1page.title=Supporting Multiple Users 2@jd:body 3 4<!-- 5 Copyright 2015 The Android Open Source Project 6 7 Licensed under the Apache License, Version 2.0 (the "License"); 8 you may not use this file except in compliance with the License. 9 You may obtain a copy of the License at 10 11 http://www.apache.org/licenses/LICENSE-2.0 12 13 Unless required by applicable law or agreed to in writing, software 14 distributed under the License is distributed on an "AS IS" BASIS, 15 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 See the License for the specific language governing permissions and 17 limitations under the License. 18--> 19<div id="qv-wrapper"> 20 <div id="qv"> 21 <h2>In this document</h2> 22 <ol id="auto-toc"> 23 </ol> 24 </div> 25</div> 26 27<p>Android supports multiple users on a single Android device by separating user 28accounts and application data. For instance, parents may allow their children to 29use the family tablet, or a critical response team might share a mobile device 30for on-call duty.</p> 31 32<h2 id=definitions>Terminology</h2> 33<p>Android uses the following terms when describing Android users and accounts.</p> 34 35<h3 id=general_defs>General</h3> 36<p>Android device administration uses the following general terms.</p> 37 38<ul> 39 <li><em>User</em>. Each user is intended to be used by a different physical 40 person. Each user has distinct application data and some unique settings, as 41 well as a user interface to explicitly switch between users. A user can run in 42 the background when another user is active; the system manages shutting down 43 users to conserve resources when appropriate. Secondary users can be created 44 either directly via the primary user interface or from a 45 <a href="https://developer.android.com/guide/topics/admin/device-admin.html">Device 46 Administration</a> application.</li> 47 <li><em>Account</em>. Accounts are contained within a user but are not defined 48 by a user, nor is a user defined by or linked to any given account. Users and 49 profiles contain their own unique accounts but are not required to have 50 accounts to be functional. The list of accounts differs by user. For details, 51 refer to the 52 <a href="https://developer.android.com/reference/android/accounts/Account.html">Account 53 class</a> definition.</li> 54 <li><em>Profile</em>. A profile has separated app data but shares some 55 system-wide settings (for example, Wi-Fi and Bluetooth). A profile is a subset 56 of and tied to the existence of a user. A user can have multiple profiles. 57 They are created through a 58 <a href="https://developer.android.com/guide/topics/admin/device-admin.html">Device 59 Administration</a> application. A profile always has an immutable association 60 to a parent user, defined by the user that created the profile. Profiles do not live beyond the lifetime of the creating user.</li> 61 <li><em>App</em>. An application’s data exists within each associated user. 62 App data is sandboxed from other applications within the same user. Apps 63 within the same user can interact with each other via IPC. For details, refer 64 to <a href="https://developer.android.com/training/enterprise/index.html">Building 65 Apps for Work</a>.</li> 66</ul> 67 68<h3 id=user_types>User types</h3> 69<p>Android device administration uses the following user types.</p> 70 71<ul> 72 <li><em>Primary</em>. First user added to a device. The primary user 73 cannot be removed except by factory reset and is always running even when 74 other users are in the foreground. This user also has special privileges and 75 settings only it can set.</li> 76 <li><em>Secondary</em>. Any user added to the device other than the primary 77 user. Secondary users can be removed (either by themselves or by the primary 78 user) and cannot impact other users on a device. These users can run in the 79 background and continue to have network connectivity.</li> 80 <li><em>Guest</em>. Temporary secondary user. Guest users have an explicit 81 option to quick delete the guest user when its usefulness is over. There can 82 be only one guest user at a time.</li> 83</ul> 84 85<h3 id=profile_types>Profile types</h3> 86<p>Android device administration uses the following profile types.</p> 87 88<ul> 89 <li><em>Managed</em>. Created by an application to contain work data 90 and apps. They are managed exclusively by the profile owner (the app that 91 created the corp profile). Launcher, notifications, and recent tasks are 92 shared by the primary user and the corp profile.</li> 93 <li><em>Restricted</em>. Uses accounts based off the primary user, who can 94 control what apps are available on the restricted profile. Available only on 95 tablets.