Script Commands for Android Enterprise: Devices with Work Profiles
Use the options and examples below to help you create your own powerful script commands.
Legend
Format | Meaning |
---|---|
text |
Enter the command exactly as shown. |
text |
Replace with the requested information. |
[text] | Information contained within square brackets is optional to the command. |
text|text |
Choose one of the options separated by the vertical pipe. |
Commands
Command | Syntax |
---|---|
_adminmode
Enables or disables the administrator mode on a device in lockdown mode. |
_adminmode on|off
|
afw_prevent_uninstall
Prevents the device user from uninstalling an application that was installed using packages. |
afw_prevent_uninstall bundleID enable|disable
Where Example To prevent the device user from uninstalling the Google Photos app:
|
afw_set_permission_grant_state
Grants specified permissions to specified applications. You cannot grant special permissions such as Draw Over or Usage Access, to third party applications. For a full list of all the permissions available and what API level they are implemented in by Google, see https://developer.android.com/reference/android/Manifest.permission |
afw_set_permission_grant_state packageName disable|enable
|
afw_set_permission_policy
Sets the default response for future runtime permission requests by the SOTI MobiControl device agent. |
afw_set_permission_policy prompt|grant|deny|clear
Where
|
afw_set_preferred_keyboard
Specifies a preferred keyboard for use. Minimum device agent version: 15.1.5 Android OS: OS5 and above Note: Setting the keyboard via this script will not prevent the user from changing the keyboard later.
|
afw_set_preferred_keyboard<pkg_name>
Where Example
|
afw_work_profile
Enables or disables the Android Enterprise work profile. |
afw_work_profile enable|disable
|
agent_mode
Retrieves the current agent mode (user or administrator) of a device with lockdown mode applied and displays it in the Logs section of the Device Information panel. |
agent_mode |
app_upgrade disable <package-list> Allows the administrator to disable automatic Android Enterprise agent updates to latest versions from the Google Play Store, remotely on Android devices through MobiControl. Minimum device agent version: 15.1.5 Android OS: Samsung: API Level 11 and MDM v 5.0+ and above Zebra: API Level 26 and MXMF v10.3 and above OEMs supported: Samsung and Zebra |
app_upgrade disable
<package-list> Example
|
app_upgrade enable <package-list> Allows the administrator to enable automatic Android Enterprise agent updates to latest versions from the Google Play Store, remotely on Android devices through MobiControl. Minimum device agent version: 15.1.5 Android OS: Samsung: API Level 11 and MDM v 5.0+ and above Zebra: API Level 26 and MXMF v10.3 and above OEMs supported: Samsung and Zebra |
app_upgrade enable
<package-list> Example
Note: <package-list>
can be skipped for Samsung devices. |
certdelete
Deletes a certificate on the device. Note: You can only use
certdelete to remove certificates that were installed by SOTI MobiControl unless the device has a Samsung ELM agent installed, in which case certdelete will remove any specified certificates. |
certdelete -issuer "IssuerName" -sn "SerialNumber" -storage "storage"
Where
Example To delete a certificate issued by apache.org:
|
clearappcache Clears the cache memory of the specified application. Devices supported: Supported on
Android Classic and Work Managed devices. Note:
Minimum Android agent version: 15.3.3 |
clearappcache
packageName Example To clear the cache memory of the Business App application: clearappcache
com.businessapp |
connect
Prompts the device agent to attempt to connect to the deployment server. |
connect [-f]
Where Example To connect to the deployment server regardless of configuration or setup settings:
|
devrename
Renames a device. |
devrename newDeviceName
If the name contains spaces, use quotation marks Example To change the name of a device to Apricot Candy:
|
disconnect
Disconnects the device from the SOTI MobiControl deployment server. |
disconnect
|
ftp
Copies a file or directory from an ftp server to a device. |
ftp [wget] [-o,-r] source
destination
Where
Example To copy a file from ftp to local storage on the device:
|
httpget
Downloads files using the HTTP protocol. |
httpget URL localPath
|
identify_activity
Identifies the current top activity on the device. |
identify_activity |
install
Installs an application on the device. |
install appInstallerPath
Where appInstallerPath is the full path to the application installer file on the device Example To install the Gmail app located on an sd card:
|
lock
Turns the device screen off and locks device until device user enters the correct password. |
lock
|
log
Sends a customs message to the SOTI MobiControl deployment server from the device. This message appears in the Logs tab of the Device Information panel in the SOTI MobiControl console. |
