The Shared Device settings page lets you configure settings related to the shared device (multi-user) functionality of Workspace ONE UEM.
Configure Shared Device settings by navigating to.
What can you do with the Workspace ONE UEM Shared Device settings page?
- Choose how group assignment is handled.
- Let the end user enter the group ID, effectively letting them choose the organization group (OG).
- Lock the end users to a fixed OG.
- Base assignments on the User Group to which the user belongs. Whichever OG the User Group is assigned, that is where all users in that User Group will go.
- Configure and force shared device users to enter a special shared device passcode, which is distinct from the single sign-on passcode, including all the passcode variables such as complexity, special characters, expiration, and so on.
- Configure what happenes when users of shared devices log out:
- Configure whether Android app data is cleared
- Configure whether Android apps assigned to the user are reinstalled.
- Configure whether passcode is cleared (both Android and iOS), requiring the next user that checks out the device to create their own passcode.
- Clear Android accounts, which some apps use to automatically log users in. Applies to Workspace ONE Launcher only.
Determine your Organizational group hierarchy
Before you review and modify settings, understand the two types of inheritance/override options for the organization group hierarchy available at the top and bottom of the settings page and determine your choices. For more information about these settings, see Override Versus Inherit Setting for Organization Groups.
- Current Setting – Select whether to Inherit or Override the displayed settings. Inherit means use the settings of the current organization group's parent OG, while Override enables the settings for editing so you can modify the current OG's settings directly.
- Child Permission – Select the available behavior of child organization groups that exist below the currently selected organization group. Inherit only means child OGs are only allowed to inherit these settings. Override only means they override the settings, and Inherit or Override means you can choose to inherit or override settings in child OGs that exist below the currently selected OG.
|Group Assignment Mode||
Configure devices in one of three ways:
|Require Shared Device Passcode||(For iOS devices only) Require users to create a Shared Device passcode in the Self-Service Portal to check out devices. This passcode is different from a Single Sign On passcode or a device-level passcode.|
|Require Special Characters||Require special characters in the shared device passcode, which includes characters such as @, %, &, and so forth.|
|Shared Device Passcode Minimum Length||Set the minimum character length of the shared passcode.|
|Shared Device Passcode Expiration Time (days)||Set the length of time (in days) the shared passcode expires.|
|Keep Shared device Passcode for minimum time (days)||Set the minimum amount of time (in days) the shared device passcode must be changed.|
|Passcode History||Set the number of passcodes that are remembered by the system, providing a more secure environment by preventing the user from reusing old passcodes.|
|Auto Logout||Configure an automatic log out after a specific time period.|
|Auto Logout After||Set the length of time that must elapse before the Auto Log out function activates in Minutes, Hours, or Days.|
|iOS Single App Mode||
Select this check box to configure Single App Mode, which locks the device into a single application when an end user logs in to the device.
To check out an iOS device in Single App Mode, end users log in using their credentials. When the device is checked in again, it returns to Single App Mode.
Enabling Single App Mode also deactivates the Home button on the device.
Note: Single App Mode applies only to Supervised iOS devices.
|Clear Android App Data||This setting controls whether the application data from the current session is cleared when the user logs out of a shared device (checks it in).|
|Reinstall Android Apps||
If an app is assigned to the staging user and end-users logging in and out of the device, select one of the preferred app management behaviors: Always reinstall apps between users or Never reinstall apps between users.
Warning: VMware recommends not enabling the Never option. When this option is set to Never, the software no longer requires that apps be deleted and reinstalled when one user stops using a shared device and another user begins using the same device. This means that the next user may have access to the original user’s app data, including any personal or sensitive data.
Ensuring the security of app data by end users using the same device is your sole responsibility. VMware is not liable for any damages in connection with your decision to enable this feature including direct, indirect, incidental, special, punitive, consequential damages or loss of profits, even if notice is given of the possibility of these kinds of damages.
|Clear Android Device Passcode||Enable to clear the Android device passcode, requiring the next user to create their own.|
|Clear Android Accouts||Enable to remove accounts that some apps can use to automatically log in. This settings only applies to Launcher since Native Android Launcher always clears every account.
Note: Android 8.0 required to clear Google accounts. Android 9.0 required for non- Google accounts.
|Clear iOS Device Passcode||Enable to clear the iOS device passcode, requiring the next user to create their own.|