如何通过 Android 管理 API 防止系统应用程序在设备配置期间被删除
How to keep system apps from being removed during device provisioning via Android Management API
我正在使用 Android 管理 API 生成二维码注册码;但是,在完全托管模式下注册后,相机、计算器等系统应用程序会被 DPC 删除。
其他帖子提到必须在enrollmentTokens.create()方法生成的对象中添加以下内容:
"android.app.extra.EXTRA_PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED" = true
我目前正在做的事情是:
- 使用以下python代码生成二维码:
androidmanagement = build(
"androidmanagement", "v1", credentials=credentials
)
enrollment_token = (
androidmanagement.enterprises()
.enrollmentTokens()
.create(
parent=f"enterprises/{enterprise_name}",
body={
"policyName": policy_name,
"user": {"accountIdentifier": f"{some_identifier}"},
"oneTimeOnly": "TRUE",
},
)
.execute()
)
- 然后将属性添加到生成的
enrollment_token
res = json.loads(enrollment_token["qrCode"])
res["android.app.extra.EXTRA_PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED"] = True
formatted_object_string = json.dumps(res)
enrollment_obj = formatted_object_string.replace(" ", "")
如果你打印 enrollment_obj
你会得到:
{"android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME":"com.google.android.apps.work.clouddpc/.receivers.CloudDeviceAdminReceiver","android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM":"SOME_CHECK_SUM","android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION":"https://play.google.com/managed/downloadManagingApp?identifier=setup","android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE":{"com.google.android.apps.work.clouddpc.EXTRA_ENROLLMENT_TOKEN":"SOME_ENROLLMENT_TOKEN"},"android.app.extra.EXTRA_PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED":true}
此对象用于创建如下所示的 QR 码 link(当然没有混淆数据):
https://chart.googleapis.com/chart?cht=qr&chs=500x500&chl=%7B%22android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME%22%3A%22com.google.android.apps.work.clouddpc%2F.receivers.CloudDeviceAdminReceiver%22%2C%22android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM%22%3A%22<SOME_CHECKSUM>%22%2C%22android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION%22%3A%22https%3A%2F%2Fplay.google.com%2Fmanaged%2FdownloadManagingApp%3Fidentifier%3Dsetup%22%2C%22android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE%22%3A%7B%22com.google.android.apps.work.clouddpc.EXTRA_ENROLLMENT_TOKEN%22%3A%22<SOME_ENROLLMENT_TOKEN>%22%7D%2C%22android.app.extra.EXTRA_PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED%22%3Atrue%7D
这将允许成功注册;然而,DPC 似乎并不尊重添加的 属性。谁能看出我可能哪里出错了?
编辑:
问题是我使用了错误的 属性 键。答案中提到的正确键是:
android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED
您似乎使用了错误的密钥,请尝试使用 android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED
。
res = json.loads(enrollment_token["qrCode"])
res["android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED"] = True
formatted_object_string = json.dumps(res)
enrollment_obj = formatted_object_string.replace(" ", "")
我正在使用 Android 管理 API 生成二维码注册码;但是,在完全托管模式下注册后,相机、计算器等系统应用程序会被 DPC 删除。
其他帖子提到必须在enrollmentTokens.create()方法生成的对象中添加以下内容:
"android.app.extra.EXTRA_PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED" = true
我目前正在做的事情是:
- 使用以下python代码生成二维码:
androidmanagement = build(
"androidmanagement", "v1", credentials=credentials
)
enrollment_token = (
androidmanagement.enterprises()
.enrollmentTokens()
.create(
parent=f"enterprises/{enterprise_name}",
body={
"policyName": policy_name,
"user": {"accountIdentifier": f"{some_identifier}"},
"oneTimeOnly": "TRUE",
},
)
.execute()
)
- 然后将属性添加到生成的
enrollment_token
res = json.loads(enrollment_token["qrCode"])
res["android.app.extra.EXTRA_PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED"] = True
formatted_object_string = json.dumps(res)
enrollment_obj = formatted_object_string.replace(" ", "")
如果你打印 enrollment_obj
你会得到:
{"android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME":"com.google.android.apps.work.clouddpc/.receivers.CloudDeviceAdminReceiver","android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM":"SOME_CHECK_SUM","android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION":"https://play.google.com/managed/downloadManagingApp?identifier=setup","android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE":{"com.google.android.apps.work.clouddpc.EXTRA_ENROLLMENT_TOKEN":"SOME_ENROLLMENT_TOKEN"},"android.app.extra.EXTRA_PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED":true}
此对象用于创建如下所示的 QR 码 link(当然没有混淆数据):
https://chart.googleapis.com/chart?cht=qr&chs=500x500&chl=%7B%22android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME%22%3A%22com.google.android.apps.work.clouddpc%2F.receivers.CloudDeviceAdminReceiver%22%2C%22android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM%22%3A%22<SOME_CHECKSUM>%22%2C%22android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION%22%3A%22https%3A%2F%2Fplay.google.com%2Fmanaged%2FdownloadManagingApp%3Fidentifier%3Dsetup%22%2C%22android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE%22%3A%7B%22com.google.android.apps.work.clouddpc.EXTRA_ENROLLMENT_TOKEN%22%3A%22<SOME_ENROLLMENT_TOKEN>%22%7D%2C%22android.app.extra.EXTRA_PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED%22%3Atrue%7D
这将允许成功注册;然而,DPC 似乎并不尊重添加的 属性。谁能看出我可能哪里出错了?
编辑:
问题是我使用了错误的 属性 键。答案中提到的正确键是:
android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED
您似乎使用了错误的密钥,请尝试使用 android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED
。
res = json.loads(enrollment_token["qrCode"])
res["android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED"] = True
formatted_object_string = json.dumps(res)
enrollment_obj = formatted_object_string.replace(" ", "")