Kadiska Tester deployment on Android¶
Technical requirements¶
The Kadiska Android application (called Kadiska Tester) can run on any type of Android devices running the Android API Level 26 at a minimum. This API is supported as from Android version 8.
Please refer to https://apilevels.com for more information.
Manual installation¶
Before assigning a Fleet configuration to an Android device, make sure you have created Tracers and have assigned them to the newly created Fleet. Please refer to this section for more details. This will prevent you from having to wait for a first Android device configuration update when Tracers are created and applied after the Kadiska Tester deployment. This automatic update is scheduled every hour.
Manually installing the Kadiska Tester is a straightforward process.
From the Play Store on your Android device, search for the application "Kadiska" (1).
Click on install (2). Then open the application (3).
When starting the application for the first time, you may get two notifications asking to activate additional required permissions.
First, as the application will perform scheduled and automatic Tracer tests, it must be able to run in the background.
Then, in order for the Kadiska application to identify WiFi networks on which it is connected when performing Tracer tests, the Android device's location permission must be granted.
The Kadiska Tester does not use the device's location service to geolocate the user at any point. It only uses the service to identify the network name (SSID) and access point (BSSID) to which the device is connected.
Once the Kadiska Tester is installed, you have to apply the Fleet configuration created. Please refer to the Creation & Configuration part for more details about how to create a Fleet.
Navigate to the Fleet configuration view, click on "Show Key" (1), then select the "Mobile Setup" checkbox (2).
From your Android device, read the QR-code to push the Tracer configuration on the device.
You'll see the list of configured Tracers directly on your mobile (3).
Deployment through an Mobile Device Management (MDM) platform¶
Deployment models¶
Android MDM considers three use cases, excluding personal Android devices that are not managed by an organization:
- corporate devices that are exclusively used for professional purposes
- corporate devices that can be partially used for private purposes
- private devices that can be partially used for professional purposes (BYOD - Bring Your Own Device)
To address these use cases, Android provides a way to isolate the professional and personal environment called a "work profile".
We focus here on the model that relies on an enterprise MDM platform and assume that the devices are managed by your organization.
In this case, the scenario we are focusing on is the "fully managed devices" when the devices are not configured with a work profile.
Deployment technical requirements¶
As mentioned above, to operate properly, the Kadiska Tester requires:
- to run in the background
- to use the device's location service
These capabilities greatly depend on the MDM platform used, the deployment model, as well as the Android devices type and version.
To ensure the application constantly runs in the background, a mechanism that will periodically trigger the application is a must. Please refer to the Examples of deployments through MDM solutions section for a detailed example of VMware WorkspaceONE.
If you want to avoid the users to manually authorize permissions (background run and geolocation), you can configure your MDM to enforce the following permissions:
android.permission.ACCESS_READ_PHONE_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_BACKGROUND_LOCATION
Device ID¶
To identify a unique device from your fleets, the Kadiska Tester can use the IMEI (International Mobile Equipment Identity) as device ID.
This makes easy to find a specific device from the Kadiska dashboards, in your MDM.
Every device which has a SIM card slot, should have an IMEI.
To read the IMEI, the Kadiska Tester requires the enterprise policy CERT_INSTALL (since Android 10), which must be activated in your MDM.
In your MDM, this policy can be found as example with a name like Install certificates or Certificate installation and management.
Notes:
- The IMEI is not available on devices without a SIM card slot.
- Multiple SIM card slots can be found on a single device, only the first one will be used.
- If the policy is not granted, or if the IMEI is not available, the Kadiska Tester will use the Android ID as fallback.
Using a private store¶
Organizations may decide to import the Kadiska Tester in their applications private store.
In this case, we recommend creating a "Google Service Account" so that we can automatically deliver all application software updates and upgrades.
Please contact the Kadiska team if such a private store configuration is required.