Since: API level 6
public class

LDAPAccountPolicy

extends Object
java.lang.Object
   ↳ com.samsung.android.knox.accounts.LDAPAccountPolicy

Class Overview

This class provides APIs to create, delete, and get Lightweight Directory Access Protocol (LDAP) account settings on the device. Use the LDAPAccount class to fill up the relevant LDAP account details.

Since
API level 6
MDM 4.0

Summary

Constants
String ACTION_LDAP_CREATE_ACCT_RESULT Broadcast Action: Sent to inform administrators about the result of LDAP account creation.
int ERROR_LDAP_ALREADY_EXISTS LDAP account already exists.
int ERROR_LDAP_CONNECT_ERROR LDAP server connection error.
int ERROR_LDAP_INVALID_CREDENTIALS Invalid LDAP credentials.
int ERROR_LDAP_NONE LDAP operation successful.
int ERROR_LDAP_SERVER_BUSY LDAP server is busy.
int ERROR_LDAP_SERVER_DOWN LDAP server is down.
int ERROR_LDAP_TIMEOUT LDAP server connection timeout.
int ERROR_LDAP_UNKNOWN LDAP unknown error.
String EXTRA_LDAP_ACCT_ID Used as an int extra field with ACTION_LDAP_CREATE_ACCT_RESULT.
String EXTRA_LDAP_RESULT Used as an int extra field with ACTION_LDAP_CREATE_ACCT_RESULT.
String EXTRA_LDAP_USER_ID Used as an int extra field with ACTION_LDAP_CREATE_ACCT_RESULT.
Public Methods
void createLDAPAccount(LDAPAccount ldap)
API to configure a LDAP account.
boolean deleteLDAPAccount(long id)
API to delete LDAP account.
List<LDAPAccount> getAllLDAPAccounts()
API to get list of all LDAP accounts.
LDAPAccount getLDAPAccount(long id)
API to get LDAP account.
[Expand]
Inherited Methods
From class java.lang.Object

Constants

public static final String ACTION_LDAP_CREATE_ACCT_RESULT

Since: API level 6

Broadcast Action: Sent to inform administrators about the result of LDAP account creation. Receiver must hold "com.samsung.android.knox.permission.KNOX_LDAP" to receive this broadcast. The intent has the following extra value:
EXTRA_LDAP_RESULT:
ERROR_LDAP_NONE success
ERROR_LDAP_ALREADY_EXISTS LDAP account already exists
ERROR_LDAP_INVALID_CREDENTIALS Invalid LDAP credentials
ERROR_LDAP_SERVER_BUSY LDAP server is busy
ERROR_LDAP_SERVER_DOWN LDAP server is down
ERROR_LDAP_TIMEOUT LDAP server connection timeout
ERROR_LDAP_CONNECT_ERROR LDAP server connection error
ERROR_LDAP_UNKNOWN unknown error

EXTRA_LDAP_ACCT_ID: LDAP account Id

Since
API level 6
MDM 4.0
Constant Value: "com.samsung.android.knox.intent.action.LDAP_CREATE_ACCT_RESULT"

public static final int ERROR_LDAP_ALREADY_EXISTS

Since: API level 6

LDAP account already exists.

Since
API level 6
MDM 4.0
Constant Value: -1 (0xffffffff)

public static final int ERROR_LDAP_CONNECT_ERROR

Since: API level 6

LDAP server connection error.

Since
API level 6
MDM 4.0
Constant Value: -7 (0xfffffff9)

public static final int ERROR_LDAP_INVALID_CREDENTIALS

Since: API level 6

Invalid LDAP credentials.

Since
API level 6
MDM 4.0
Constant Value: -3 (0xfffffffd)

public static final int ERROR_LDAP_NONE

Since: API level 6

LDAP operation successful.

Since
API level 6
MDM 4.0
Constant Value: 0 (0x00000000)

public static final int ERROR_LDAP_SERVER_BUSY

Since: API level 6

LDAP server is busy.

Since
API level 6
MDM 4.0
Constant Value: -4 (0xfffffffc)

public static final int ERROR_LDAP_SERVER_DOWN

Since: API level 6

LDAP server is down.

Since
API level 6
MDM 4.0
Constant Value: -5 (0xfffffffb)

public static final int ERROR_LDAP_TIMEOUT

Since: API level 6

LDAP server connection timeout.

Since
API level 6
MDM 4.0
Constant Value: -6 (0xfffffffa)

public static final int ERROR_LDAP_UNKNOWN

Since: API level 6

LDAP unknown error.

Since
API level 6
MDM 4.0
Constant Value: -8 (0xfffffff8)

public static final String EXTRA_LDAP_ACCT_ID

Since: API level 6

Used as an int extra field with ACTION_LDAP_CREATE_ACCT_RESULT. Contains the account Id of created LDAP account.

Since
API level 6
MDM 4.0
Constant Value: "com.samsung.android.knox.intent.extra.LDAP_ACCT_ID"

public static final String EXTRA_LDAP_RESULT

Since: API level 6

Used as an int extra field with ACTION_LDAP_CREATE_ACCT_RESULT. Contains the result of the creation of LDAP account.

Since
API level 6
MDM 4.0
Constant Value: "com.samsung.android.knox.intent.extra.LDAP_RESULT"

public static final String EXTRA_LDAP_USER_ID

Since: API level 12

Used as an int extra field with ACTION_LDAP_CREATE_ACCT_RESULT. Contains the user id where the LDAP account was created in.

