Script Commands for Android Enterprise: Managed Devices
Use the options and examples below to help you create powerful script commands.
Legend
Format | Meaning |
---|---|
text |
Enter the command exactly as shown. |
text |
Replace with the requested information. |
[text] | Information contained within square brackets is optional to the command. |
text|text |
Choose one of the options separated by the vertical pipe. |
Commands
Command | Syntax |
---|---|
_adminmode
Enables or disables the administrator mode on a device in lockdown mode. |
_adminmode on|off
|
afw_prevent_uninstall
Prevents the device user from uninstalling an application that a package installed before. |
afw_prevent_uninstall bundleID
enable|disable
Where Example To prevent the device user from uninstalling the Google Photos app:
|
afw_set_permission_grant_state
Grants specified permissions to specified applications. You cannot grant special permissions such as Draw Over or Usage Access, to third party applications. For a full list of all the permissions available and what API level they implement in by Google, see https://developer.android.com/reference/android/Manifest.permission |
afw_set_permission_grant_state packageName
disable|enable
|
afw_set_permission_policy
Sets the default response for future runtime permission requests by the SOTI MobiControl device agent. |
afw_set_permission_policy prompt|grant|deny|clear
Where:
|
afw_set_preferred_keyboard
Specifies a preferred keyboard for use. Minimum device agent version: 15.1.5 Android OS: OS6 and above Note: Setting the keyboard via this script does not
prevent the user from changing the keyboard later.
|
afw_set_preferred_keyboard<pkg_name>
Where Example
|
afw_work_profile
Enables or disables the Android Enterprise work profile. |
afw_work_profile enable|disable
|
agent_mode
Retrieves the current agent mode (user or administrator) of a device with lockdown mode applied and displays it in the Logs section of the Device Information panel. |
agent_mode |
app_upgrade disable <package-list> Enables the administrator to disable automatic Android Enterprise agent updates to the latest versions from the Google Play Store remotely on Android devices through SOTI MobiControl. Minimum device agent version: 15.1.5 Android OS: Samsung: API Level 11 and MDM v 5.0+ and above Zebra: API Level 26 and MXMF v10.3 and above OEMs supported: Samsung and Zebra |
app_upgrade disable
<package-list> Example
|
app_upgrade enable <package-list> Enables the administrator to enable automatic Android Enterprise agent updates to the latest versions from the Google Play Store remotely on Android devices through SOTI MobiControl. Minimum device agent version: 15.1.5 Android OS: Samsung: API Level 11 and MDM v 5.0+ and above Zebra: API Level 26 and MXMF v10.3 and above OEMs supported: Samsung and Zebra |
app_upgrade enable
<package-list> Example
Note: You can skip
<package-list> for Samsung
devices. |
certdelete
Deletes a certificate on the device. Note: You can only use
certdelete to remove certificates installed
by SOTI MobiControl unless the device has a
Samsung ELM agent installed. In this case,
certdelete removes any specified
certificates. |
certdelete -issuer "IssuerName" -sn
"SerialNumber" -storage
"storage"
Where:
Example To delete a certificate issued by apache.org:
|
clearappcache Clears the cache memory of the specified application. Devices supported: Supported on
Android Classic and Work Managed devices. Note:
Minimum Android agent version: 15.3.3 |
clearappcache
packageName Example To clear the cache memory of the Business App application: clearappcache
com.businessapp |
connect
Prompts the device agent to try to connect to the deployment server. |
connect [-f]
Where Example To connect to the deployment server regardless of configuration or setup settings:
|
devrename
Renames a device. |
devrename newDeviceName
If the name has spaces, use quotation marks. Example To change the name of a device to Apricot Candy:
|
disconnect
Disconnects the device from the SOTI MobiControl deployment server. |
disconnect
|
disable_mac_randomization Provides the administrator the ability to manage disable/enable Wi-Fi MAC Randomization or ability to restrict it to Use device MAC or Random Minimum device agent version: 15.1.5 Android OS: 11 and later OEMs supported: Zebra |
disable_mac_randomization [0 |
1] Example To enable MAC randomization:
To disable MAC randomization:
|
_efota |
_efota enroll|upgrade corpID
targetVersion where
corpID is the customer ID and
targetVersion is the Samsung firmware
version. |
elm_awaken
Adds or removes the Samsung ELM agent to/from the Android Doze Mode whitelist. Enables the agent to circumvent battery optimizations that limit connectivity between the agent and the deployment server. Available on Samsung devices running Android 6.0 or later and Knox Standard SDK 5.7 or later. |
elm_awaken 0|1
Example To add the ELM agent to the whitelist:
To remove the ELM agent from the whitelist:
|
enable_system_app
Enables a system application on the device for use in the Android Enterprise container. Note: This command is only for
applications included in the device’s firmware.
