Menu

What does "Security policy prevents installation of this application" mean?

You might see the error message, "Security policy prevents installation of this application" if you perform the following steps:

  1. Install an MDM app onto a device, for example, using Android Studio ADB.
  2. Create a Knox container.
  3. Change MDM app code and install it on the device again.

The Android Multiple User Framework attempts to install the MDM app into all user spaces, including the Knox container. For security reasons, you cannot use ADB to install apps into the Knox container.

You must remove the Knox container before you can re-install your MDM app. To do this, disable the Device Administrator from Settings > Security > Device Administrators. If you need to re-install your MDM app regularly, for debugging purposes, you should programmatically do this as an active admin by calling:

ComponentName devAdminReceiver = new ComponentName(getBaseContext(), TestAdmin.class); 
// Context and class name of your device admin 
DevicePolicyManager dpm = (DevicePolicyManager)getBaseContext().getSystemService(Context.DEVICE_POLICY_SERVICE); 
dpm.removeActiveAdmin(devAdminReceiver);