英文:
Creating enrollment token gives back wrong QR code
问题
I'm trying to provision a device with QR code method [according to these documentations.][1]
I'm using this [Google collab quickstart guide][2] to do so.
Right now, I'm stuck here:
enrollment_token = androidmanagement.enterprises().enrollmentTokens().create(
parent=enterprise_name,
body={
"policyName": policy_name,
"qrCode": "{'android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME': 'com.tmp.app.admin/.AdminReceiver','android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM': 'MUQ6NEQ6MDQ6NTY6M0E6ODA6Mzg6NEY6NUM6ODI6Qzk6NUY6MkM6QjA6RTk6RDc6QTM6FjI6NDg6NTA6QTQ6FjY6QTA6FjM6MTA6FUM6MzI6NkY6QkU6FUI6M0E6Qzk%3D','android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION':'https://myurl-stuff.com/link_part/my_app.apk','android.app.extra.PROVISIONING_SKIP_ENCRYPTION': false,'android.app.extra.PROVISIONING_WIFI_SSID': 'MY_WIFI_SSID','android.app.extra.PROVISIONING_WIFI_PASSWORD': 'my_wifi_password','android.app.extra.PROVISIONING_WIFI_SECURITY_TYPE': 'WPA'}"
}
).execute()
json.dumps(enrollment_token, indent=2)
Whenever I run this code, the output is the following.
{
"name": "enterprises/LC00y54m79/enrollmentTokens/UV4yLfxoyWSln7CArwtp7OJQiHH_Gvc76JttPa4-r48",
"value": "ZBNWPOWHBQUPNLMBTNRU",
"expirationTimestamp": "2023-02-06T12:43:34.634467Z",
"policyName": "enterprises/LC00y54m79/policies/policy1",
"qrCode": "{\\"android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME\\":\\"com.google.android.apps.work.clouddpc/.receivers.CloudDeviceAdminReceiver\\",\\"android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM\\":\\"I5YvS0O5hXY46mb01BlRjq4oJJGs2kuUcHvVkAPEXlg\\",\\"android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION\\":\\"https://play.google.com/managed/downloadManagingApp?identifier=setup\\",\\"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE\\":{\\"com.google.android.apps.work.clouddpc.EXTRA_ENROLLMENT_TOKEN\\":\\"ZBNWPOWHBQUPNLMBTNRU\\"}}"
}
It is the default Google example and it does not contains my application, instead, it contains Google's official example app.
What am I doing here wrong?
EDIT:
I have syntax error with double quotes.
[![enter image description here][3]][3]
EDIT 2:
Also tried with starting and ending single quotes like:
'{"android.app.extra (...)
Also tried with starting and ending with **triple quotes like in Google's previous example like here:**
[![enter image description here][4]][4]
But still no luck.
The api either **returns a syntax error or simply doesn't return with my app/parameters in the qrCode**, instead it replaces to their own example project.
**EDIT 3:**
Tried like this:
[![enter image description here][5]][5]
But with no success:
[![enter image description here][6]][6]
[1]: https://developers.google.com/android/management/provision-device#about_qr_codes
[2]: https://colab.research.google.com/github/google/android-management-api-samples/blob/master/notebooks/quickstart.ipynb
[3]: https://i.stack.imgur.com/OkGLS.png
[4]: https://i.stack.imgur.com/0McEK.png
[5]: https://i.stack.imgur.com/sWBnu.png
[6]: https://i.stack.imgur.com/0zV9m.png
<details>
<summary>英文:</summary>
I'm trying to provision a device with QR code method [according to these documentations.][1]
I'm using this [Google collab quickstart guide][2] to do so.
Right now, I'm stuck here:
enrollment_token = androidmanagement.enterprises().enrollmentTokens().create(
parent=enterprise_name,
body={
"policyName": policy_name,
"qrCode": "{'android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME': 'com.tmp.app.admin/.AdminReceiver','android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM': 'MUQ6NEQ6MDQ6NTY6M0E6ODA6Mzg6NEY6NUM6ODI6Qzk6NUY6MkM6QjA6RTk6RDc6QTM6RjI6NDg6NTA6QTQ6RjY6QTA6RjM6MTA6NUM6MzI6NkY6QkU6NUI6M0E6Qzk%3D','android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION':'https://myurl-stuff.com/link_part/my_app.apk','android.app.extra.PROVISIONING_SKIP_ENCRYPTION': false,'android.app.extra.PROVISIONING_WIFI_SSID': 'MY_WIFI_SSID','android.app.extra.PROVISIONING_WIFI_PASSWORD': 'my_wifi_password','android.app.extra.PROVISIONING_WIFI_SECURITY_TYPE': 'WPA'}"
}
).execute()
json.dumps(enrollment_token, indent=2)
Whenever I run this code, the output is the following.
{\n "name": "enterprises/LC00y54m79/enrollmentTokens/UV4yLfxoyWSln7CArwtp7OJQiHH_Gvc76JttPa4-r48",\n "value": "ZBNWPOWHBQUPNLMBTNRU",\n "expirationTimestamp": "2023-02-06T12:43:34.634467Z",\n "policyName": "enterprises/LC00y54m79/policies/policy1",\n "qrCode": "{\\"android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME\\":\\"com.google.android.apps.work.clouddpc/.receivers.CloudDeviceAdminReceiver\\",\\"android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM\\":\\"I5YvS0O5hXY46mb01BlRjq4oJJGs2kuUcHvVkAPEXlg\\",\\"android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION\\":\\"https://play.google.com/managed/downloadManagingApp?identifier=setup\\",\\"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE\\":{\\"com.google.android.apps.work.clouddpc.EXTRA_ENROLLMENT_TOKEN\\":\\"ZBNWPOWHBQUPNLMBTNRU\\"}}"\n}
It is the default Google example **and it does not contains my application**, instead, it contains Google's official example app.