|
enable_system_app appBundleID
Example To add Google Chrome to the Android Enterprise container:
|
ftp
Copies a file or directory from an FTP server to a device. |
ftp [wget] [-o,-r] source
destination
Where:
Example To copy a file from FTP to local storage on the device:
|
httpget
Downloads files using the HTTP protocol. |
httpget URL localPath
|
identify_activity
Identifies the current top activity on the device. |
identify_activity |
import_contacts_vcf This feature enables the administrator to add
Collation/Unicode in Minimum Agent: 15.2.4 Limitations/Constraints/Pre-requisites: This is a generic implementation. There is no OS or OEM limitation |
import_contacts_vcf <filePath>
1/0
<charsetName> Where:
Example
|
install
Installs an application on the device. |
install appInstallerPath
Where appInstallerPath is the full path to the application installer file on the device Example To install the Gmail app located on an SD card:
|
install_system_update
Installs a system update from the specified file. This command
supports the following OEMs:
Note: Do not use this command on encrypted devices. Use
the
sendintent command instead. |
install_system_update
filename
Example To install a system update from a file on an SD card:
Note: If
/sdcard/Download does not work, use
/storage/sdcard0/Download instead, as
in:
|
lock
Turns the device screen off and locks the device until the device user enters the correct password. |
lock
|
log
Sends a custom message to the SOTI MobiControl deployment server from the device. This message appears in the Logs tab of the Device Information panel in the SOTI MobiControl console. |
log type
message
Where
Example To send a notification to the SOTI MobiControl console at certain intervals during a software push: Note: Put the
command in the pre-install script
|
mxconfig
Submits XML configuration instructions to the MX layer of the device. Note: This script command is only applicable on Zebra
Android devices.
mxconfig uses the StageNow XML
format (MXMS) |
mxconfig xmlFilepath
Example
|
notify kiosk
Enables or disables lockdown mode on the device. |
notify kiosk on | off
|
read_activities
Lists all the activities of an application package. |
read_activities packageName
|
request_appops_permission
Sends a request to the device prompting the user to grant the specified permissions. |
request_appops_permission
permissionName where the
permissionName can be one of:
Where possible, the permissions are granted silently. |
request_appops_permission android.permission.SYSTEM_ALERT_WINDOW allow
<Package_ID> Note: This command
is supported in Android Enterprise Work Managed, Android
Classic, and in the external agent (that is, COPE Work
Managed) insideagent request_appops_permission
android.permission.SYSTEM_ALERT_WINDOW allow
<Package_ID> Note: This command
is supported in the internal agent (that is, COPE Work
Profile). Enables any third-party application (this applies to the SOTI MobiControl agent as well) to silently display over other applications across all Android devices. Minimum Agent: 15.1.5 Plugin Versions: 1.15.1.102 (recommended for silent granting) Devices supported: Android Enterprise with plugins (DO, COPE) and Android Classic devices Android OS: 6 and later OEMs Supported: Samsung, Zebra, Google, Honeywell (This feature is not OEM specific) |
Example:
|
request_appops_permission android.permission.SYSTEM_ALERT_WINDOW disallow
<Package_ID> Note: This command
is supported in Android Enterprise Work Managed, Android
Classic, and in external agent (that is, COPE Work
Managed) insideagent request_appops_permission
android.permission.SYSTEM_ALERT_WINDOW disallow
<Package_ID> Note: This command
is supported in internal agent (that is, COPE Work
Profile). Disables the ability of any third-party application (this applies to the SOTI MobiControl agent as well) to silently display over other applications across all Android devices. Minimum Agent: 15.1.5 Plugin Versions: 1.15.1.102 (recommended for silent granting) Devices supported: Android Enterprise with plugins (DO, COPE) and Android Classic devices Android OS: 6 and later OEMs Supported: Samsung, Zebra, Google, Honeywell (This feature is not OEM specific) |
Examples:
|
request_bug_report
Requests permission from the device user to send bug reports back to SOTI MobiControl. |
request_bug_report
|
reset
Performs a soft or hard reset of the device. |
reset [/s | /H | /W | /E] [/delaysec]
Where:
On Android Plus devices, it is possible to specify a
If Example To soft reset a device:
To reset an Android Plus device to its factory settings in 30 seconds:
|
_resetfailedrcdetectionflag
Resets the remote control detection attempt counter. |
_resetfailedrcdetectionflag
|
resetwifiproxy
Clears proxy configuration settings for the specified SSID (which should exist on the device before sending the command). Note: Supported on devices running Android 4.0 or
later.
|
resetwifiproxy ssid
Example To reset a proxy configuration for SSID 105:
|
restartagent
Restarts the device agent. |
restartagent
As of Android agent v14.3.1, the agent waits until it is idle
before it restarts (generally less than 10 seconds). Add
|
sendinfo net.soti.action.hub ENABLESCREENCAPTURE
Controls whether device users can take screen captures within the SOTI Hub app. Note: If you
disable screen capture, there may be a blank screen if you
remote control a device and open a file in SOTI Hub.