log type message
Where
Example To send a notification to the SOTI MobiControl console at certain intervals during a software push: Note: Put the command in the pre-install script
|
read_activities
Lists all the activities of an application package. |
read_activities packageName
|
request_appops_permission android.permission.SYSTEM_ALERT_WINDOW allow
<Package_ID> Note: This command is supported in
Android Enterprise Work Managed, Android Classic, and external
agent (i.e. COPE Work Managed) insideagent
request_appops_permission android.permission.SYSTEM_ALERT_WINDOW
allow <Package_ID> Note: This command is supported in
internal agent (i.e. COPE Work Profile). Enables the ability to silently allow any third-party application (this applies to the SOTI MobiControl agent as well) to display over other applications across all Android devices. Minimum Agent: 15.1.5 Plugin Versions: 1.15.1.102 (recommended for silent granting) Devices supported: Android Enterprise with plugins (DO, COPE) and Android Classic devices Android OS: 6 and later OEMs Supported: Samsung, Zebra, Google, Honeywell (This feature is not OEM specific) |
Example:
|
request_appops_permission android.permission.SYSTEM_ALERT_WINDOW disallow
<Package_ID> Note: This command is supported in
Android Enterprise Work Managed, Android Classic, and external
agent (i.e. COPE Work Managed) insideagent
request_appops_permission android.permission.SYSTEM_ALERT_WINDOW
disallow <Package_ID> Note: This command is supported
in internal agent (i.e. COPE Work Profile). Disables the ability to silently allow any third-party application (this applies to the SOTI MobiControl agent as well) to display over other applications across all Android devices. Minimum Agent: 15.1.5 Plugin Versions: 1.15.1.102 (recommended for silent granting) Devices supported: Android Enterprise with plugins (DO, COPE) and Android Classic devices Android OS: 6 and later OEMs Supported: Samsung, Zebra, Google, Honeywell (This feature is not OEM specific) |
Examples:
|
request_appops_permission
Sends a request to the device prompting the device user to grant the specified permissions. |
request_appops_permission permissionName where the permissionName can be one of:
Where possible, the permissions are granted silently. |
reset
Performs a soft or hard reset of the device. |
reset [/s | /H | /W | /E] [/delaysec]
Where
On Android Plus devices it is possible to specify a
If Example To soft reset a device:
To reset an Android Plus device to its factory settings in 30 seconds:
|
_resetfailedrcdetectionflag
Resets the remote control detection attempt counter. |
_resetfailedrcdetectionflag
|
resetwifiproxy
Clears proxy configuration settings for the specified SSID (which should exist on the device before sending the command). Note: Supported on devices running Android 4.0 or later.
|
resetwifiproxy ssid
Example To reset a proxy configuration for SSID 105:
|
sendreport
Sends a debug report from the device agent to the SOTI ftp server. |
sendreport
|
setwifipacurl
Sets WiFi proxy settings using a provided PAC file. The access point ID should exist on the device before sending this command. Note: Supported on devices running Android 4.0.
|
setwifipacurl ssid PACfileURL
Example To set up a WiFi proxy using a PAC file:
|
setwifiproxy
Sets WiFi proxy settings using a provided host and port for the specified SSID. The access point ID should exist on the device before sending this command. Note: Supported on devices running Android 4.0.
|
setwifiproxy ssid host port
Example To set up a WiFi proxy:
|
showmessagebox
Displays a message box on the device screen. Note: The Android Plus agent has the following limitations:
|
showmessagebox message [timer] [type] [default button] [action]
Where
The return values for the Example To show a simple message:
To provide device information using a macro:
To set a 3 second timer to your message:
To add YES and NO buttons to your message box with no timer
To provide followup actions to a user response to message box:
|
sleep
Initiates sleep mode on the device for a set period. Only use this command in scripts. |
sleep [length]
Where length is in seconds Example To set the device to sleep for 5 seconds:
|
sleepex
Initiates sleep mode on the device for a set period. Only use this command in scripts. |
sleep [length]
Where length is in milliseconds Example To set the device to sleep for 3.5 seconds:
|
uninstall
Removes the specified program from the device. |
uninstall program [force]
Where
Example To remove the program Google Maps:
|
unlock
Unlocks the device and dismisses the password lock screen. |
unlock
|
wifiapenable
Enables or disables WiFi mobile access point. Note: Supported on devices running Android 4.0 to 8.0.
|
wifiapenable 0|1
Where Example To disable WiFi:
|
writeprivateprofstring
Saves or deletes specified settings on a device. See The writeprivateprofstring Command for more information. |