</li> 96</ul> 97 98<h2 id=applying_the_overlay>Enabling multi-user</h2> 99 100<p>As of Android 5.0, the multi-user feature is disabled by default. To 101enable it, device manufacturers must define a resource overlay that replaces 102the following values in <code>frameworks/base/core/res/res/values/config.xml</code>: 103</p> 104 105<pre><!-- Maximum number of supported users --> 106<integer name="config_multiuserMaximumUsers">1</integer> 107<!-- Whether Multiuser UI should be shown --> 108<bool name="config_enableMultiUserUI">false</bool> 109</pre> 110 111<p>To apply this overlay and enable guest and secondary users on the device, use 112the <code>DEVICE_PACKAGE_OVERLAYS</code> feature of the Android build system to:</p> 113 114<ul> 115 <li>Replace the value for <code>config_multiuserMaximumUsers</code> with one 116 greater than 1</li> 117 <li>Replace the value of <code>config_enableMultiUserUI</code> with: 118 <code>true</code></li> 119</ul> 120 121<p>Device manufacturers may decide upon the maximum number of users. If device 122manufacturers or others have modified settings, they must ensure SMS and 123telephony work as defined in the 124<a href="{@docRoot}compatibility/android-cdd.pdf">Android Compatibility 125Definition Document</a> (CDD).</p> 126 127<h2 id=managing_users>Managing multiple users</h2> 128 129<p>Management of users and profiles (with the exception of restricted profiles) 130is performed by applications that programmatically invoke API in the 131<code>DevicePolicyManager</code> class to restrict use.</p> 132 133<p>Schools and enterprises may employ users and profiles to manage the lifetime 134and scope of apps and data on devices, using the types outlined above in 135conjunction with the 136<a href="http://developer.android.com/reference/android/os/UserManager.html">UserManager 137API</a> to build unique solutions tailored to their use cases.</p> 138 139 140<h2 id=effects>Multi-user system behavior</h2> 141 142<p>When users are added to a device, some functionality is curtailed when 143another user is in the foreground. Since app data is separated by user, the 144state of those apps differs by user. For example, email destined for an account 145of a user not currently in focus won’t be available until that user and account 146are active on the device.</p> 147 148<p>By default, only the primary user has full access to phone calls and texts. 149The secondary user may receive inbound calls but cannot send or receive texts. 150The primary user must enable these functions for others.</p> 151 152<p class="note"><strong>Note</strong>: To enable or disable the phone and SMS 153functions for a secondary user, go to <em>Settings > Users</em>, select the 154user, and switch the <em>Allow phone calls and SMS</em> setting to off.</p> 155 156<p>Some restrictions exist when a secondary user is in background. For instance, 157the background secondary user cannot display the user interface or make 158Bluetooth services active. In addition, the system process will halt background 159secondary users if the device needs additional memory for operations in the 160foreground user.</p> 161 162<p>When employing multiple users on an Android device, keep the following 163behavior in mind:</p> 164 165<ul> 166 <li>Notifications appear for all accounts of a single user at once.</li> 167 <li>Notifications for other users do not appear until active.</li> 168 <li>Each user gets a workspace to install and place apps.</li> 169 <li>No user has access to the app data of another user.</li> 170 <li>Any user can affect the installed apps for all users.</li> 171 <li>The primary user can remove apps or even the entire workspace established 172 by secondary users.</li> 173</ul> 174 175<p>Android 7.0 includes several enhancements, including:</p> 176 177<ul> 178 <li><em>Toggle work profile</em>. Users can disable their managed profile 179 (such as when not at work). This functionality is achieved by stopping the 180 user; UserManagerService calls <code>ActivityManagerNative#stopUser()</code>. 181 </li> 182 <li><em>Always-on VPN</em>. VPN applications can now be set to always-on by 183 the user, Device DPC, or Managed Profile DPC (applies only to Managed Profile 184 applications). When enabled, applications cannot access the public network 185 (access to network resources is stopped until the VPN has connected and 186 connections can be routed over it). Devices that report 187 <code>device_admin</code> must implement always-on VPN.</li> 188</ul> 189 190<p>For more details on Android 7.0 device administration features, refer to 191<a href="https://developer.android.com/preview/features/afw.html">Android 192for Work Updates</a>.</p> 193