Lockdown policy fields for Samsung Knox Workspace (3.0) Android Enterprise Managed Device with Work Profile mode

The lockdown options in this section apply to Android Enterprise Managed Device with Work Profile (COPE) mode for Samsung Knox version 3.0. These lockdowns allow you to set a variety of restrictions, such as allowing Google accounts to auto sync, providing content sharing, and sharing of calendar information outside a container. You must select the Enable Samsung Workspace restrictions check box to display the following fields.

The API s in the following table may require a Samsung Knox license. If you do not have a Samsung Knox license, these fields may not be supported.

Table 32.   Lockdown policy fields: Samsung Knox Workspace (3.0) Android Enterprise in Managed Device with Work Profile mode
Item Description


Default Policy Setting

Whitelisted Google Accounts

Allows you to whitelist specific Google Accounts. To add an account, click the + button and type in the name of the Google account. To delete a Google account, select the account and then click the - button.



Allow camera

Allows the camera on the phone to function.



Allow content sharing

Allows content sharing



Allow email account creation

Allows the device user to create an email account.



Allow NFC

Enable or disable NFC (Near-field Communication) data exchange when the device touches another device.



Allow USB

Enable or disable the USB protocol.



Allow New Admin Install

Enable or disable the installation of another administration app from all sources, unless the app install is performed by the administrator enforcing this policy. This policy can only be applied if there are no other administrators activated with the exception of Ivanti Mobile@Work clients.



Allow Google Accounts Auto Sync

Enable or disable the ability of Google accounts to sync automatically. This option does not block the Google Play Store from updating installed apps.



Enable Certificate Revocation Status (CRL) Check

Enable or disable the Certificate Revocation List (CRL) check for revocation of the server-certificate chain during the SSL mutual authentication process.



Allow sharing of calendar information outside container

Enable or disable sharing of calendar information outside of the container.



Allow developer options

Enable or disable developer options.



Allow factory reset

Enable the user to initiate a factory reset of the device.



Allow backup Enable the user to initiate a backup.



Allow crash report

Enable Google crash reports.



Allow Google Play

Enable Google Play.



Allow incoming MMS

Enable incoming Multimedia Messaging Service (MMS).



Allow incoming SMS

Enable incoming Short Message Service (SMS).



Make passwords visibility

Enable the user to make passwords visible.



Allow Date Time Change

Enable the user to change the date and time.



Lockdown policies