- VMware Technology Network
- :
- Digital Workspace
- :
- Workspace ONE
- :
- Workspace ONE Discussions
- :
- Android 10 Feature DISALLOW_CONFIG_PRIVATE_DNS in ...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Android 10 Feature DISALLOW_CONFIG_PRIVATE_DNS in Custom Setting XML Profile
Hello,
I am aware of most of the configurations I can make to Android profiles through the profile editing interface in Workspace One UEM, but I am still trying to understand the use of a Custom Setting XML Profile. I am also trying to understand the landscape of Android Enterprise options and terminology.
In the documentation for Android Custom Settings (Using Custom Settings (Android)), it is noted that "The Custom Settings payload can be used when new Android functionality releases or features that Workspace ONE UEM console does not currently support through its native payloads." I looked up what is new in Android Enterprise and I saw that in Android 10 they added Private DNS support. Now, from what I understand this is only through building an app. Or can I somehow use the Custom Settings XML to gain access to this "new Android functionality releases or feature" like stated in the documentation about Android Custom Settings? I tried adding DISALLOW_CONFIG_PRIVATE_DNS to the Custom Settings XML in various casings and configurations, but it did not seem to do anything.
From looking at the Android Management API (https://androidmanagement.googleapis.com/$discovery/rest?version=v1 ) there is no mention of Private DNS management through a profile. However, when I click on the links from the announcement of Private DNS settings in Android 10 Enterprise (What's new for enterprise in Android 10 | Android Developers ), I am linked to what appear to be Java/Kotlin classes only used in Android app development. One is UserManager, and the other is DevicePolicyManager. Is there no way to access these settings through an Android profile? Reading the descriptions of these classes makes it sound like I should be able to make a policy that defines and enforces a Private DNS setting without needing to build an app.
If there is another way to enforce DNS through an Android Profile I would love to hear that as well. My only other thought is to configure an always on VPN that uses a specific DNS, but that seems like a lot of extra steps for something that appears simple on the surface.
Assistance is greatly appreciated as I have hit a dead end in my research. Thanks!
Android Classes
android.os UserManager
Specifies whether the user is allowed to modify private DNS settings.
This restriction can only be set by a device owner or a profile owner of an organization-owned managed profile on the parent profile. When it is set by either of these owners, it applies globally.
UserManager | Android Developers
android.app.admin DevicePolicyManager
Sets the global Private DNS host to be used. May only be called by the device owner.