Docs: Afw updates for N
Adding content for b/28942322
Removing setup wizard refs
Replacing testing app (now TestDPC)
Updating based on comments
Bug: 28315422, 28942322
Change-Id: I68d174f64f7edc8753688e3830ec91a828140b5b
diff --git a/src/devices/tech/admin/testing-setup.jd b/src/devices/tech/admin/testing-setup.jd
index 678c04b..129fa8e 100644
--- a/src/devices/tech/admin/testing-setup.jd
+++ b/src/devices/tech/admin/testing-setup.jd
@@ -24,70 +24,84 @@
</div>
</div>
-<p>These are the essential elements that must exist for OEM devices to ensure
-minimal support for managed profiles:</p>
+<p>To ensure minimal support for managed profiles, OEM devices must contain the
+following essential elements:</p>
<ul>
- <li>Profile Owner as described in <a
-href="https://developer.android.com/training/enterprise/app-compatibility.html">Ensuring
-Compatibility with Managed Profiles</a>
- <li>Device Owner
- <li>Activation Code Provisioning
+ <li>Profile owner (as described in
+ <a href="https://developer.android.com/training/enterprise/app-compatibility.html">Ensuring
+ Compatibility with Managed Profiles</a>)</li>
+ <li>Device owner</li>
+ <li>Activation code provisioning</li>
</ul>
-<p>See <a href="implement.html">Implementing Device Administration</a> for the complete list of requirements.</p>
-<h2 id=summary>Summary</h2>
-<p>To test your device administration features:</p>
+<p>For a complete list of requirements, see
+<a href="{@docRoot}devices/tech/admin/implement.html">Implementing Device
+Administration</a>.</p>
+
+<p>To test device administration features, device owners can use the TestDPC
+application (described below); consider also working directly with other
+enterprise mobility management (EMM) providers.</p>
+
+<h2 id=set_up_the_device_owner_for_testing>Set up device owner for testing</h2>
+<p>Use the following instructions to set up a device owner testing environment.</p>
<ol>
- <li>For device owner, use the <a
-href="https://developer.android.com/samples/BasicManagedProfile/index.html">BasicManagedProfile.apk</a>
-test app.
- <li>Consider working with other enterprise mobility management (EMM) providers
-directly.
-</ol>
-
-<h2 id=set_up_the_device_owner_for_testing>Set up the device owner for testing</h2>
-<ol>
- <li>Device MUST be built with <strong>userdebug</strong> or <strong>eng</strong> build.
+ <li>Set up the device:
+ <ol>
+ <li style="list-style-type: lower-alpha">Ensure the device uses a
+ <strong>userdebug</strong> or <strong>eng</strong> build.</li>
+ <li style="list-style-type: lower-alpha">Factory reset the target device.</li>
+ </ol></li>
+ <li>Set up the testing application using one of the following methods:
+ <ul>
+ <li><a href="https://play.google.com/store/apps/details?id=com.afwsamples.testdpc&hl=en">Download
+ the TestDPC application</a> (available from Google Play).</li>
+ <li><a href="https://github.com/googlesamples/android-testdpc/">Build
+ the TestDPC application</a> (available from github.com).</li>
+ </ul>
</li>
- <li>Factory reset the target device (and continue with the next steps in the
- meantime).
- </li>
- <li>Download <a
- href="http://developer.android.com/downloads/samples/BasicManagedProfile.zip">BasicManagedProfile.zip</a>. (Also see the <a
- href="http://developer.android.com/samples/BasicManagedProfile/index.html">BasicManagedProfile</a> documentation.)</li>
- <li>Unzip the file.
- <li>Navigate (<code>cd</code>) to the unzipped directory.</li>
- <li>If you don't have it, download the <a href="http://developer.android.com/sdk/index.html#Other">Android SDK Tools</a> package.</li>
- <li>Create a file with the name <code>local.properties</code> containing the following single
- line:<br>
- <code>sdk.dir=<em><path to your android SDK folder></em></code><br>
- <li>On Linux and Mac OS, run:<br>
- <code>./gradlew assembleDebug</code><br>
- Or on windows run:<br>
- <code>gradlew.bat assembleDebug</code></li>
- <li>If the build is unsuccessful because you have an outdated android SDK, run:<br>
- <code><em><your android sdk folder></em>/tools/android update sdk -u -a</code></li>
- <li>Wait for factory reset to complete if it hasn’t yet.<br>
- <p class="Caution"><strong>Caution</strong>: Stay on the first screen
- after factory reset and do not finish the setup wizard.</li>
- <li>Install the BasicManagedProfile app by running the following command:<br>
- <code>adb install ./Application/build/outputs/apk/Application-debug.apk </code>
- </li>
- <li>Set this app as the device owner by running this command:<br><code>$ adb shell am start -a
- com.android.managedprovisioning.ACTION_PROVISION_MANAGED_DEVICE --es
- android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_NAME
- com.example.android.basicmanagedprofile</code>
+ <li>Set the TestDPC app as the device owner using the following command:<br>
+ <pre>$ adb shell dpm set-device-owner "com.afwsamples.testdpc/.DeviceAdminReceiver"</pre>
</li>
<li>Go through device owner setup on the device (encrypt, select Wi-Fi, etc.)</li>
</ol>
-<h2 id=verify_the_device_owner_was_correctly_setup>Verify the device owner was correctly setup</h2>
-<ol>
- <li>Go to <em>Settings > Security > Device Administrators</em>.
- </li>
- <li>Confirm the BasicManagedProfile is in the list and verify it cannot be
- disabled. (This signifies it is a device owner.)
- </li>
-</ol>
+<h2 id=verify_the_device_owner_was_correctly_setup>Verify device owner setup</h2>
+<p>To verify the device owner was correctly setup, go to <em>Settings >
+Security > Device Administrators</em> and confirm TestDPC is in the
+list. Verify it cannot be disabled (this signifies it is a device owner).</p>
+
+<h2 id="troubleshooting">Bug reports and logs</h2>
+<p>In Android N, device owner Device Policy Client (DPCs) can get bug reports
+and view logs for enterprise processes on a managed device.</p>
+
+<p>To trigger a bug report (i.e., the equivalent data collected by <code>adb
+bugreport</code> containing dumpsys, dumpstate, and logcat data), use
+<code>DevicePolicyController.requestBugReport</code>. After the bug report is
+collected, the user is prompted to give consent to send the bug report data.
+Results are received by
+<code>DeviceAdminReceiver.onBugreport[Failed|Shared|SharingDeclined]</code>. For
+details on bug report contents, see
+<a href="{@docRoot}source/read-bug-reports.html">Reading Bug Reports</a>.
+
+<p>In addition, device owner DPCs can also collect logs related to actions a
+user has taken on a managed device. Enterprise process logging is required for
+all devices that report device_admin and enabled by a new log security buffer
+readable only by the system server (i.e., <code>adb logcat -b security</code>
+cannot read the buffer). ActivityManager service and Keyguard components log the
+following events to the security buffer:</p>
+
+<ul>
+<li>Application processes starting</li>
+<li>Keyguard actions (e.g., unlock failure and success)</li>
+<li><code>adb</code> commands issued to the device</li>
+</ul>
+
+<p>To optionally retain logs across reboots (not cold boot) and make these logs
+available to device owner DPCs, a device must have a kernel with
+<code>pstore</code> and <code>pmsg</code> enabled, and DRAM powered and
+refreshed through all stages of reboot to avoid corruption to the logs retained
+in memory. To enable support, use the
+<code>config_supportPreRebootSecurityLogs</code> setting in
+<code>frameworks/base/core/res/res/values/config.xml</code>.</p>