|
sendinfo net.soti.action.hub ENABLESCREENCAPTURE 0 | 1
Where:
Example To block a device user from taking screenshots within the SOTI Hub app:
|
sendinfo net.soti.action.surf BROWSERZOOMLEVEL
Sets the zoom level in the SOTI Surf app. |
sendinfo net.soti.action.surf BROWSERZOOMLEVEL
value
Where value is a percentage that represents the level of zoom. Example To set the zoom level of the SOTI Surf app to 400%:
|
sendinfo net.soti.action.surf
DISABLEBROWSERZOOMGESTURE
Controls whether device users can use gestures (like pinch to zoom) to magnify web pages opened in the SOTI Surf app. |
sendinfo net.soti.action.surf DISABLEBROWSERZOOMGESTURE
0|1
Where:
Example To disable zoom gestures in the SOTI Surf app:
|
sendinfo net.soti.action.surf DISABLEMEDIAAUTOPLAY
Turns on or off media autoplay and controls SOTI Surf access to the device camera. |
sendinfo net.soti.action.surf DISABLEMEDIAAUTOPLAY 0 | 1
Where Example To turn on media autoplay and grant SOTI Surf access to the device camera:
|
sendinfo net.soti.action.surf
DISABLEPULLTOREFRESH
Controls whether device users can swipe downwards on their screen to refresh the current webpage in the SOTI Surf app. |
sendinfo net.soti.action.surf DISABLEPULLTOREFRESH
0|1
Where:
Example To disable the pull to refresh gesture in the SOTI Surf app:
|
sendinfo net.soti.action.surf ENABLETHIRDPARTYCOOKIES
Controls whether cookies from third-party domains (that is, domains beyond the site the user is visiting) are blocked on SOTI Surf. |
sendinfo net.soti.action.surf ENABLETHIRDPARTYCOOKIES
0|1
Where:
Example To allow third-party cookies in the SOTI Surf app:
|
sendreport
Sends a debug report from the device agent to the SOTI FTP server. |
sendreport
|
set_system_update_policy
Configures the system update policy for Android devices with work feature enabled. Note: Supported on Android Enterprise
Managed Devices running Android 6.0 or later with an agent of
13.8.x or earlier.
Devices with later agents (13.9.0+) should
use either |
set_system_update_policy policy type [startTime]
[endTime]
Where:
Note: Windowed policy measures time parameters as the number of
minutes from midnight in the device's local time. They range
from 0-1440. If the start and end times are the same, the window includes the whole 24 hours, that is, updates can install at any time. If the start time is later than the end time, the window spans midnight. Example To set the system update policy as default:
To set the system update policy as windowed with the maintenance window set to occur from 11 PM to 3 AM:
|
set_configurable_kiosk_splash This feature enables the administrator to suppress or change the SOTI agent logo while in kiosk mode. Minimum Agent: 15.2.4, same as lockdown Plugin Versions: Not required Devices supported: Android Classic and Android Enterprise DO Android OS: same as lockdown |
Where:
Examples
Note: The script fails if you do not supply an argument.
|
setwifipacurl
Sets WiFi proxy settings using a provided PAC file. The access point ID should exist on the device before sending this command. Note: Supported on devices running Android
4.0.
|
setwifipacurl ssid PACfileURL
Example To set up a WiFi proxy using a PAC file:
|
setwifiproxy
Sets WiFi proxy settings using a provided host and port for the specified SSID. The access point ID should exist on the device before sending this command. Note: Supported on devices
running Android 4.0.
|
setwifiproxy ssid host port
Example To set up a WiFi proxy:
|
showmessagebox
Displays a message box on the device screen. Note: The Android
Plus agent has the following limitations:
|
showmessagebox message [timer]
[type] [default
button] [action]
Where:
The return values for the
Example To show a simple message:
To provide device information using a macro:
To set a 3-second timer to your message:
To add YES and NO buttons to your message box with no timer
To provide follow-up actions to a user's response to a message box:
|
sleep
Initiates sleep mode on the device for a set period. Only use this command in scripts. |
sleep [length]
Where length is in seconds Example To set the device to sleep for 5 seconds:
|
sleepex
Initiates sleep mode on the device for a set period. Only use this command in scripts. |
sleep [length]
Where length is in milliseconds Example To set the device to sleep for 3.5 seconds:
|
turnoff
Turns off the device. Note: Script to
turn off device works only for Lenovo managed devices with an
activated license.
|
turnoff [delay]
Where Example To turn off the device:
To turn off the device in 25 seconds:
|
uninstall
Removes the specified program from the device. |
uninstall program
[force]
Where:
Example To remove the program Google Maps:
|
unlock
Unlocks the device and dismisses the password lock screen. |
unlock
|
wifiapenable
Enables or disables a WiFi mobile access point. Note: Supported on devices running Android 4.0 to
8.0.
|
wifiapenable 0|1
Where Example To disable WiFi:
|
wipeapplication
Wipes application data for the specified application from the device. |
wipeapplication packageName
|
writeprivateprofstring
Saves or deletes specified settings on a device. See The writeprivateprofstring Command for more information. |