Forum Discussion
Knox 3.11, SDK restrictions for Android 15
Hello everyone ,
Does anyone use knox sdk restricted method ? We have an app that has a driving mode and the apps is used for security purpose . Of course the app use know high restrictions feature like disable apps or enable/disable voice restrictions . Our xcover on android 15 , we have a message error that's say the app is not running in device owner mode : SecurityException: Caller is not DO or PO or KPU.
According to Samsung post here , our app in android 15 will loose many restrictions we use .
My question is how we can update to android 15 ? Our device is managed by Ivanti . The device owner of our device is the ivanti app and thus it can use knox sdk restrictions . I am pretty sure we can't have 2 apps being device owner if i am not wrong but i didn't find the proof yet .
Sounds like the solution is to manage our device with only our EMM which doesn't satisfy our needs .
Does anyone have any other idea ? It's a specific case actually .
Yes i think it's the best solution . I have found the Google docs documentation . It confirms that only one app can be device owner .
Our driving app is used by different company with different EMM , we need to work with different EMM to provide all the security feature that we needs .
6 Replies
Are you still on Device Administrator enrollment mode, you should switch to Android Enterprise enrollment. Looks like Android Enterprise phones will work the same as earlier.
https://www.ivanti.com/webinars/2021/the-shift-from-device-administrator-da-method-of-management-to-android-enterprise
https://blog.google/products/android-enterprise/da-migration/Actually our terminal use android entreprise , we use KME and we use Ivanti as our EMM agent . And our app was installed as a device admin and use sdk know restricted method .
As fas as i know , i am forced to declare one app as device owner during the provisionning process .
My only choice now it's either to exclude Ivanti , and our app will manage our app completely with policies, wipe , configuration etc ... Or we keep using Ivanti but we need to find a workaround .But as you see in the website you provided, DA has no access anymore with Android 15, it must be the owner, no matter if DO or PO to have the relevant permissions.
