Re: [Architecture] [EMM] Enabling application white listing and application blacklisting support

2016-03-03 Thread Lakshman Udayakantha
Hi Chathura, The approach you mentioned can be broken for two incidents mentioned below. 1. Remove a role from a user 2. Remove a role from an application If I explained first case, Let's suppose *application1* has restricted to *role1* and *user1* has *role1*. User will be able to see the

Re: [Architecture] [EMM] Enabling application white listing and application blacklisting support

2016-03-01 Thread Chathura Dilan
Hi Lakshman, +1 for two options in EMM 1. White list is enabled or not 2. Which app store is used to provide the white list But the operation I think it is very expensive. 1. Getting app list from the device ( If user has multiple devices, you need to get them separately) 2. Sending all of

Re: [Architecture] [EMM] Enabling application white listing and application blacklisting support

2016-03-01 Thread Lakshman Udayakantha
Hi Chathura et al, @Chathura:Thanks for the detailed information. As per the offline discussion with PrabathA, EMM should specify explicitly that EMM is using app manager white list. Therefore when policy is created, below information should provided. 1. White list is enabled or not 2. Which

Re: [Architecture] [EMM] Enabling application white listing and application blacklisting support

2016-02-29 Thread Chathura Dilan
Whitelisting of apps happening through App Manager like this. Users can only install/download applications (which they have subscribed) which are published by App Manager. So all the policies to a relevant app can be defined in App Manager by giving the correct user to subscribe to that app. Users

Re: [Architecture] [EMM] Enabling application white listing and application blacklisting support

2016-02-29 Thread Lakshman Udayakantha
Hi All, After bit of discussion with EMM team, it is decided to move creation of white list policy to the app manager it self. We will provide a configuration whether white list is enabled or not. If white list enabled in the configuration, a new policy will created in EMM when new application is

Re: [Architecture] [EMM] Enabling application white listing and application blacklisting support

2016-02-23 Thread Lakshman Udayakantha
Hi DilanA/EMM Team, @DilanA :Thanks for the information. I have assumed policy creator know the package names of the applications which need to be restricted in the device and implemented the mdm policy UI for app restriction list and able to publish the restriction list to the device

Re: [Architecture] [EMM] Enabling application white listing and application blacklisting support

2016-02-07 Thread Dilan Udara Ariyaratne
Hi Lakshman, With respect to EMM space, I think that this requirement should be handled from device policy level. FYI, a device policy is a set of configurations that we set to be published for a number of devices based on Roles and Users. If we think about this requirement too in the same way,

Re: [Architecture] [EMM] Enabling application white listing and application blacklisting support

2016-02-02 Thread Lakshman Udayakantha
[adding Dakshika] On Tue, Feb 2, 2016 at 5:45 PM, Lakshman Udayakantha wrote: > Hi All, > > @KasunD/PrabathA: Thanks for your suggestions. I will check for methods to > block application installations for lower api level than 23 also. > I have created mockup UIs to create,

Re: [Architecture] [EMM] Enabling application white listing and application blacklisting support

2016-02-01 Thread Prabath Abeysekera
On Mon, Feb 1, 2016 at 6:14 PM, Kasun Dananjaya Delgolla wrote: > Hi Lakshman, > > In terms of Android you can use blocking APIs[1] in Marshmallow SDK (SDK > 23) to achieve this. We already use DevicePolicyManager API so you can > straightaway add these new stuff into the same

[Architecture] [EMM] Enabling application white listing and application blacklisting support

2016-02-01 Thread Lakshman Udayakantha
Hi, There is a requirement to implement application white listing and application black listing support in Enterprise Mobility Manager. Application white listing means creating a list of applications which are only allowed to run on mobile devices which are connected to EMM. Application

Re: [Architecture] [EMM] Enabling application white listing and application blacklisting support

2016-02-01 Thread Kasun Dananjaya Delgolla
Hi Lakshman, In terms of Android you can use blocking APIs[1] in Marshmallow SDK (SDK 23) to achieve this. We already use DevicePolicyManager API so you can straightaway add these new stuff into the same android agent API layer. Also for older API levels ( < 23) earlier we used a mechanism just

Re: [Architecture] [EMM] Enabling application white listing and application blacklisting support

2016-02-01 Thread Inosh Perera
Hi all, Role based application restriction will be provided. Administrator will define a list of applications as a black list and a set of roles which is to be restricted to the application, along with the applications. Is there any particular reason for not having application policies for

Re: [Architecture] [EMM] Enabling application white listing and application blacklisting support

2016-02-01 Thread Harshan Liyanage
Hi Inosh, There may be some cases where enterprises need to have application policies for individual users. But I think that scenario is very unlikely. If we take an organization, every user will map to one or more user-roles. There might be situations where a role has only one user (i.e like