Since
API level 12
MDM 5.1
Constant Value: "com.samsung.android.knox.intent.extra.LDAP_USER_ID"

Public Methods

public void createLDAPAccount (LDAPAccount ldap)

Since: API level 6

API to configure a LDAP account.

Parameters
ldap LDAP account to be created
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to configure an LDAP account on a device by filling the LDAPAccount object without user interaction.


 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);

 LDAPAccountPolicy ldapPolicy = edm.getLDAPAccountPolicy();

 LDAPAccount ldap = new LDAPAccount();

 ldap.userName = "";

 ldap.password = "";

 ldap.port = 389;

 ldap.host = "ldap.xx.yy";

 ldap.isSSL = true;

 ldap.isAnonymous = true;

 ldap.baseDN = "ou=xx,dc=samsung,dc=edu"

 try {

     ldapPolicy.createLDAPAccount(ldap);

 } catch (SecurityException e) {

     Log.w(TAG, "SecurityException: " + e);

 }

 
For Container:

 // When you create container successfully, containerID will be returned via intent.

 // Use this containerID in below API.

 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);

 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);

 LDAPAccountPolicy ldapPolicy = kcm.getLDAPAccountPolicy();

 LDAPAccount ldap = new LDAPAccount();

 ldap.userName = "";

 ldap.password = "";

 ldap.port = 389;

 ldap.host = "ldap.xx.yy";

 ldap.isSSL = true;

 ldap.isAnonymous = true;

 ldap.baseDN = "ou=xx,dc=samsung,dc=edu"

 try {

     ldapPolicy.createLDAPAccount(ldap);

 } catch (SecurityException e) {

     Log.w(TAG, "SecurityException: " + e);

 }

 
Note: ldap.host and ldap.baseDN are mandatory parameters. ldap.id is not used while creating LDAP account
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_LDAP" permission which has a protection level of signature.
Since
API level 6
MDM 4.0
Multiuser Environment
User Scope

public boolean deleteLDAPAccount (long id)

Since: API level 6

API to delete LDAP account.

Parameters
id LDAP account Id to be deleted
Returns
  • true if successful, else false
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to delete an LDAP account on a device without user interaction. The administrator can use the unique Id obtained when the LDAP account was created.


 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);

 LDAPAccountPolicy ldapPolicy = edm.getLDAPAccountPolicy();

 long ldapId = 1;

 try {

     ldapPolicy.deleteLDAPAccount(ldapId);

 } catch (SecurityException e) {

     Log.w(TAG, "SecurityException: " + e);

 }

 
For Container:

 // When you create container successfully, containerID will be returned via intent.

 // Use this containerID in below API.

 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);

 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);

 LDAPAccountPolicy ldapPolicy = kcm.getLDAPAccountPolicy();

 long ldapId = 1;

 try {

     ldapPolicy.deleteLDAPAccount(ldapId);

 } catch (SecurityException e) {

     Log.w(TAG, "SecurityException: " + e);

 }

 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_LDAP" permission which has a protection level of signature.
Since
API level 6
MDM 4.0
Multiuser Environment
User Scope

public List<LDAPAccount> getAllLDAPAccounts ()

Since: API level 6

API to get list of all LDAP accounts.

Returns
  • List of all existing LDAPAccount on the device if successful, else null
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to get all LDAP accounts on the device.


 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);

 LDAPAccountPolicy ldapPolicy = edm.getLDAPAccountPolicy();

 try {

     List list = ldapPolicy.getAllLDAPAccounts();

 } catch (SecurityException e) {

     Log.w(TAG, "SecurityException: " + e);

 }

 
For Container:

 // When you create container successfully, containerID will be returned via intent.

 // Use this containerID in below API.

 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);

 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);

 LDAPAccountPolicy ldapPolicy = kcm.getLDAPAccountPolicy();

 try {

     List list = ldapPolicy.getAllLDAPAccounts();

 } catch (SecurityException e) {

     Log.w(TAG, "SecurityException: " + e);

 }

 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_LDAP" permission which has a protection level of signature.
Since
API level 6
MDM 4.0
Multiuser Environment
User Scope

public LDAPAccount getLDAPAccount (long id)

Since: API level 6

API to get LDAP account.

Parameters
id Id of the LDAP account whose details are to be retrieved
Returns
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to get a particular LDAP account on the device.


 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);

 LDAPAccountPolicy ldapPolicy = edm.getLDAPAccountPolicy();

 long ldapId = 1;

 try {

     LDAPAccount ldap = ldapPolicy.getLDAPAccount(ldapId);

 } catch (SecurityException e) {

     Log.w(TAG, "SecurityException: " + e);

 }

 
For Container:

 // When you create container successfully, containerID will be returned via intent.

 // Use this containerID in below API.

 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);

 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);

 LDAPAccountPolicy ldapPolicy = kcm.getLDAPAccountPolicy();

 long ldapId = 1;

 try {

     LDAPAccount ldap = ldapPolicy.getLDAPAccount(ldapId);

 } catch (SecurityException e) {

     Log.w(TAG, "SecurityException: " + e);

 }

 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_LDAP" permission which has a protection level of signature.
Since
API level 6
MDM 4.0
Multiuser Environment
User Scope