Script Commands for Android Enterprise: Managed Devices
Use the options and examples below to help you create your own powerful script commands.
Legend
Format | Meaning |
---|---|
text |
Enter the command exactly as shown. |
text |
Replace with the requested information. |
[text] | Information contained within square brackets is optional to the command. |
text|text |
Choose one of the options separated by the vertical pipe. |
Commands
Command | Syntax |
---|---|
_adminmode
Enables or disables the administrator mode on a device in lockdown mode. |
_adminmode on|off
|
afw_prevent_uninstall
Prevents the device user from uninstalling an application that was installed using packages. |
afw_prevent_uninstall bundleID enable|disable
Where Example To prevent the device user from uninstalling the Google Photos app:
|
afw_set_permission_grant_state
Grants specified permissions to specified applications. You cannot grant special permissions such as Draw Over or Usage Access, to third party applications. |
afw_set_permission_grant_state packageName allow|deny
|
afw_set_permission_policy
Sets the default response for future runtime permission requests by the SOTI MobiControl device agent. |
afw_set_permission_policy prompt|grant|deny|clear
Where
|
afw_set_preferred_keyboard
Specifies a preferred keyboard for use. Minimum device agent version: 15.1.5 Android OS: OS6 and above Note: Setting the keyboard via this script will not prevent the user from changing the keyboard later.
|
afw_set_preferred_keyboard<pkg_name>
Where Example
|
afw_work_profile
Enables or disables the Android Enterprise work profile. |
afw_work_profile enable|disable
|
agent_mode
Retrieves the current agent mode (user or administrator) of a device with lockdown mode applied and displays it in the Logs section of the Device Information panel. |
agent_mode |
app_upgrade disable <package-list> Allows the administrator to disable automatic Android Enterprise agent updates to latest versions from the Google Play Store, remotely on Android devices through MobiControl. Each execution of the script will append to the list of apps for which scripts have been sent.
Minimum device agent version: 15.1.5 Android OS: Samsung: API Level 11 and MDM v 5.0+ and above Zebra: API Level 26 and MXMF v10.3 and above OEMs supported: Samsung and Zebra |
app_upgrade disable
<package-list> Example
Note: <package-list>
can be skipped for Samsung devices. Samsung does not remove
specific packages from upgrade blacklist. It clears the complete
list. |
app_upgrade enable <package-list> Allows the administrator to enable automatic Android Enterprise agent updates to latest versions from the Google Play Store, remotely on Android devices through MobiControl. Each execution of the script will append to the list of apps for which scripts have been sent.
Minimum device agent version: 15.1.5 Android OS: Samsung: API Level 11 and MDM v 5.0+ and above Zebra: API Level 26 and MXMF v10.3 and above OEMs supported: Samsung and Zebra |
app_upgrade enable
<package-list> Example
Note: <package-list>
can be skipped for Samsung devices. Samsung does not remove
specific packages from upgrade blacklist. It clears the complete
list. |
certdelete
Deletes a certificate on the device. Note: You can only use
certdelete to remove certificates that were installed by SOTI MobiControl unless the device has a Samsung ELM agent installed, in which case certdelete will remove any specified certificates. |
certdelete -issuer "IssuerName" -sn "SerialNumber" -storage "storage"
Where
Example To delete a certificate issued by apache.org:
|
connect
Prompts the device agent to attempt to connect to the deployment server. |
connect [-f]
Where Example To connect to the deployment server regardless of configuration or setup settings:
|
devrename
Renames a device. |
devrename newDeviceName
If the name contains spaces, use quotation marks Example To change the name of a device to Apricot Candy:
|
disconnect
Disconnects the device from the SOTI MobiControl deployment server. |
disconnect
|
disable_mac_randomization Provides the administrator the ability to manage disable/enable Wi-Fi MAC Randomization or ability to restrict it to Use device MAC or Random Minimum device agent version: 15.1.5 Android OS: 11 and later OEMs supported: Zebra |
disable_mac_randomization [0 |
1] Example To enable MAC randomization:
To disable MAC randomization:
|
_efota |
_efota enroll|upgrade corpID targetVersion where corpID is the customer ID and targetVersion is the Samsung firmware version.
|
elm_awaken
Adds or removes the Samsung ELM agent to/from Android Doze Mode whitelist, enabling the agent to circumvent battery optimizations that limit connectivity between the agent and the deployment server. Available on Samsung devices running Android 6.0 or later and Knox Standard SDK 5.7 or later. |
elm_awaken 0|1
Example To add ELM agent to whitelist:
To remove ELM agent from whitelist:
|
enable_system_app
Allows a system application on the device to be used in the Android Enterprise container. Note: Only applications that are included in the device's firmware can be used in this command.
