Jason Ver Linden
Oct 11, 2017
9:49 pm

Container account blacklist and whitelist

Hi,

I have an MDM inside a container that has all accounts blacklisted and then pulls down a policy that has a list of email accounts that should be whitelisted. While the blacklisting is working, it doesn't seem like the whitelisting of accounts is as I cannot add a new accounts and get the message "Security policy prevents addition of this account".

 

Here is the code we are using to black list all accounts and then white list only certain accounts:

// First blacklist all email accounts
List<String> blacklistAccounts = new ArrayList<String>();
blacklistAccounts.add(".*@*.*");

DeviceAccountPolicy deviceAccountPolicy = KASTPolicyUtilityBase.getInstance().getAccountPolicy();
List<String> accountTypes = deviceAccountPolicy.getSupportedAccountTypes();
for (String accountType : accountTypes) {
   if (deviceAccountPolicy.addAccountsToAdditionBlackList(accountType, blacklistAccounts)) {
      Toaster.showToast(enumToasterErrorLevel, "Added " + accountType + " to blacklist", Toast.LENGTH_LONG);
   } else {
      Toaster.showToast(enumToasterErrorLevel, "Failed to add " + accountType + " to blacklist", Toast.LENGTH_LONG);
   }
}
// Next, set each whitelisted email accountDeviceAccountPolicy deviceAccountPolicy = KASTPolicyUtilityBase.getInstance().getAccountPolicy();
List<String> whitelistAccounts = new ArrayList<String>();
whitelistAccounts.add("*@mydomain.net");
whitelistAccounts.add(".*@mydomain.net");
whitelistAccounts.add("*mydomain.net");

   if (deviceAccountPolicy.addAccountsToAdditionWhiteList("com.samsung.android.exchange", whitelistAccounts)) {
      Toaster.showToast(enumToasterErrorLevel, "Added mydomain to white list", Toast.LENGTH_LONG);
   } else {
      Toaster.showToast(enumToasterErrorLevel, "Failed to add mydomainto white list", Toast.LENGTH_LONG);
   }

 

I then go into the Knox settings->Accounts->Exchange and try to add an account "username@mydomain.net" but I cannot. None of the accounts we are adding to the whitelist seem to be overriding the blacklist. Any ideas?

Similar topics

No similar topics found.
Samuel G.Samsung SEAP Moderator
Oct 11, 2017
10:18 pm

One of our partners has actually run into the same issue with exchange accounts. The issue is currently being looked into by our R&D team. I'll let you know when they get back to me.

- Sam

Comments

Ok, thanks for the quick response.

Jason Ver LindenOct 12, 2017 at 4:53 pm