You are extremely lucky that your devices are Samsung S8 and S5, as Samsung is nearly the only device brand supporting your required feature in their firmware since very long time ago.  Most other Android device brands do not have such feature, and thus your discussion title is somewhat inaccurate, as "Disable Physial Power Button on Samsung Devices" seems to be much more appropriate.

Are you using OEM specfic Samsung ELM device agent or the generic Android-Enterprise device agent on your Samsung devices?

What are the version and build numbers of your device agents?

Hi Raymond,

Thank you for getting back to me on this.

I'm not too sure how to answer your call outs. When enrolling our devices, we use the AFW#mobicontrol enrollment path.

We then enter the enrollment ID when prompted.

Fairly new to SOTI, so if above does not answer your questions, let me know.

Thanks.

Edit: Checked one of the phones and saw the agent versions.

Agent Version: 14.4.0 Build 1028

Active MDM API: Samsung MDM 5.5, Samsung KNOX 2.4, Work MAnaged Device, RC1 (1.18.1.100)

Hi Lawrence,

From the active MDM API's mentioned in your post, it's confirmed that your device is in Android-Enterprise Managed-Device mode.

The "Disable Physical Power Button" is in Samsung device firmware, and has been supported on Android+ Samsung ELM device agents for many years.   However, my test done a moment ago showed that  this feature, unlike many other Samsung specific feature-control enhancements, has not yet been ported to the latest Soti Android-Enterprise device agent.  

Even if it is available, it should be noted that your devices will be out of power very soon unless they are being charged via USB cable all the time.  This arrangement is typical for tablets physically fixed in dedicated casing used in kiosk or signage.  As your devices are phone,  could you elaborate a little bit about the security risk concern without the requested feature? Maybe there are other implemented policies that can be used as workaround to reduce or eliminate such risk(s).

Raymond is right, in the past KNOX Standard SDK has this feature inside the KioskMode Class. We developed an application using the KNOX API to block this key and other in this project.

allowHardwareKeys

This SDK still activate, you need to creat a account for free on Samsung website, at this url:

https://developer.samsungknox.com/knox-sdk#get-started

After that you need to put your authorization code for KNOX SDK inside your app code and you are abble to use all KNOX SDK features, together with this method you can use MC to kill and start this application when it is necessary or start every time and fix it and use kill command to stop, for biggest projects you can send this kind of command throught the API and give some intelligence and trigger to it.

Hi Lawrence,

If you do not have the necessary coding skill to work on Knox SDK directly in your own apps, you can keep an eye on the latest Knox Service Plug-in (KS) app released by Samsung on the Managed Google Play store for Samsung Android-Enterprise devices.  Samsung is actively adding more options compliant to the OEMconfig/AppConfig framework in their KSP, so that MDM administrators can access many KNOX features without the need to do any coding.

Raymond is right, you always have different paths in this world of corporate mobility, understanding the scenario of the end user and the operations team to keep everything running is super important when creating the project.

You can register with Samsung tools such as Knox Configure which has the ability to even replace the Android loading logo during system boot for something customized, this type of function in Brazil is widely used by the pharmaceutical industry, in this case or use 100% Apple or 100% Samsung with their tools all in operation.

Hi Lawrence,

My company also sells Samsung  Knox Configure (KC) solution to some of our customers in Hong Kong.   While there are extra features available in KC, you should be aware that you need to buy one-off or subscription-based license for each device using KC.  You have to contact Samsung Knox reseller in your country. 

Hi Lawrence,

Thanks for posting in SOTI Central,

Thanks @Raymond and @Jorge for the suggestions. However, I would like to inform you that Mobicontrol do have the following Script to Block and Unblock the Power Button on the Andriod devices. I have tested the following script on one of the Samsung devices and got a message ("Security Policy prevents use of this Hardware key" ) while accessing the Power Key .

Block the Power button
hardwarekeys -keys 26 /block

Unblock the Power button:
hardwarekeys -keys 26 /unblock

Moreover, If you have lockdown deployed on the devices. Then, You can disable the "Power Menu " , when this is disabled then device users  would not be able to access the Power menu (the options that appear when a device user long presses the power button).Note: Supported on Android 9.0. 

Also, if this post has helped you in solving your inquiry, I would request you to mark the particular comment as "is solution", so others may benefit from this information.

Hi Lawrence,

Following up on this thread, were you able to resolve the issue?

If yes, I would like to know what were the steps taken to resolve the issue and I can mark that "as a Solution".