SOTI Clear Passcodes

NOTE: Applies to Android devices only.

To support clearing passcodes in SOTI, before initiating a password reset, ensure the caller's identity through the script add_allowed_apps.

It must be granted the access to the agent's content provider. This is done by sending the add_allowed_apps script from the SOTI console.

Prerequisites

• Set up SOTI as your MDM by following the steps in MDM Integration: SOTI MobiControl.

Step 1: Determine the Imprivata Locker App Signature

To determine the Imprivata Locker app signature:

1. In the SOTI console, navigate to Device Details.

2. From the Device Actions menu, select Send Script.

3. In Script Type, select Legacy.

4. In the Script Editor pane, run the following command to get the signature of the Imprivata Locker app:

   Copy

   identify_package_certificate com.imprivata.locker

   

   The command returns the com.imprivata.locker app signature.

5. Take note of the signature for use in a later step.

Signatures for com.imprivata.locker App

The signature for com.imprivata.locker installed as a private app is as follows:

3082036830820250a003020102020462fd36fd300d06092a864886f70d01010b05003075310b3009060355040613025553310b300906035504080c024d413110300e06035504070c0757616c7468616d31123010060355040a0c09496d70726976617461311a3018060355040b0c114f5343494420456e67696e656572696e673117301506035504030c0e4c6f636b657220416e64726f69643020170d3232303831373138343431335a180f32313232303831373138343431335a3075310b3009060355040613025553310b300906035504080c024d413110300e06035504070c0757616c7468616d31123010060355040a0c09496d70726976617461311a3018060355040b0c114f5343494420456e67696e656572696e673117301506035504030c0e4c6f636b657220416e64726f696430820122300d06092a864886f70d01010105000382010f003082010a0282010100b1ac54664ee38c84768fe4acae1c92a465880ca863b8150bf979d1e38913d3a3dd704ad30bc06ab9da8121cb13d90001b5fe9e0ff30d86a87f062a4497e52ebcb0443133502b192486cc6907b754f7509a0ed2af0492c77f9539993f7bf2a98dfabb24a09113eb5cb5c82246673c8259a7c0ef846ce9eba7c8cab8a083d58d54178be0a2d488a354fadd4d9e73fa003897fc99615127e1645fa4b0b19d04d3f0a0dfb73401c10c2f9e376cb0121b6dd0438472bbc17e6804cd184e830383995f2f3644f764e29c55edd7ece45e94facf348a1dc7e015b7b22d5c0feed88c518f4ef6f51ba0157db0cbd0f4cc023182ff54c6adf6f3f73e231639640164c283250203010001300d06092a864886f70d01010b050003820101000f24f81509b258dc90b85f47b8411870741598779bf7f7fc6c5ba240148cba5a721146a461df46308b15d575d5619e0a0b17eccc6d0391c834389a2e18aac8acd4e928379e950355f4a26a33dadf2e4b121eeab2be62f26818e26d11d7fc194efec4aba3996c3e455b2fd99dd0a5d270fbe4286ec4c5a5d92a95bcf7f130f71fee9f6717b737b0cfb3ebab1a058385dad7ac7ed8a75c1fc0e955110acd84b0d0bbce7528c28b8f6345246d7b94840781856a80d2ec745c78162dba6a2afda4f9cef4a548ba604440a5d97f58d59a6ef64275d2f4c2b37d7c0fea638fe9b298607c888e7b00330c4d28ffcf0f69f387bdbdc9cec9e85b1af67ff9af56614bd05d

The signature for com.imprivata.locker installed from the Google Play Store is as follows:

