Sharing Devices

Before you begin

You must have a valid directory service or identity provider connection configured in SOTI MobiControl. SOTI MobiControl uses these credentials to verify which device users are authorized to access shared device features. See Identity Management for help setting up these connections.

If you want to present terms and conditions to your device users when they log into a shared device, you should upload terms and conditions to SOTI MobiControl prior to beginning this task.

About this task

The Shared Device advanced configuration allows you to share a device among multiple users and personalize the device to each user as they log in. This multi-user functionality creates a set of interchangeable devices that are equally and immediately useful to any authorized user that picks one up.

Tip: Check out Configuring Shared Device for videos detailing how to configure Shared Devices.

Shared Device is only supported on Android (with a device agent of 13.7.0 or later) and iOS devices.

This section contains the following topics:

To set up Shared Device on your devices:

Procedure

  1. Create and organize your device groups to capitalize on Shared Device functionality.
    The shared device feature is applied at the device group level and all its subgroups (unless otherwise specified). You can set Shared Device to move devices to a nested group with different settings when a user logs into a device. This way, you control which settings or configurations are available depending on the log in status of the device. You can even designate different device groups depending on the user that logs into the device.

    A basic device group structure might look like this:

    Nested device groups

    Depending on your relocation settings, devices may remain in Warehouse or move to either Warehouse A or Warehouse B.

  2. Apply any rules, settings, or configurations that you want enabled on the main device group or its nested device groups.
    Important: On iOS devices, you must install the SOTI MobiControl Login app to facilitate Shared Device features. Use an app policy to deploy it to devices.
    Tip: Consider adding a Lockdown (Android Plus) or Single App Mode (iOS - set to the SOTI MobiControl Login app) profile configuration to the main shared device group to restrict the functionality of devices unless an authorized user is logged in.
  3. In the Devices view, right-click on the device group where you want to apply Shared Device and select Advanced Configurations.
  4. Choose either Android Plus or Apple from the device type dropdown and select Shared Device from the list of Advanced Configurations. You can apply shared device to both Android and iOS devices within the same group but you must configure them separately.
  5. In the Shared Device Configuration dialog box, select the Enable Shared Device Configuration check box and begin filling in the fields to configure Shared Device.
    Dialog box for the Shared Device advanced configuration
    Enable Shared Device Select this option to enable the Shared Device advanced configuration.
    Add Groups
    • Directory Service
    • Identity Provider

    Click the to select either a Directory Services or a Identity Provider connection from the dropdown list. If you haven't configured a directory service or IdP, you can set up a new connection by clicking Manage Directories. Refer to Identity Management for instructions on how to associate your identity management system with SOTI MobiControl.

    Note: Shared devices do not work with Azure AD because users cannot be authenticated against Azure AD.
    User Group Mapping Use this table to map user groups to the device groups they'll move into once a user from that user group logs into the device. Each user group can be mapped to a different destination device group, with different terms and conditions.

    For example, you can specify that the devices logged into by users in the IT user group should move to Group B upon login. Group B has lockdown and some feature control options configured. Then, specify that users in the Sales user group should move to Group C, which has lockdown and VPN profile configurations applied, as well as a more frequent check in schedule.

    Choose a terms and conditions document from the dropdown list.

    Relocate device back to home device group on logout Enable this option to send the device back to its original group once the device user logs out. Settings and configurations specific to the destination group will be removed and instead the settings and configurations of the home group will reapply.
    Clear managed application data when user logs out Enable this option to delete all data from applications installed by SOTI MobiControl, when a device user logs out of Shared Device mode.
    Note: Email account data is always cleared regardless of whether this option is selected or not.
    Disable device passcode when user logs out Enable this option to clear the passcode from the device once the device user logs out.
    Note: This option is only supported on iOS devices or Samsung devices running Android 7.0 or later.
  6. Use the up and down arrows to reorder the user group mappings. SOTI MobiControl evaluates user acceptance to each group in the order they appear in the list.
  7. Click OK to save your settings for Shared Device and apply it your devices.

Results

Shared device is now enabled on your devices. Your device users will be able to log in with their directory service or IdP accounts and configure the device to their requirements.

Tip: Use Advanced Search queries to target devices based on their shared devices status. Applicable device properties include: Shared Device Current User, Shared Device Current User Status, and Shared Device Last User. You can also search for the error states listed in Shared Device Error States.

You can also generate reports based on shared device users or shared device terms and conditions.