Shared Device Configuration

Use the Shared Device Configuration dialog box to configure how shared devices behave when accessed by authorized users.

Note: Settings may differ depending on the selected device family.


Override Settings Inherited from Parent Group '`device group name`'	Turn on to ignore settings inherited from parent device groups. This option displays only in nested device groups.
Apply changes to all child groups and devices	Turn on to cascade settings specified here to all nested devices and device groups.


Enable Shared Device	Select this option to enable the Shared Device advanced configuration.
Single Sign-on (SSO) authenticator app	Choose the type of SSO authentication for the shared device.
None	Do not use SSO authentication.
Microsoft Authenticator	Use Microsoft Entra ID for SSO authentication.
Imprivata MDA	Use Imprivata MDA for SSO authentication.
Add Groups Directory Service Identity Provider	Select to choose either Directory Services or Identity Provider from the dropdown list. If you have not configured a directory service or IdP, you can set up a new connection by selecting Manage Directories. Refer to Identity Management for instructions on how to associate your identity management system with SOTI MobiControl.
`User Group Mapping`	Refer to this table to determine the device group each user group will be assigned to when logging in. You can map each user group to a different destination device group with different terms and conditions. For example, you can specify that the devices logged into by users in the `IT` user group should move to `Group B` upon login. Group B has lockdown and some feature control options configured. Then, specify that users in the `Sales` user group should move to `Group C` upon login. Group C has lockdown and VPN profile configurations applied and a more frequent check-in schedule. Choose a terms and conditions document from the dropdown list.
Log out automatically after a set period	Enable this option to log out a user after a set period.
Log out automatically when inactive	Enable this option to log out a user after a device is inactive for a set period.
Relocate device back to home device group on logout	Enable this option to send the device back to its original group once the device user logs out. Settings and configurations specific to the destination group get replaced by those of the home group.
Execute script on logout	Enable this option to execute a script when the shared device logs out. For the Script type, you can choose from: Legacy JavaScript You can also select Manage Scripts to add/edit/delete a script. See Manage Scripts for details. From the dropdown menu beside Execute Script, choose a script to use. Preview the script to confirm its contents.
Manage app data on logout	Enable this option to clear or retain app data for all applications or for specific ones when a device user logs out of Shared Device mode. Primary tab options: Clear data: clears app data for the apps Retain data: retains data for the apps Secondary tab options: All apps: Clears or retains data for all apps applied on the group that the device belongs to. Specific apps: Clears or retains data for specific apps configured by the user. Note: Email account data is always cleared regardless of these settings. See Manage App Data On Shared Device Logout for more information.
Disable device passcode when user logs out	Enable this option to clear the passcode from the device once the device user logs out. Note: This option is only supported on iOS devices or Samsung devices running Android 7.0 or later.