Hello I tried the new version and these are the results:

Failded to enroll device: The app inform: "Internal Error, please try again"

The logs are the following:

android.log

I performed a GLPI reinstall and update with the following environment: - Flyve Mobile Device Management | 2.0.0-dev - FusionInventory | 9.2+1.0 - Updated composer to version 1.6.4 on Ubuntu 16.04

And the Android enrollement succeded.

I tested also some fleet policies: (NG) = Not good - File deployment - OK - Disable Airplane mode - NG - Wifi hotspot and tethering - NG (it disables completely wifi) - Disable screen capture - NG - Disable SMS - NG

Hi,

Are you installing the mdm agent as system app?

Some system apps are more system than others.

"signatureOrSystem" permissions are no longer available to all apps residing en the /system partition. Instead, there is a new /system/priv-app directory, and only apps whose APKs are in that directory are allowed to use signatureOrSystem permissions without sharing the platform cert. This will reduce the surface area for possible exploits of system- bundled applications to try to gain access to permission-guarded operations.

The ApplicationInfo.FLAG_SYSTEM flag continues to mean what it is says in the documentation: it indicates that the application apk was bundled on the /system partition. A new hidden flag FLAG_PRIVILEGED has been introduced that reflects the actual right to access these permissions.

Reference: https://stackoverflow.com/a/20104400

btw, I edited your comments
I replaced the log messages with a file attached. Try to do the same for the next reports.

The process I am using to install the mdm agent app it's using google store (as a beta tester). Do you recommend another process?

I also review the security settings and the mdm agent appears as a device manager.

Hello thanks for the review!

We have 2 types of policies:

• System policies (you need to be root or install or /system/app||priv-app)
• Admin policies (you can run directly from Google Play)

This is the list:

Admin policies

• Password enabled
• Password quality
• Password minimum length
• Password minimum lower case
• Password minimum upper case
• Password minimum non letter
• Password minimum letters
• Password minimum numeric
• Password minimum symbols
• Maximum failed passwords for wipe
• Maximum time to lock
• Storage encryption
• Disable camera
• Deploy app
• Remove app
• Deploy file
• Remove file
• Disable screen capture
• Use TLS
• Disable statusbar
• Disable speakerphone
• Disable bluetooth
• Disable wifi
• Disable mobile line

System policies

• Disable NFC (system)
• Disable Usb Mtp (system)
• Disable Usb Ptp (system)
• Disable Usb Adb (system)
• Disable create VPN Profiles
• Disable airplane mode (system)
• Disable GPS (system)
• Disable Hostpot/Tethering (system)
• Disable roaming (system)

• To disable the airplane mode you need to be root or install on system you can find more information about how to install on system here: http://flyve.org/android-mdm-agent/howtos/installation

• Disable screen capture - requiere API level 21 but I'll double check this policy to be sure is working fine

• Disable SMS - This policy is not fully implemented at this moment we think this policy will be available on the next release

great thanks for the reference, I think we can close this issue

Hello thanks for the review, please check if the new version of the agent still has this problem:

https://play.google.com/apps/testing/org.flyve.mdm.agent

Thanks!

I received the same internal error message.

Here are some logs of the application using ADB android.log

Thanks for the complete report, today I make a new version with an improvement about your issue but I cannot reproduce exactly on my environment, please review again:

https://play.google.com/apps/testing/org.flyve.mdm.agent