. For all this please read my first tutorial in this Android Device Administrator series where an implementation of Android DeviceAdminReceiver is shown with DevicePolicyManager.

2. Android Device Administrator APIs

In Android you can make your own Device Administrator with help of DevicePolicyManager class but now the task at hand is to detect the active Android Device Administrator through APIs. If you remember the package name that I used in my previous tutorial was com.truiton.devicepolicymanager. Now I would show how to detect if device administrator with this package name is active. To do that in a separate app please define the class as defined below:

package com.truiton.activedevicepolicy;

import java.util.List;

import android.os.Bundle;
import android.app.Activity;
import android.app.admin.DevicePolicyManager;
import android.content.ComponentName;
import android.content.Context;
import android.util.Log;
import android.view.Menu;

public class ActiveDevicePolicy extends Activity {
	private DevicePolicyManager activeDevicePolicyManager;
	private final String LOG_TAG = "ActiveDevicePolicy";
	@Override
	protected void onCreate(Bundle savedInstanceState) {
		super.onCreate(savedInstanceState);
		setContentView(R.layout.activity_active_device_policy);
		activeDevicePolicyManager = (DevicePolicyManager) getSystemService(Context.DEVICE_POLICY_SERVICE);
		List<ComponentName> activeAdmins = activeDevicePolicyManager.getActiveAdmins();
		if(activeAdmins != null && !activeAdmins.isEmpty()){
			for(int index = 0; index < activeAdmins.size(); index++ ){
				Log.i(LOG_TAG, "flattenToShortString: "+ activeAdmins.get(index).flattenToShortString());
				Log.i(LOG_TAG, "flattenToString: "+ activeAdmins.get(index).flattenToString());
				Log.i(LOG_TAG, "getClassName: "+ activeAdmins.get(index).getClassName());
				Log.i(LOG_TAG, "getPackageName: "+ activeAdmins.get(index).getPackageName());
				Log.i(LOG_TAG, "getShortClassName: "+ activeAdmins.get(index).getShortClassName());
				Log.i(LOG_TAG, "toShortString: "+ activeAdmins.get(index).toShortString());		
			}
		} else {
			Log.i(LOG_TAG, "No Active Device Policy Manager");
		}
	}

}

In the above code I have called DevicePolicyManager.getActiveAdmins() method to retrieve the list of all the admins that are active at the moment. Now the interesting part here is that, since its returning a list; there could be more than one device admins in that list. The implied point here is that YES there can be more than one active Android Device Administrators on a device at a time but, keep in mind the strictest policy remains active.

In the above code, ComponentName.getPackageName() method is used to get the package name. Now since we know what package name we are looking for i.e. com.truiton.devicepolicymanager we can easily identify that, if the intended Android Device Administrator is active. Please have a look at the screenshot of logs:

With this I would sum up Android Device Administrator Example by saying you can create an app with which you can implement device administration policies. And create a separate app where you can detect those policies and do the desired function on your secure device. Although if you want a single app where you define policies, activate them and use them, that’s also possible 😉 . Hope this helps you, if it did please share it with your friends on Facebook, Google+ and also like our Facebook page to get our updates.

Mohit Gupt

Born in New Delhi, India. A software engineer by profession, an android enthusiast and an evangelist. My motive here is to create a group of skilled developers, who can develop something new and good. Reason being programming is my passion, and also it feels good to make a device do something you want. In a very short span of time professionally I have worked with many tech firms. As of now too, I am employed as a senior engineer in a leading tech company. In total I may have worked on more than 20 projects professionally, and whenever I get spare time I share my thoughts here at Truiton.