Lockdown policy fields for Samsung Knox Workspace (3.0) Android Enterprise Managed Device with Work Profile mode

The lockdown options in this section apply to Android Enterprise Managed Device with Work Profile (COPE) mode for Samsung Knox version 3.0. These lockdowns allow you to set a variety of restrictions, such as allowing Google accounts to auto sync, providing content sharing, and sharing of calendar information outside a container. You must select the Enable Samsung Workspace restrictions check box to display the following fields.

NOTE:

The API s in the following table may require a Samsung Knox license. If you do not have a Samsung Knox license, these fields may not be supported.

Table 1. Lockdown policy fields: Samsung KNOX Workspace (3.0) Android Enterprise in Managed Device with Work Profile mode
Item	Description	Default Policy Setting
Whitelisted Google Accounts	Allows you to whitelist specific Google Accounts. To add an account, click the + button and type in the name of the Google account. To delete a Google account, select the account and then click the - button.	None
Allow camera	Allows the camera on the phone to function.	Disabled
Allow content sharing	Allows content sharing	Disabled
Allow email account creation	Allows the device user to create an email account.	Disabled
Allow NFC	Enable or disable NFC (Near-field Communication) data exchange when the device touches another device.	Disabled
Allow USB	Enable or disable the USB protocol.	Disabled
Allow New Admin Install	Enable or disable the installation of another administration app from all sources, unless the app install is performed by the admin enforcing this policy. This policy can only be applied if there are no other administrators activated with the exception of Mobile@Work clients.	Disabled
Allow Google Accounts Auto Sync	Enable or disable the ability of Google accounts to sync automatically. This option does not block the Google Play Store from updating installed apps.	Disabled
Enable Certificate Revocation Status (CRL) Check	Enable or disable the Certificate Revocation List (CRL) check for revocation of the server-certificate chain during the SSL mutual authentication process.	Disabled
Allow sharing of calendar information outside container	Enable or disable sharing of calendar information outside of the container.	Disabled