I have an application which runs on an Android phone. The idea is the phone really just acts as a screen from a user's point of view then the app does all the work in the background and controls a 3rd party Bluetooth device which enables or disables a vehicle/forklift based on a series of questions the user answers on the phone by swiping left or right.
Using Knox EnterpriseDeviceManager we restrict just about all phone hardware input like so disable the Home button, power button, back button (in some cases), volume button, XCover button etc. and a bunch of other stuff.
The problem I am trying to solve now is to suppress the popup message that gets displayed on the screen when there is a new firmware update.
Using the RestrictionPolicy I have tried the following:
var enterpriseDeviceManager = new EnterpriseDeviceManager(Application.Context);
//Set whether users can use Android Settings to enable OTA updates, which includes firmware, security patches, bug fixes, apps, and so on.
enterpriseDeviceManager.RestrictionPolicy.AllowOTAUpgrade(false);
//Set whether users can recover the device firmware update from download mode (ODIN).
enterpriseDeviceManager.RestrictionPolicy.AllowFirmwareRecovery(false);
I have also tried to limit the allowed installed version by doing the follwoing:
var bundle = new Bundle();
var str_corpId = "MDM_ID/Customer_ID/Group_ID";
bundle.PutString(RestrictionPolicy.UpdateFotaCorpid, str_corpId);
var result = enterpriseDeviceManager.RestrictionPolicy.SetAllowedFOTAVersion("G390YDXU1AQC4", bundle);
However, I believe this only restricts the user from doing OTA updates under settings themselves. This still allows the popup message to be displayed by Android when a new firmware update is available.
Can anyone suggest a way how we can suppress that message and prevent the phone from prompting a user to update?
I realize updates are important but for this particular use case, we don't want to update these devices in the field.
Thanks,
If you are using the Knox Configure portal to manage your devices there is an option when creating a profile to do that. So you don't need to do it programmatically.
It is in Restrictions > Security > Disable Software Updates