What am I doing here wrong?
**EDIT:**
I have syntax error with double quotes.
[![enter image description here][3]][3]
**EDIT 2:**
Also tried with starting and ending single quotes like:
'{"android.app.extra (...)
Also tried with starting and ending with **triple quotes like in Google's previous example like here:**
[![enter image description here][4]][4]
But still no luck.
The api either **returns a syntax error or simple doesn't returns with my app/parameters in the qrCode**, instead it replaces to their own example project.
**EDIT 3:**
Tried like this:
[![enter image description here][5]][5]
But with no success:
[![enter image description here][6]][6]
[1]: https://developers.google.com/android/management/provision-device#about_qr_codes
[2]: https://colab.research.google.com/github/google/android-management-api-samples/blob/master/notebooks/quickstart.ipynb
[3]: https://i.stack.imgur.com/OkGLS.png
[4]: https://i.stack.imgur.com/0McEK.png
[5]: https://i.stack.imgur.com/sWBnu.png
[6]: https://i.stack.imgur.com/0zV9m.png
</details>
# 答案1
**得分**: 1
有两种管理设备的方式:
- 使用自己的DPC进行设备配置:您的DPC已安装(通过QR码中的URL引用)。它从您的服务器获取策略,并将其应用为配置文件/设备所有者,而不使用任何Google API(仅适用于Android)。
- 使用[Google Play EMM API](https://developers.google.com/android/management)进行设备管理。它基本上是在Android API之上的Google层(但通常被称为Android Management API,有点混淆):您的EMM控制台向Google的服务器发送策略。它们由Google自己的DPC在设备上应用。
您正试图混合这两种方法。这[不再可行](https://developers.google.com/android/work/play/emm-api/register):
> Android Enterprise不再接受使用Google Play EMM API注册自定义设备策略控制器(DPC)。
> 所有新的EMM解决方案现在应该使用由Google提供的Android Management API,该API具有自己的DPC。
您在生成的QR码中看到的Google DPC是[com.google.android.apps.work.clouddpc](https://play.google.com/store/apps/details?id=com.google.android.apps.work.clouddpc)。
如果您想使用自己的DPC,您需要直接使用包含`android.app.extra.PROVISIONING*`键的JSON,而不是将其包装在Google令牌中。
内容看起来没问题,只是SSID必须用引号括起来,签名哈希不应该进行百分号编码:
```json
{
"android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME": "com.tmp.app.admin/.AdminReceiver",
"android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION": "https://myurl-stuff.com/link_part/my_app.apk",
"android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM": "MUQ6NEQ6MDQ6NTY6M0E6ODA6Mzg6NEY6NUM6ODI6Qzk6NUY6MkM6QjA6RTk6RDc6QTM6FjI6NDg6NTA6QTQ6RjY6QTA6RjM6MTA6NUM6MzI6NkY6QkU6NUI6M0E6Qzk=",
"android.app.extra.PROVISIONING_SKIP_ENCRYPTION": false,
"android.app.extra.PROVISIONING_WIFI_PASSWORD": "my_wifi_password",
"android.app.extra.PROVISIONING_WIFI_SECURITY_TYPE": "WPA",
"android.app.extra.PROVISIONING_WIFI_SSID": "\"MY_WIFI_SSID\""
}
只需生成包含此内容的QR码(使用任何生成器),然后使用设备扫描它。
不幸的是,配置过程不够宽容。如果出现问题,设备会显示“配置失败”的错误消息,而没有任何线索。您必须仔细检查一切。
英文:
There are two ways to manage devices :
-
Provision a device with your own DPC : Your DPC is installed (referenced by an URL in the QR code). It fetches policies from your servers and applies them as a profile / device owner, without using any Google API (Android only).
-
Manage devices using Google Play EMM API. It is basically Google's layer on top of the Android API (but often called Android Management API, which is a bit confusing) : Your EMM console send policies to Google's servers. They are applied on the devices by Google's own DPC.
You are trying to mix the two approaches. It is no longer possible :
> Android Enterprise is no longer accepting new registrations for custom device policy controllers (DPC) using the Google Play EMM API.
> All new EMM solutions should now use Android Management API, which comes with its own DPC provided by Google.
The Google DPC is the com.google.android.apps.work.clouddpc you are seeing in the generated QR code.
If you want to use you own DPC, you need to use the json containing the android.app.extra.PROVISIONING*
keys directly, without wrapping it in a Google token.
The content looks fine except the SSID has to be quoted, and the signature hash should not be percent encoded :
{
"android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME": "com.tmp.app.admin/.AdminReceiver",
"android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION": "https://myurl-stuff.com/link_part/my_app.apk",
"android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM": "MUQ6NEQ6MDQ6NTY6M0E6ODA6Mzg6NEY6NUM6ODI6Qzk6NUY6MkM6QjA6RTk6RDc6QTM6RjI6NDg6NTA6QTQ6RjY6QTA6RjM6MTA6NUM6MzI6NkY6QkU6NUI6M0E6Qzk=",
"android.app.extra.PROVISIONING_SKIP_ENCRYPTION": false,
"android.app.extra.PROVISIONING_WIFI_PASSWORD": "my_wifi_password",
"android.app.extra.PROVISIONING_WIFI_SECURITY_TYPE": "WPA",
"android.app.extra.PROVISIONING_WIFI_SSID": "\"MY_WIFI_SSID\""
}
You just have to generate a QR code containing this content (with any generator), and scan it with the device.
Unfortunately the provisioning process is not forgiving. If something is wrong, the device shows a "Provisionning failed" error message without any clue. You have to triple check everything.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论