3082036830820250a003020102020462fd3625300d06092a864886f70d01010b05003075310b3009060355040613025553310b300906035504080c024d413110300e06035504070c0757616c7468616d31123010060355040a0c09496d70726976617461311a3018060355040b0c114f5343494420456e67696e656572696e673117301506035504030c0e4c6f636b657220416e64726f69643020170d3232303831373138343033375a180f32313232303831373138343033375a3075310b3009060355040613025553310b300906035504080c024d413110300e06035504070c0757616c7468616d31123010060355040a0c09496d70726976617461311a3018060355040b0c114f5343494420456e67696e656572696e673117301506035504030c0e4c6f636b657220416e64726f696430820122300d06092a864886f70d01010105000382010f003082010a028201010086a8db8f71b30d5faaeab9c741899f716b802188e2c850527a47ee88d40fc624e2ee77906bfce09db97e75c02c7f3d812d00c84247f8b77b5e9fcb428f2b69d686c639695eb569b8e5be531b267237edc25e3431c331b4d1add2d7277ea55b5830f164ec82a3b85ff1f6373dd0d5bec47ee70186f4d650a6d0afbdc6c868623efdaadb5744e6d8318f4383fd01b2cc35b38a36a46c4c186227d6ce777307ad0ac079bcd91235d33e9e562850c7a865d8588a83e75c99c67bf52877a2b1c3cc4a06fcfe3a9593204878f5470079865b55d3216da7ac1dd0696244f1009bf33ce27eae1065da21882e359f8f50d740bb7288e728adaf181caedad8dc7f7a8053a90203010001300d06092a864886f70d01010b05000382010100154f0a0bb501d1f37ccc5a0bfc1a63202303e47e7a40baa0cc3617caf37c023f0f38f62a84055838813d087d6031c4409d49c837efa71d5d14d670b9d74558eef12f5c5de8f6657d4de4ca96a5409e9e366e8821e5a2221b92d543ac988677e280cfb88f883ae7c5808b940162237c68cfd5f7a2ae2b73499b99414e9fe2ec983153e7c7cdee9a94cc18c0b385d872c5d09e1ef6f97fb1132bad697fb14cd7b41812629a6efd158442a2995f035eac6c3e03eab36f89054436338c14ca89cfe5d7d37838831a8141b935bcce21ebfccf5974f24edc1921e2f7db52d6a70f4089d38d4f0d8258ab2edecaf22ef34f88073e19992f238ecb4ce82ba521a2fb5e54

Step 2: Send the add_allowed_apps Script

To send the add_allowed_apps script to the MobiControl agent on the selected devices:

1. In the Script Editor pane, type the following command and then click Send Script:

   Copy

   add_allowed_app com.imprivata.locker <signature> AllowedAll

   where <signature> is the signature of the com.imprivata.locker app you saved earlier.

   Example

   Copy

   add_allowed_app com.imprivata.locker 3082036830820250a003020102020462fd36fd300d06092a864886f70d01010b05003075310b3009060355040613025553310b300906035504080c024d413110300e06035504070c0757616c7468616d31123010060355040a0c09496d70726976617461311a3018060355040b0c114f5343494420456e67696e656572696e673117301506035504030c0e4c6f636b657220416e64726f69643020170d3232303831373138343431335a180f32313232303831373138343431335a3075310b3009060355040613025553310b300906035504080c024d413110300e06035504070c0757616c7468616d31123010060355040a0c09496d70726976617461311a3018060355040b0c114f5343494420456e67696e656572696e673117301506035504030c0e4c6f636b657220416e64726f696430820122300d06092a864886f70d01010105000382010f003082010a0282010100b1ac54664ee38c84768fe4acae1c92a465880ca863b8150bf979d1e38913d3a3dd704ad30bc06ab9da8121cb13d90001b5fe9e0ff30d86a87f062a4497e52ebcb0443133502b192486cc6907b754f7509a0ed2af0492c77f9539993f7bf2a98dfabb24a09113eb5cb5c82246673c8259a7c0ef846ce9eba7c8cab8a083d58d54178be0a2d488a354fadd4d9e73fa003897fc99615127e1645fa4b0b19d04d3f0a0dfb73401c10c2f9e376cb0121b6dd0438472bbc17e6804cd184e830383995f2f3644f764e29c55edd7ece45e94facf348a1dc7e015b7b22d5c0feed88c518f4ef6f51ba0157db0cbd0f4cc023182ff54c6adf6f3f73e231639640164c283250203010001300d06092a864886f70d01010b050003820101000f24f81509b258dc90b85f47b8411870741598779bf7f7fc6c5ba240148cba5a721146a461df46308b15d575d5619e0a0b17eccc6d0391c834389a2e18aac8acd4e928379e950355f4a26a33dadf2e4b121eeab2be62f26818e26d11d7fc194efec4aba3996c3e455b2fd99dd0a5d270fbe4286ec4c5a5d92a95bcf7f130f71fee9f6717b737b0cfb3ebab1a058385dad7ac7ed8a75c1fc0e955110acd84b0d0bbce7528c28b8f6345246d7b94840781856a80d2ec745c78162dba6a2afda4f9cef4a548ba604440a5d97f58d59a6ef64275d2f4c2b37d7c0fea638fe9b298607c888e7b00330c4d28ffcf0f69f387bdbdc9cec9e85b1af67ff9af56614bd05d AllowedAll

Step 3: Enable Password Enforcement

MAM uses the enrollAndroidPIN AppConfig flag to enable password enforcement in SOTI.

To configure the enrollAndroidPIN AppConfig flag:

1. In the SOTI console, click the gear icon for the Imprivata Locker app.

2. In the Managed App Config section, add a new key for the AppConfig:

   ConfigFlags enrollAndroidPIN.