Disabling MAC Address Randomization for Non-Samsung Devices.

MDauffenbach
Level 2.0: Eclair

Hi all,

 

I am looking for a way to disable MAC Address randomization on some fully managed Honeywell CK65 devices that are running Android 9,10, or 11. These are fully managed and we use VMware WS1 as our EMM.

 

I can't find any documentation for this outside of some Samsung specific documentation that involved the use of KSP.

Appreciate any suggestions.

9 REPLIES 9

Moombas
Level 4.0: Ice Cream Sandwich

I know that this is possible in the MDM we use so there must be a way.

But I'm pretty sure (even in our case it's a MDM specific script) that it's finally an intent or so which can be send to the device. But i don't know it, sorry. Just found this: https://developer.android.com/reference/android/net/wifi/WifiConfiguration.html#setMacRandomizationS... but it seem to be depreceated and used another way but as I'm not very firm with this maybe someone else can help here.


I also know that for Zebra devices, the Zebra StageNow can disable this as well, not sure about the Honeywell Staging tool possibilitys but haven't found anything yet.

jasonbayton
Level 3.0: Honeycomb

From what I've gathered this setting is OEM dependent on customDPC vendors like VMware, Ivanti, etc, and only supported as a config natively with AMAPI. 

 

@Lizzie are you able to verify this please? 

Moombas
Level 4.0: Ice Cream Sandwich

@jasonbayton I think we don't speak (only) about enrollment (please correct me @MDauffenbach if I'm wrong).

Mobicontrol also can do this (if device is enrolled already) via scripting.

It would be ideal to do it post enrollment but if Honeywell has a way to do it during that may still suffice in the long run. We are not currently using any specific Honeywell staging tools though so I may need to dig into this.

CoreyC
Google Community Manager
Google Community Manager

Hey All, 

 

So as far as I'm aware we don't have a way to disable MAC randomization on 9, 10, or 11 but its something we added in 13 with setMacRandomizationSetting. Specific OEMs (like Samsung or Zebra) may have an option to disable randomization prior to 13.

 

That being said the randomized MAC is persistent per managed SSID (until factory reset) and your EMM should be able to use getRandomizedMacAddress()  to get the randomized MAC for the network on configuration. So in theory although the MAC address is randomized it should be easy enough for your EMM to get it and pass it to your network management system. Would the persistent randomized MAC address work for your use case?

MDauffenbach
Level 2.0: Eclair

That leaves me in a tight spot. As of now Honeywell does not have an Android 13 build for these devices and their current Android 12 build is broken and not usable in my testing.

This ask comes from our Networking Team as they are trying to track down significant issues with packet drops and one thing they have noticed is the devices changing their MACs on a pretty fast interval possibly leading to connection drops.

CoreyC
Google Community Manager
Google Community Manager

Feel free to DM me if we need to look into this further. But the randomized MAC is persistent for each SSID so unless these devices are being factory reset frequently the MAC should not be changing.

AdamBarnier
Level 1.5: Cupcake

Honeywell does not use MAC address randomization on our devices on Android 9, 10, 11 or 12. The device will always use the Hardware MAC address for all connections. The device however will respond to the getRandomizedMacAddress() call with a randomized address but the device is not using it.

Thanks, I actually discovered this this past week while I was on-site and doing some testing/configs with the devices.

However, I did note this behavior only seems to be for Version 11 which is what we are standardizing on at the moment. I had a hard time tracking down down some that were still on 9, or 10 that were showing a randomized MAC.