No Matches Found!
Try with a different search term
No Matches Found!
Try with a different search term
There's a new home for Articles. Find Articles on Our Product Support Page.
Hi All,I have roughly 700 Samsung A14 devices running on Android 13 TP1A.220624.014.A146PXXS5BWK1Mobi Version: 15.6.6.1010We need to turn off "Lock instantly with side key" on our devices. Does anyone have a script that would do this?Cheers
hi soti support i have case with sentintent mysystem agent version MobiControl net.soti.mobicontrol.elm.samsung15.1.0 Build 1045 server servion soti 15.3 os version 8.0.0 Brand samsung this script sendintent -b "intent:#Intent;action=soti.imei.ACTION;S.imei=%IMEI%;component=bundle.id.app/.MyReceiver;end;" script success but imei do not broadcast into application
Hello, I am using the REST API to create a Certificate Authority in MobiControl. I have successfully called the APIs to create the CA (adcsHttps), add the root certificate (adcsRootCertificate) and add the template information (certificateTemplates). The final piece to complete this for me is to add the enrollment certificate to the CA. This is done using adcsEnrollmentCertificate. I have followed the documentation and formatted the request exactly as required, however I keep receiving an Internal Server Error (500). Can anyone offer me some advice on how to debug this? I have made sure the certificate pfx file does not contain and certificate chains (this is a requirement). And the Certificate Authority created in MobiControl from this script will allow me to manually load the enrollment certificate pfx after the script is run (so I'm pretty confident its not the format of the PFX file). Here is a snippet of my code (Powershell): $EnrollmentCertificatePath = "C:\Test\enrollment.pfx" $RootCertificatePath = "C:\Test\rootca.der" $EOL = "`r`n" # # Create Certificate Authority # $AuthHeader = @{} $AuthHeader["Authorization"] = "Bearer <AuthToken>" try { $CreateCABody = @{} $CreateCABody["ReferenceId"]=$null $CreateCABody["Name"]="MY NEW CA" $CreateCABody["CertificationAuthorityType"]="AdcsPkiHttps" $CreateCABody["PolicyServiceUrl"]="https://cesserver.com/ADPolicyProvider_CEP_UsernamePassword/service.svc/CEP" $CreateCABody["EnrolmentServiceUrl"]="https://cesserver.com/CESSERVER_CES_UsernamePassword/service.svc/CES" $CreateCABody["RootCertificateInfo"]=$null $CreateCABody["EnrolmentCertificateInfo"]=$null $CreateCABody["AuthenticationType"]="UserNamePassword" $CreateCABody["CertificateInfo"]=$null $CreateCABody["UserName"]="cesuser" $CreateCABody["Password"]="password" $CreateCABody["CloudLinkAgentName"]=$null $CreateCABodyJson = $CreateCABody | ConvertTo-Json $adcsHttps = "https://mobicontrol-server/MobiControl/api/certificateManagement/certificationAuthorities/adcsHttps" $result = Invoke-restmethod -Uri $adcsHttps -ContentType "application/json" -Method POST -Headers $AuthHeader -body $CreateCABodyJson $ReferenceId = $result.ReferenceId Write-Host "Success: New CA created - Reference ID: $ReferenceId" } catch { $_.Exception.Message exit -2 } # # Set the root CA certificate for the new CA # $Base64EncodedRootCaFile = [Convert]::ToBase64String([IO.File]::ReadAllBytes($RootCertificatePath)) Write-Host "Extracted root CA file contents (base64) - Reference ID: $Base64EncodedRootCaFile" $CerFilename = 'rootca.cer' $AdcsRootCertBody = $EOL + "--mc_boundary" + $EOL $AdcsRootCertBody += "Content-Type: application/pkix-cert+json" + $EOL $AdcsRootCertBody += "{ `"filename`": `"" + $CerFilename + "`" }" + $EOL + $EOL + $EOL $AdcsRootCertBody += "--mc_boundary" + $EOL $AdcsRootCertBody += "Content-Type: application/pkix-cert" + $EOL $AdcsRootCertBody += "Content-Transfer-Encoding: base64" + $EOL $AdcsRootCertBody += "Content-Disposition: attachment; filename=`"" + $CerFilename + "`"" + $EOL + $EOL $AdcsRootCertBody += $Base64EncodedRootCaFile + $EOL + $EOL + $EOL $AdcsRootCertBody = $AdcsRootCertBody + "--mc_boundary--" + $EOL try { Write-Host "Body for AdcsRootCert is:" Write-Host $AdcsRootCertBody Write-Host "..." $adcsRootCertificate = "https://mobicontrol-server/MobiControl/api/certificateManagement/certificationAuthorities/$ReferenceId/adcsRootCertificate" $result = Invoke-restmethod -Uri $adcsRootCertificate -ContentType "multipart/related; boundary=mc_boundary" -Method POST -Headers $AuthHeader -body $AdcsRootCertBody Write-Host "Success!" } catch { $_.Exception.Message