|
enable_system_app appBundleID
Example To add Google Chrome to the Android Enterprise container:
|
ftp
Copies a file or directory from an ftp server to a device. |
ftp [wget] [-o,-r] source
destination
Where
Example To copy a file from ftp to local storage on the device:
|
httpget
Downloads files using the HTTP protocol. |
httpget URL localPath
|
identify_activity
Identifies the current top activity on the device. |
identify_activity |
install
Installs an application on the device. |
install appInstallerPath
Where appInstallerPath is the full path to the application installer file on the device Example To install the Gmail app located on an sd card:
|
install_system_update
Installs a system update from the specified file. This command is
supported for the following OEMs:
Note: This command cannot be used on encrypted devices. Use the
sendintent command instead. |
install_system_update filename
Example To install a system update from a file on an SD card:
Note: If
/sdcard/Download does not work, use
/storage/sdcard0/Download instead, as
in:
|
import_contacts_vcf This feature allows the
administrator to add Collation/Unicode in
Minimum Agent: 15.2.4 Limitations/Constraints/Pre-requisites: This is generic implementation, there is no OS or OEM limitation |
import_contacts_vcf <filePath>
1/0
<charsetName> Where:
Example
|
lock
Turns the device screen off and locks device until device user enters the correct password. |
lock
|
log
Sends a customs message to the SOTI MobiControl deployment server from the device. This message appears in the Logs tab of the Device Information panel in the SOTI MobiControl console. |
log type message
Where
Example To send a notification to the SOTI MobiControl console at certain intervals during a software push: Note: Put the command in the pre-install script
|
mxconfig
Submits XML configuration instructions to the MX layer of the device. Note: This script command is only applicable on Zebra Android devices.
mxconfig uses the StageNow XML format (MXMS) |
mxconfig xmlFilepath
Example
|
notify kiosk
Enables or disables lockdown mode on the device. |
notify kiosk on | off
|
read_activities
Lists all the activities of an application package. |
read_activities packageName
|
request_appops_permission
Sends a request to the device prompting the device user to grant the specified permissions. |
request_appops_permission permissionName where the permissionName can be one of:
Where possible, the permissions are granted silently. |
request_bug_report
Requests permission from the device user to send bug reports back to SOTI MobiControl. |
request_bug_report
|
request_appops_permission
android.permission.SYSTEM_ALERT_WINDOW allow
<Package_ID> Note: This command is supported in
Android Enterprise Work Managed, Android Classic, and external
agent (i.e. COPE Work Managed) insideagent
request_appops_permission android.permission.SYSTEM_ALERT_WINDOW
allow <Package_ID> Note: This command is supported in
internal agent (i.e. COPE Work Profile). Enables the ability to silently allow any third-party application (this applies to the SOTI MobiControl agent as well) to display over other applications across all Android devices. Minimum Agent: 15.1.5 Plugin Versions: 1.15.1.102 (recommended for silent granting) Devices supported: Android Enterprise with plugins (DO, COPE) and Android Classic devices Android OS: 6 and later OEMs Supported: Samsung, Zebra, Google, Honeywell (This feature is not OEM specific) |
Example:
|
request_appops_permission
android.permission.SYSTEM_ALERT_WINDOW disallow
<Package_ID> Note: This command is supported in
Android Enterprise Work Managed, Android Classic, and external
agent (i.e. COPE Work Managed) insideagent
request_appops_permission android.permission.SYSTEM_ALERT_WINDOW
disallow <Package_ID> Note: This command is supported
in internal agent (i.e. COPE Work Profile). Disables the ability to silently allow any third-party application (this applies to the SOTI MobiControl agent as well) to display over other applications across all Android devices. Minimum Agent: 15.1.5 Plugin Versions: 1.15.1.102 (recommended for silent granting) Devices supported: Android Enterprise with plugins (DO, COPE) and Android Classic devices Android OS: 6 and later OEMs Supported: Samsung, Zebra, Google, Honeywell (This feature is not OEM specific) |
Examples:
|
reset
Performs a soft or hard reset of the device. |
reset [/s | /H | /W | /E] [/delaysec]
Where
On Android Plus devices it is possible to specify a
If Example To soft reset a device:
To reset an Android Plus device to its factory settings in 30 seconds:
|
_resetfailedrcdetectionflag
Resets the remote control detection attempt counter. |
_resetfailedrcdetectionflag
|
resetwifiproxy
Clears proxy configuration settings for the specified SSID (which should exist on the device before sending the command). Note: Supported on devices running Android 4.0 or later.
|
resetwifiproxy ssid
Example To reset a proxy configuration for SSID 105:
|
restartagent
Restarts the device agent. |
restartagent
As of Android agent v14.3.1, the agent waits until it's idle before it restarts (generally less than 10 seconds). Add |
sendinfo net.soti.action.hub ENABLESCREENCAPTURE
Controls whether device users can take screen captures within the SOTI Hub app. Note: If screen capture is disabled, you may see a blank screen if you remote control a device and then open a file in SOTI Hub.
