Best IT Recipes

How to erase an Android device when the device administrator is disconnected?

In my application, which is the device administrator, I need to erase the entire device when the user tries to disable the application administrator function. When the user goes to the settings / Security / Device admins and deactivates the admin application, the dialog box "You want to deactivate" appears first. If the user says yes, then another small dialog appears with the text provided by the AdminReceiver application in onDisableRequested (). If the user then says yes, I want to erase the entire device. How to do it?

I tried everything, looked for answers, did not find real solutions.

What I tried:

  • AdminReceiver has an onDisable () function. I tried to erase the device in this function. However, it looks like onDisable () is called after , the admin is disabled. Thus, the application cannot use the wipeData () function at all (a security exception is thrown). I also confirmed that isAdminActive () returns false at this time.

The official documentation does not say this clearly, but it seems that the administrator is already disconnected when onDisable () is called. Therefore, we must erase the device before this time.

  • AdminReceiver has an onDisableRequested () function that returns a CharSequence. I tried to put another warning window in this function. This crashes because the warning window cannot be called from the context without activity, which seems to be what we have when we are in onDisableRequested ().

  • AdminReceiver has an onReceive () function, which is called on any events. In this function, again, we are not in the context of activity and cannot present our own dialogues.

  • I tried to create another action from onReceive (). It works; during onReceive (), when we get ACTION_DISABLE_ADMIN_REQUESTED, the admin is still active and we can erase it. However, the system still presents its own dialog asking the user to deactivate the administrator. If the user says no to our dialog box, but yes in the system dialog box, the administrator will be disconnected and we will not be able to erase it.

In my subclass of DeviceAdminReceiver, I tried the following:

@Override public void onReceive(Context context, Intent intent) { // detect whether disabling is requested? if (intent.getAction().equals(ACTION_DEVICE_ADMIN_DISABLE_REQUESTED)) { confirmWipeDevice(context); } else { super.onReceive(context, intent); } }

In other words, I do not call super.onReceive (), if the action is to disable the administrator. The confirmWipeDevice () function shows another dialog action. This does not show a system dialog to confirm the disconnection of my admin application. However, this does not prevent the application from being turned off!

Android system seems to do the following:

  • Submit ACTION_DEVICE_ADMIN_DISABLE_REQUESTED to AdminReceiver

  • Continue to disable the administrator no matter what the administrator application wants to do

  • If the user cancels the shutdown, a fine; if not, the application is disabled. Unable to disable the application or disable it when disconnected.

The only solution so far is to immediately delete without confirmation when the user wants to disable the admin application. In other words, I can call getManager (). WipeData () immediately in onDisableRequested (). At that time, the administrator is still active, and it works.

It is right? How to erase a device when a user wants to disable the admin application?

+11
android admin
Feb 15 '12 at 17:39
source share
2 answers

In Android 3.2, they fixed this problem. In Android 3.1, the problem was still present.

Now (Android 3.2) in onDisabled you still have administrator privileges and you can erase the device.

+4
Jun 20 2018-12-12T00:
source share

My recommendation: Do not do this if it does not look like a corporate type.

But. In onDisableRequested() you can startActivity for the main screen, and then startActivity for the created Activity , which confirms whether they want to continue or not. If they choose yes, then you do as you wish (wipe the device), if they say no, then just startActivity for the home screen again (or finish() ).

This still poses a risk that they may launch the same settings page from recent tasks, in which they are likely to be able to click β€œyes” (or ok) in the dialog box that appears with your custom text and then continue with Disabling the device administrator. To avoid this, you can do this in the hope that it launches the initial settings page and clears the top-most screen of the device administrator.

Instead of wiping, you can always do resetPassword("new password") and then lockNow() . If this is a security-related application, then the personal device does not need to be erased, and the password was previously determined by the person who installed the application.

Let me know if you have any other questions. Hope this helps.

EDIT: I have an inscription that reminded me that this answer exists, so I decided to add some information.

You can use lockNow() in combination with an activity that will appear on top of the lock screen if you want to lock, and then still offer to erase or something else.
And blocking before starting cleaning will be a good idea to prevent problems if you have an error or delay for any reason.

And if you do something like this in a distributed application (through application stores), try not to violate their policies, because violating the rules can lead to a permanent ban from the application store (this happened to me on Google Play, due to no more than misunderstanding.)

+3
Feb 15 '12 at 21:57
source share


More articles:


All Articles