exit -3 } try { $TemplateBody = @{} $TemplateBody["Name"]="User Template" $TemplateBody["CertificationAuthorityReferenceId"]="$ReferenceId" $TemplateBody["CertificationAuthorityTemplateName"]="UserTemplate" $TemplateBody["CertificateTarget"]="Device" $TemplateBody["SubjectTemplate"]="CN=test" $TemplateBody["AlternativeSubjectTemplate"]=$null $TemplateBody["KeySize"]=2048 $TemplateBody["ShouldRemoveAfterRenewal"]=$true $TemplateBody["UseAutoRenewal"]=$true $TemplateBody["NumberOfDaysForAutoRenewal"]=60 $TemplateBody["PreservePrivateKey"]=$true $TemplateBody["Disabled"]=$false $TemplateBody["PublishToLdap"]=$false $TemplateBody["KeyProtection"]="Protected" $TemplateBody["HashAlgorithm"]="Sha1" $TemplateBody["ValuePeriod"]="Days" $TemplateBody["ValuePeriodUnits"]=0 $TemplateBody["RequireUserAuthentication"]=$false $TemplateBodyJson = $TemplateBody | ConvertTo-Json $certificateTemplates = "https://mobicontrol-server/MobiControl/api/certificateManagement/certificationAuthorities/$ReferenceId/certificateTemplates" $result = Invoke-restmethod -Uri $certificateTemplates -ContentType "application/json" -Method POST -Headers $AuthHeader -body $TemplateBodyJson } catch { $_.Exception.Message exit -5 } # # Set the enrollment certificate for the new CA # $Base64EncodedEnrollmentCertFile = [Convert]::ToBase64String([IO.File]::ReadAllBytes($EnrollmentCertificatePath)) $AdcsEnrollmentCertificateBody = "--mc_boundary" + $EOL $AdcsEnrollmentCertificateBody += "Content-Type: application/x-pkcs12.metadata+json" + $EOL $AdcsEnrollmentCertificateBody += "{`"filename`": `"enrollment.pfx`", `"password`": `"mypassword`"}" + $EOL + $EOL + $EOL $AdcsEnrollmentCertificateBody += "--mc_boundary" + $EOL $AdcsEnrollmentCertificateBody += "Content-Type: application/x-pkcs12" + $EOL $AdcsEnrollmentCertificateBody += "Content-Transfer-Encoding: base64" + $EOL $AdcsEnrollmentCertificateBody += "Content-Disposition: attachment; filename=`"enrollment.pfx`"" + $EOL $AdcsEnrollmentCertificateBody += $Base64EncodedEnrollmentCertFile + $EOL + $EOL + $EOL $AdcsEnrollmentCertificateBody += "--mc_boundary--" try { Write-Host "Body for adcsEnrollmentCertificate is:" Write-Host $AdcsEnrollmentCertificateBody Write-Host "..." $adcsEnrollmentCertificate = "https://mobicontrol-server/MobiControl/api/certificateManagement/certificationAuthorities/$ReferenceId/adcsEnrollmentCertificate" Write-Host "Posting: $adcsEnrollmentCertificate" $result = Invoke-restmethod -Uri $adcsEnrollmentCertificate -ContentType "multipart/related; boundary=mc_boundary" -Method POST -Headers $AuthHeader -body $AdcsEnrollmentCertificateBody Write-Host "Success!" } catch { # THIS IS WHERE WE END UP WITH AN INTERNAL SERVER ERROR (500) Write-Host "Failed to import the PFX file. Ensure the password is correct and that the PFX file does NOT contain CA certificates" $_.Exception } Thanks! Andy
We are trying to move away from Clasic Enrolment (where we have to side-load all the application via Profile / Package) to a more robust deployment (via Enterprise Google Play Store). I've managed to create the binding between the MDM and Google Play Store and get any application available in Google Play Store to get installed on the Work Profile (we are using COPE- Corporate - Personal Enrolment method). I was also able to upload a custom Android application via the same method. The issue surfaced when I've try to upgrade the custom application to a new version. When attempt to edit the custom application and load the new apk, I am getting Cannot update a published APK.
Hi, Is it possible to turn off Android Fully Managed device in Single App User mode from device side? How?
Hi, I had problems registering a Windows device and an error message like this appeared.
Hi I would like to add the action "Troubleshoot Shared Device" to a menu item in a lockdown. Happy if this could be done via a script/action/intent etc Does anyone have any idea about this> Thanks Ada
Hello Team, We are looking for auto reinstall app options when device moving from folder A to B. Since we have relocation rules on ip based and when device moves it get automatically relocated to particular folder so previous user data on device and logged in app so wanted to just reinstall to erase\refresh the app while moving from one location to another location. So is there any rules, features or option that provide app auto reinstall while it moving.?? Thank you.
