SOTI Pulse Logo

Using writesecuresetting in Android Javascript script to update Private DNS

Solved
J
Jeremy

I've successfully used writesecuresetting in a legacy script to update the private_dns_mode and private_dns_specifier of phones running Android 13 and Android 14. Here's a working example:

writesecuresetting -glo private_dns_mode hostname
writesecuresetting -glo private_dns_specifier profilename.dns.nextdns.io

However, I want to write a script that periodically checks to ensure that setting is still set, and corrects it if the user changes it. Also, I want to change the DNS specifier string based on the phone name and various other settings.

I'm comfortable writing the necessary javascript logic, but I can't find a way to run writesecuresetting to change the setting. This seems like a significant oversight (either in the API design or on my part), and adding this would open all sorts of scripting possibilities.

This may be an XY problem, so feel free to point me to a better way to do this.

Edit: Just realizing this would be entirely possible if there was an API to run shell commands. That would open up all sorts of opportunities for more powerful scripting.

feature-request javascript
7 months ago
Android Scripting
ANSWERS
SS
Support Staff Account
7 months ago

Hello Jeremy, 

Thank you for requesting a response from SOTI Support staff.

Let me look into this a bit further and see if I can get you a great response.

I will report my findings back here soon

J
Jeremy
7 months ago

Thank you. I've gotten as far as writing the desired DNS hostname into a text file using a JavaScript Script, with the intent to use a subsequent legacy script to load that file and change the settings.

However, the documentation page Using Environment Variables explaining how to load text file contents using a legacy script appears to be incorrect.

I've so far had no success using variables in an Android legacy script, but the documentation gives no indication that variables are unsupported on Android.

SS
Support Staff Account
7 months ago

A workaround could be to use task scheduler to set the DNS with the script you are using.  Schedule it to update on every device, (I would recommend testing with one device first) so if it does get changed it will automatically revert back to the desired entry. 

A call may be required so we can log your request VIA a case and file a feature request for 2026.1.0 to investigate the possibility to adding aprivate DNS via profile which would be the best option. 

As I have assigned this to Pulse Moderator to investigate further they will update the post with any other details that may be helpful. 

Warm regards, 

J
Jeremy
7 months ago

Thank you, but my requirement to have a separate hostname for each device would necessitate a separate profile for each device, unless there's a way to retrieve the device name in a legacy script.

While a PrivateDNS-specific API would be an improvement, I'd greatly prefer one of the following:

  • API to run arbitrary shell commands, opening up all sorts of possibilities
  • API equivalent to the legacy script writesecuresetting (and a matching getsecuresetting)

These proposals would yield far, far more functionality than a DNS-specific API while ostensibly taking no more effort to implement.

MD
Matt Dermody Diamond Contributor
7 months ago

What about? 

writesecuresetting -glo private_dns_specifier %DEVICENAME%.dns.nextdns.io

Solution
J
Jeremy
7 months ago

Thanks, Matt. That's certainly better than my current method. I hadn't hit upon the right format of %DEVICENAME%. Edit: This appears to be undocumented at https://www.soti.net/mc/help/v2025.1/en/console/other/macros.html. No wonder I didn't find it.

While not a direct answer to my question, this does at least partly solve my underlying issue, so I'll mark this as a solution.

I would still like the Android JavaScript scripting to reach feature parity with the legacy scripts, as well as have the ability to make network requests and run executables. These features would open up all sorts of options for automations that are currently impossible or require custom development.

MD
Matt Dermody Diamond Contributor
7 months ago

Yes completely agree. It's very disappointing to be caught in the middle of both scripting offerings at the moment. Javascript could be much more powerful with all of the conditional logic we could introduce but SOTI continues to release new capabilities through legacy scripting first.

P
PMMOD@SOTI
6 months ago

Hello Jeremy,

Thank you for your post on SOTI Pulse. Matt Dermody thank you for responding to the post Your expertise and willingness to help are greatly appreciated!

We're glad you've been able to find a solution. Please let us know if there are any other details or links we can assist you with, and then we can close it at our end

Please let us know so we can proceed further accordingly.

Similar Discussions