Starting March 27, 2025, we recommend using android-latest-release instead of aosp-main to build and contribute to AOSP. For more information, see Changes to AOSP.
Test device management
Stay organized with collections
Save and categorize content based on your preferences.
To ensure minimal support for managed profiles, OEM devices must contain the
following essential elements:
For a complete list of requirements, see
Implement device
management. To test device management features, device owners can
use the TestDPC application described below.
Set up device owner for testing
Use the following instructions to set up a device owner testing environment.
- Factory reset the target device.
- Ensure the device does not contain any user accounts (for example, those used to log
into online services). To verify, check Settings > Accounts.
- Set up the testing application using one of the following methods:
- Set the TestDPC app as the device owner using the following command:
adb shell dpm set-device-owner "com.afwsamples.testdpc/.DeviceAdminReceiver"
- Go through device owner setup on the device (encrypt, select Wi-Fi).
Verify device owner setup
To verify the device owner was correctly setup, go to Settings >
Security > Device Administrators and confirm TestDPC is in the
list. Verify it cannot be disabled (this signifies it is a device owner).
Bug reports and logs
As of Android 7.0, device owner Device Policy Client (DPCs) can get bug
reports and view logs for enterprise processes on a managed device.
To trigger a bug report (that is, the equivalent data collected by
adb bugreport containing dumpsys, dumpstate, and
logcat data), use DevicePolicyController.requestBugReport. After
the bug report is collected, the user is prompted to give consent to send the
bug report data. Results are received by
DeviceAdminReceiver.onBugreport[Failed|Shared|SharingDeclined]. For
details on bug report contents, see
Reading bug reports.
In addition, device owner DPCs can also collect logs related to actions a
user has taken on a managed device. Enterprise process logging is required for
all devices that report device_admin and enabled by a new log security buffer
readable only by the system server (that is, $ adb logcat -b security
cannot read the buffer). ActivityManager service and Keyguard components log the
following events to the security buffer:
- Application processes starting
- Keyguard actions (for example, unlock failure and success)
adb commands issued to the device
To optionally retain logs across reboots (not cold boot) and make these logs
available to device owner DPCs, a device must have a kernel with
pstore and pmsg enabled, and DRAM powered and
refreshed through all stages of reboot to avoid corruption to the logs retained
in memory. To enable support, use the
config_supportPreRebootSecurityLogs setting in
frameworks/base/core/res/res/values/config.xml.
Content and code samples on this page are subject to the licenses described in the Content License. Java and OpenJDK are trademarks or registered trademarks of Oracle and/or its affiliates.
Last updated 2024-09-17 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2024-09-17 UTC."],[],[],null,["# Test device management\n\nTo ensure minimal support for managed profiles, OEM devices must contain the\nfollowing essential elements:\n\n- Profile owner (as described in [Ensuring\n Compatibility with Managed Profiles](https://developer.android.com/training/enterprise/app-compatibility.html))\n- Device owner\n\nFor a complete list of requirements, see\n[Implement device\nmanagement](/docs/devices/admin/implement). To test device management features, device owners can\nuse the TestDPC application described below.\n\nSet up device owner for testing\n-------------------------------\n\nUse the following instructions to set up a device owner testing environment.\n\n1. Factory reset the target device.\n2. Ensure the device does not contain any user accounts (for example, those used to log into online services). To verify, check *Settings \\\u003e Accounts*.\n3. Set up the testing application using one of the following methods:\n - [Download\n the TestDPC application](https://play.google.com/store/apps/details?id=com.afwsamples.testdpc&hl=en) (available from Google Play).\n - [Build\n the TestDPC application](https://github.com/googlesamples/android-testdpc/) (available from github.com).\n4. Set the TestDPC app as the device owner using the following command: \n\n ```\n adb shell dpm set-device-owner \"com.afwsamples.testdpc/.DeviceAdminReceiver\"\n ```\n5. Go through device owner setup on the device (encrypt, select Wi-Fi).\n\nVerify device owner setup\n-------------------------\n\nTo verify the device owner was correctly setup, go to *Settings \\\u003e\nSecurity \\\u003e Device Administrators* and confirm TestDPC is in the\nlist. Verify it cannot be disabled (this signifies it is a device owner).\n\nBug reports and logs\n--------------------\n\nAs of Android 7.0, device owner Device Policy Client (DPCs) can get bug\nreports and view logs for enterprise processes on a managed device.\n\nTo trigger a bug report (that is, the equivalent data collected by\n`adb bugreport` containing `dumpsys`, dumpstate, and\nlogcat data), use `DevicePolicyController.requestBugReport`. After\nthe bug report is collected, the user is prompted to give consent to send the\nbug report data. Results are received by\n`DeviceAdminReceiver.onBugreport[Failed|Shared|SharingDeclined]`. For\ndetails on bug report contents, see\n[Reading bug reports](/docs/setup/read-bug-reports).\n\nIn addition, device owner DPCs can also collect logs related to actions a\nuser has taken on a managed device. Enterprise process logging is required for\nall devices that report device_admin and enabled by a new log security buffer\nreadable only by the system server (that is, `$ adb logcat -b security`\ncannot read the buffer). ActivityManager service and Keyguard components log the\nfollowing events to the security buffer:\n\n- Application processes starting\n- Keyguard actions (for example, unlock failure and success)\n- `adb` commands issued to the device\n\nTo optionally retain logs across reboots (not cold boot) and make these logs\navailable to device owner DPCs, a device must have a kernel with\n`pstore` and `pmsg` enabled, and DRAM powered and\nrefreshed through all stages of reboot to avoid corruption to the logs retained\nin memory. To enable support, use the\n`config_supportPreRebootSecurityLogs` setting in\n`frameworks/base/core/res/res/values/config.xml`."]]