|
sendinfo net.soti.action.hub ENABLESCREENCAPTURE 0 | 1
Where
Example To block device user from taking screenshots within the SOTI Hub app:
|
sendinfo net.soti.action.surf BROWSERZOOMLEVEL
Sets the zoom level in the SOTI Surf app. |
sendinfo net.soti.action.surf BROWSERZOOMLEVEL value
Where value is a percentage that represents the level of zoom. Example To set the zoom level of the SOTI Surf app to 400%:
|
sendinfo net.soti.action.surf DISABLEBROWSERZOOMGESTURE
Controls whether device users can use gestures (like pinch to zoom) to magnify web pages opened in the SOTI Surf app. |
sendinfo net.soti.action.surf DISABLEBROWSERZOOMGESTURE 0|1
Where
Example To disable zoom gestures in the SOTI Surf app:
|
sendinfo net.soti.action.surf DISABLEMEDIAAUTOPLAY
Turns on or off media auto-play and controls SOTI Surf access to the device camera. |
sendinfo net.soti.action.surf DISABLEMEDIAAUTOPLAY 0 | 1
Where Example To turn on media auto-play and grant SOTI Surf access to the device camera:
|
sendinfo net.soti.action.surf DISABLEPULLTOREFRESH
Controls whether device users can swipe downwards on their screen to refresh the current webpage in the SOTI Surf app. |
sendinfo net.soti.action.surf DISABLEPULLTOREFRESH 0|1
Where
Example To disable the pull to refresh gesture in the SOTI Surf app:
|
sendinfo net.soti.action.surf ENABLETHIRDPARTYCOOKIES
Controls whether cookies from third-party domains (that is, domains beyond the site the user is currently visiting) are blocked on SOTI Surf. |
sendinfo net.soti.action.surf ENABLETHIRDPARTYCOOKIES 0|1
Where
Example To allow third-party cookies in the SOTI Surf app:
|
sendreport
Sends a debug report from the device agent to the SOTI ftp server. |
sendreport
|
set_system_update_policy
Configures the system update policy for Android devices with work feature enabled. Note: Supported on Android Enterprise Managed Devices running Android 6.0 or later with an agent of 13.8.x or earlier.
Devices with later agents (13.9.0+) should use either |
set_system_update_policy policy type [startTime] [endTime]
Where
Note: For the Windowed policy, time parameters are measured as the number of minutes from midnight in the device's local time. They range from 0-1440.
If the start and end times are the same, the window includes the whole 24 hours, that is, updates can install at any time. If the start time is later than the end time, the window spans midnight. Example To set the system update policy as default:
To set the system update policy as windowed with the maintenance window set to occur from 11 pm to 3 am:
|
set_configurable_kiosk_splash This feature allows the administrator to suppress or change the SOTI agent logo while in kiosk mode. Minimum Agent: 15.2.4, same as lockdown Plugin Versions: Not required Devices supported: Android Classic and Android Enterprise DO Android OS: same as lockdown |
Where:
Examples
Note: The script will fail if you do not supply an argument.
|
setwifipacurl
Sets WiFi proxy settings using a provided PAC file. The access point ID should exist on the device before sending this command. Note: Supported on devices running Android 4.0.
|
setwifipacurl ssid PACfileURL
Example To set up a WiFi proxy using a PAC file:
|
setwifiproxy
Sets WiFi proxy settings using a provided host and port for the specified SSID. The access point ID should exist on the device before sending this command. Note: Supported on devices running Android 4.0.
|
setwifiproxy ssid host port
Example To set up a WiFi proxy:
|
showmessagebox
Displays a message box on the device screen. Note: The Android Plus agent has the following limitations:
|
showmessagebox message [timer] [type] [default button] [action]
Where
The return values for the Example To show a simple message:
To provide device information using a macro:
To set a 3 second timer to your message:
To add YES and NO buttons to your message box with no timer
To provide followup actions to a user response to message box:
|
sleep
Initiates sleep mode on the device for a set period. Only use this command in scripts. |
sleep [length]
Where length is in seconds Example To set the device to sleep for 5 seconds:
|
sleepex
Initiates sleep mode on the device for a set period. Only use this command in scripts. |
sleep [length]
Where length is in milliseconds Example To set the device to sleep for 3.5 seconds:
|
turnoff
Turns off the device. Note: Script to turn off device works only
for Lenovo managed devices with an activated
license. |
turnoff [delay]
Where Example To turn off the device:
To turn off the device in 25 seconds:
|
uninstall
Removes the specified program from the device. |
uninstall program [force]
Where
Example To remove the program Google Maps:
|
unlock
Unlocks the device and dismisses the password lock screen. |
unlock
|
wifiapenable
Enables or disables WiFi mobile access point. Note: Supported on devices running Android 4.0 to 8.0.
|
wifiapenable 0|1
Where Example To disable WiFi:
|
wipeapplication
Wipes application data for the specified application from the device. |
wipeapplication packageName
|
writeprivateprofstring
Saves or deletes specified settings on a device. See The writeprivateprofstring Command for more information. |