How can I get hold of (or bypass) the Android DPC Support Library?

Q

2

9

I'm trying to implement an MDM client app for Android, known in the Android For Work world as a Device Policy Controller or DPC. Google's documentation for building a DPC is here.

The documented process begins with downloading the DPC Support Library. Unfortunately, the download link they provide (to the "EMM Community's Technical Integration" section) doesn't work: you're prompted to log in with a Google account, but after doing so I see this:

We’re sorry...

...but it looks like you don’t have access to this place or content. If you think you should have access to this space, try logging out and back in again using your account menu accessible by clicking your avatar in the top right corner of this page. If this issue persists, please notify your Support Representative and we will troubleshoot further.

Others have had the same problem: there's an issue ticket raised here which is only 2 months old, has no answer but for some reason has been marked Assumed Answered and then ignored.

The steps documented here make it very clear that the DPC Support Library is a required part of the process, and don't describe any alternatives to using it.

So, how do I get hold of the DPC Support Library? Can it be obtained anywhere else? Or failing that, how do I find out what it does so I can reproduce those steps manually in my own code?

Some steps I've already tried:

I have successfully registered for the EMM Community and have access to the EMM API. (i.e. I get a valid response now from Enterprises.generateSignupUrl, and no longer the dreaded "The caller is not registered as an MDM".) That in itself was a long and frustratingly opaque process.
I have built and run the googlesamples/android-testdpc app and looked through the source code. Unfortunately this is a client-only demo: it doesn't communicate with an EMM server and doesn't use the DPC Support Library. Specifically, it doesn't obtain an authorisation token in order to provision a work profile on the device, as documented here.
I have played with the public EMM demo system and its DPC app. That seems to be doing things properly, but as it's closed-source I can't look at the code for either client or server.

Quiescent answered 14/7, 2017 at 9:31 Comment(5)

How much time does it took you to go through whole process of registering for the EMM Community? I am now developing an app for COSU devices. The deadline is like 3 month and I am unsure whether it is possible to become an EMM and do all the testing and go into production. – Veraveracious 1/8, 2017 at 14:23

It took a long time, several weeks at least. It was incredibly frustrating. The process involved a number of emails to/from Google but every time we sent one we'd wait weeks for a reply. They don't seem committed to this programme at all. Example: after we submitted the EMM Community Participant Onboarding Form the site said "If you do not receive any email within 2 business weeks please resubmit this form." We didn't hear anything, so 2 weeks later we resubmitted and got a reply the same day. We got a strong sense they'd just ignored our original submission and caused an extra 2-week delay. – Quiescent 1/8, 2017 at 14:34

Thanks! Do you know whether it is possible to build a custom DPC app without EMM community? I am OK with the DPC be limited in functionality and I don't care about possibility of remote managing. I just want a robust, controllable and safe way to go into kiosk mode. – Veraveracious 1/8, 2017 at 14:58

Not that I'm aware of. You can use the DevicePolicyManager class to create a device administrator app but I don't think that will help with COSU at all - it's more for remote admin (device lock, wipe, password policy, etc.). – Quiescent 2/8, 2017 at 8:34

@MarkWhitaker, How did you get rid of this error "The caller is not registered as an MDM"? I created MSA and now on using Enterprises.generateSignupUrl I am getting this error. – Skardol 15/11, 2017 at 11:3

Q

4

Well I now have access, so in that sense I have an answer, but I don't know how useful it'll be to others.

A Google representative replied to my forum post here and granted my organisation access to the EMM Community. Once that was enabled, the steps were as follows:

Create a new Google account using my work e-mail address
Sign into the Cloud Connect portal with that account
Click on EMM Community
Scroll down to the Featured Technical Guidance section and look for the DPC Support Library download link

Quiescent answered 29/9, 2017 at 8:41 Comment(0)

T

0

An alternative to build your own Device Policy Controller app is to use the Android Management API and therefore not have to use the DPC Support Library. This API doesn't have all the features you can get by building your own Device Policy Controller app, but is significantly simpler to implement.

Tanked answered 11/8, 2017 at 10:18 Comment(0)

Recommended topics

Hot tags