Hello, I'm running into a strange issue where opening a standard web link URL from a kiosk lockdown in SOTI Surf results in the error "Check your browser's privacy settings to use camera". This is on Android Zebra TC56J on OS 8.1.0 and agent version 2024.1.4.1149. SOTI server is 2024.0.0.1075 on premises. Anyway, I have added all instances of any installed camera apps to the lockdown screen (just not in the XML layout so they don't show as shortcuts) in addition to SOTI Surf itself. The site and all subdomains of it are whitelisted. I cannot find any setting that would prevent the camera from working. Does anyone have some ideas to check? Thanks! All camera apps and surf added to home screen:
Hi, I want to make a link in the template to allow user to go back to the website (internal) if they use the back button. Chrome is open at the startup and it is working fine (webpage defined as homepage) but when I set a template with a simple link, it open in the internal browser and the page is not working (I think it use Surf). I want that link to open Chrome or switch back to it to allow the webpage to work. I tried the Intend, browsers and other possibilities but those are only for the Custome home page and the link is not working. Enable Single App Mode get me a black screen instead of Chrome. So how to set a Template to open a web page in Chrome and not in Surf? Or how to prevent user to use the back button and be stuck on the template page? Regards, Michel Leclerc
Hi, We are facing an issue where the wallpaper doesn't apply during lockdown. However, if the device is in Admin mode, I can see the wallpaper and the lockscreen, but in lockdown, it just shows a black background. I know that we can add code to the lockdown template to fix this, but I would like to know if there is an easier method to add the wallpaper to the lockdown screen as well.
Hi guys, I need to understand how to keep already installed certificates visible (after migrating from A11 to A13) on the device in the setting UI: Settings/Security/More security settings/Encryptions & credentials/Trusted credentiakls/Tab User My customer uses cert provisioning via SOTI profiles "Certificates". Now, the issue is it is a Zebra SD660 (e.g. TC57x) device that has been migrated from A11 to A13 latest patch levels each. It is known that regarding the encryption method change from Full Disk Encryption (FDE) to File Base Encryption (FBE) there will be an enterprise reset performed prior to reboot into A13. Luckily SOTI agent and wifi profile keeps fully installed and survive the migration. Using the Zebra provided ZCP (Zebra Conversion Package) shows the same result. Anyway, ZCP is not an option. In essence all certificates previously installed also keep valid and working. But: The user certs do not show up in the settings UI of the device anymore. This is seen as crucial problem because in any case of an issue the support person will check certificate in this UI via a remote control session. The alternative to (re-)install certs via StageNow CertMgr is no option - certs are only allowed to be installed via SOTI profiles / SCEP. Hope somebody out there have solved similar issue. All best from Germany Jörg
Hi, I have SOTI Surf configured and in my site I have an option to download a PDF file. But everytime I click on download button it downloads the file as a TXT. If I access the same site in Chrome I can download PDF file. Any idea how can I fix this? Thanks.
Hi, I enroll one Samsung SM-T540 in SOTI but my profile is not installed. Already try with different profiles, but it always Pending Install. I check the logs and see these messages: I have another two devices from same model and OS version and everything works fine. Already try to reset device and configure again, but the problem persists. Anyone know how can I fix this? Thanks, Miguel Machado
Hi, We have a mix of Android versions and I and would like to get all devices up to at least A11, starting to get A13 on devices returned from repair. We have been doing updates patching Firmware levels using FileSync and then a script to send the install_system_update command. So, what I am trying to confirm is if I can go from 8.1.0 directly to A11, or do I need to go to A10 first. I don't want the MC9300's to be factory reset. Versions we have currently: Android 8.1 patch version: 01-30-04.00-OG-U15-STD Android 10 patch version: 10-16-10.00-QG-U141-STD-HEL-04 Android 11 patch version: 11-39-27.00-RG-U00-STD-HEL-04 If we need to go from 8.1 to 10 do I need to install the latest 8.1 Lifeguard (U46) first and I have been told by one person that a special package is required, or do we just install the base 10-16-10 and then install Lifeguard 141? I assume the upgrade from A10 to A11 is to push the A11 Full Upgrade to the device and run it using a manual script? Thanks in advance. Andy
Top-tier experts who are delivering outstanding content. Should have more than 7000 points.
Experts who are consistent with great content. Should have more than 1000 points.
Highly experienced members with valuable inputs. Should have more than 700 points.
Beginners taking the initiative. Should have more than 500 points.
New contributors starting their journey. Should have more than 250 points.
