如何通过 Android 管理 API 防止系统应用程序在设备配置期间被删除

Question

我正在使用 Android 管理 API 生成二维码注册码；但是，在完全托管模式下注册后，相机、计算器等系统应用程序会被 DPC 删除。

其他帖子提到必须在enrollmentTokens.create()方法生成的对象中添加以下内容： "android.app.extra.EXTRA_PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED" = true

我目前正在做的事情是：

使用以下python代码生成二维码：

androidmanagement = build(
    "androidmanagement", "v1", credentials=credentials
)

enrollment_token = (
    androidmanagement.enterprises()
    .enrollmentTokens()
    .create(
        parent=f"enterprises/{enterprise_name}",
        body={
            "policyName": policy_name,
            "user": {"accountIdentifier": f"{some_identifier}"},
            "oneTimeOnly": "TRUE",
        },
    )
    .execute()
)

然后将属性添加到生成的enrollment_token

res = json.loads(enrollment_token["qrCode"])

res["android.app.extra.EXTRA_PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED"] = True

formatted_object_string = json.dumps(res)

enrollment_obj = formatted_object_string.replace(" ", "")

如果你打印 enrollment_obj 你会得到：

{"android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME":"com.google.android.apps.work.clouddpc/.receivers.CloudDeviceAdminReceiver","android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM":"SOME_CHECK_SUM","android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION":"https://play.google.com/managed/downloadManagingApp?identifier=setup","android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE":{"com.google.android.apps.work.clouddpc.EXTRA_ENROLLMENT_TOKEN":"SOME_ENROLLMENT_TOKEN"},"android.app.extra.EXTRA_PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED":true}

此对象用于创建如下所示的 QR 码 link（当然没有混淆数据）：

https://chart.googleapis.com/chart?cht=qr&chs=500x500&chl=%7B%22android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME%22%3A%22com.google.android.apps.work.clouddpc%2F.receivers.CloudDeviceAdminReceiver%22%2C%22android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM%22%3A%22<SOME_CHECKSUM>%22%2C%22android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION%22%3A%22https%3A%2F%2Fplay.google.com%2Fmanaged%2FdownloadManagingApp%3Fidentifier%3Dsetup%22%2C%22android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE%22%3A%7B%22com.google.android.apps.work.clouddpc.EXTRA_ENROLLMENT_TOKEN%22%3A%22<SOME_ENROLLMENT_TOKEN>%22%7D%2C%22android.app.extra.EXTRA_PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED%22%3Atrue%7D

这将允许成功注册；然而，DPC 似乎并不尊重添加的属性。谁能看出我可能哪里出错了？

编辑：问题是我使用了错误的属性键。答案中提到的正确键是： android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED

Answer 1

您似乎使用了错误的密钥，请尝试使用 android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED。

res = json.loads(enrollment_token["qrCode"])

res["android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED"] = True

formatted_object_string = json.dumps(res)

enrollment_obj = formatted_object_string.replace(" ", "")

如何通过 Android 管理 API 防止系统应用程序在设备配置期间被删除

How to keep system apps from being removed during device provisioning via Android Management API

android

android-management-api