@ohos.enterprise.accountManager (Account Management) (System API)
The accountManager module provides APIs for account management of enterprise devices.
NOTE
The initial APIs of this module are supported since API version 10. Newly added APIs will be marked with a superscript to indicate their earliest API version.
The APIs of this module can be used only in the stage model.
The APIs of this module can be called only by a device administrator application that is enabled.
This topic describes only the system APIs provided by the module. For details about its public APIs, see @ohos.enterprise.accountManager.
Modules to Import
import { accountManager } from '@kit.MDMKit';
accountManager.disallowAddLocalAccount
disallowAddLocalAccount(admin: Want, disallow: boolean, callback: AsyncCallback<void>): void
Disallows a device administrator application to create local user accounts. This API uses an asynchronous callback to return the result.
Required permissions: ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY
System capability: SystemCapability.Customization.EnterpriseDeviceManager
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| admin | Want | Yes | Device administrator application. |
| disallow | boolean | Yes | Whether to forbid the creation of local user accounts. The value true means to forbid the creation of local user accounts, and the value false means the opposite. |
| callback | AsyncCallback<void> | Yes | Callback used to return the result. If the operation is successful, err is null. Otherwise, err is an error object. |
Error codes
For details about the error codes, see Enterprise Device Management Error Codes and Universal Error Codes.
| ID | Error Message |
|---|---|
| 9200001 | The application is not an administrator application of the device. |
| 9200002 | The administrator application does not have permission to manage the device. |
| 201 | Permission verification failed. The application does not have the permission required to call the API. |
| 202 | Permission verification failed. A non-system application calls a system API. |
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. |
Example
import { Want } from '@kit.AbilityKit';
let wantTemp: Want = {
bundleName: 'com.example.myapplication',
abilityName: 'EntryAbility',
};
accountManager.disallowAddLocalAccount(wantTemp, true, (err) => {
if (err) {
console.error(`Failed to disallow add local account. Code: ${err.code}, message: ${err.message}`);
return;
}
console.info('Succeeded in disallowing add local account');
});
accountManager.disallowAddLocalAccount
disallowAddLocalAccount(admin: Want, disallow: boolean): Promise<void>
Disallows a device administrator application to create local user accounts. This API uses a promise to return the result.
Required permissions: ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY
System capability: SystemCapability.Customization.EnterpriseDeviceManager
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| admin | Want | Yes | Device administrator application. |
| disallow | boolean | Yes | Whether to forbid the creation of local user accounts. The value true means to forbid the creation of local user accounts, and the value false means the opposite. |
Return value
| Type | Description |
|---|---|
| Promise<void> | Promise that returns no value. An error object will be thrown if the operation fails. |
Error codes
For details about the error codes, see Enterprise Device Management Error Codes and Universal Error Codes.
| ID | Error Message |
|---|---|
| 9200001 | The application is not an administrator application of the device. |
| 9200002 | The administrator application does not have permission to manage the device. |
| 201 | Permission verification failed. The application does not have the permission required to call the API. |
| 202 | Permission verification failed. A non-system application calls a system API. |
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. |
Example
import { Want } from '@kit.AbilityKit';
import { BusinessError } from '@kit.BasicServicesKit';
let wantTemp: Want = {
bundleName: 'com.example.myapplication',
abilityName: 'EntryAbility',
};
accountManager.disallowAddLocalAccount(wantTemp, true).then(() => {
console.info('Succeeded in disallowing add local account');
}).catch((err: BusinessError) => {
console.error(`Failed to disallow add local account. Code: ${err.code}, message: ${err.message}`);
});
accountManager.disallowAddOsAccountByUser11+
disallowAddOsAccountByUser(admin: Want, userId: number, disallow: boolean): void
Disallows a user to add system accounts through the specified device administrator application.
Required permissions: ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY
System capability: SystemCapability.Customization.EnterpriseDeviceManager
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| admin | Want | Yes | Device administrator application. |
| userId | number | Yes | User ID, which must be greater than or equal to 0. |
| disallow | boolean | Yes | Whether to disallow the user to add system accounts. The value true means to disallow the user to add system accounts; the value false means the opposite. |
Error codes
For details about the error codes, see Enterprise Device Management Error Codes and Universal Error Codes.
| ID | Error Message |
|---|---|
| 9200001 | The application is not an administrator application of the device. |
| 9200002 | The administrator application does not have permission to manage the device. |
| 201 | Permission verification failed. The application does not have the permission required to call the API. |
| 202 | Permission verification failed. A non-system application calls a system API. |
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. |
Example
import { Want } from '@kit.AbilityKit';
let wantTemp: Want = {
bundleName: 'com.example.myapplication',
abilityName: 'EntryAbility',
};
try {
accountManager.disallowAddOsAccountByUser(wantTemp, 100, true);
console.info(`Succeeded in disallowing user add os account`);
} catch (err) {
console.error(`Failed to disallow user add os account. Code: ${err.code}, message: ${err.message}`);
}
accountManager.isAddOsAccountByUserDisallowed11+
isAddOsAccountByUserDisallowed(admin: Want, userId: number): boolean
Checks whether a user is not allowed to add system accounts through the specified device administrator application.
Required permissions: ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY
System capability: SystemCapability.Customization.EnterpriseDeviceManager
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| admin | Want | Yes | Device administrator application. |
| userId | number | Yes | User ID, which must be greater than or equal to 0. |
Return value
| Type | Description |
|---|---|
| boolean | Returns true if the user is not allowed to add system accounts; returns false otherwise. |
Error codes
For details about the error codes, see Enterprise Device Management Error Codes and Universal Error Codes.
| ID | Error Message |
|---|---|
| 9200001 | The application is not an administrator application of the device. |
| 9200002 | The administrator application does not have permission to manage the device. |
| 201 | Permission verification failed. The application does not have the permission required to call the API. |
| 202 | Permission verification failed. A non-system application calls a system API. |
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. |
Example
import { Want } from '@kit.AbilityKit';
let wantTemp: Want = {
bundleName: 'com.example.myapplication',
abilityName: 'EntryAbility',
};
try {
let isDisallowed: boolean = accountManager.isAddOsAccountByUserDisallowed(wantTemp, 100);
console.info(`Succeeded in querying the user can add os account or not: ${isDisallowed}`);
} catch (err) {
console.error(`Failed to query the user can add os account or not. Code: ${err.code}, message: ${err.message}`);
}
accountManager.addOsAccount11+
addOsAccount(admin: Want, name: string, type: osAccount.OsAccountType): osAccount.OsAccountInfo
Adds a system account in the background through the specified device administrator application.
Required permissions: ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY
System capability: SystemCapability.Customization.EnterpriseDeviceManager
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| admin | Want | Yes | Device administrator application. |
| name | string | Yes | User ID, which must be greater than or equal to 0. |
| type | osAccount.OsAccountType | Yes | Type of the account to add. The value can be any of the following: · ADMIN: administrator account. · NORMAL: normal account. · GUEST: guest account. |
Return value
| Type | Description |
|---|---|
| osAccount.OsAccountInfo | Information about the account added. |
Error codes
For details about the error codes, see Enterprise Device Management Error Codes and Universal Error Codes.
| ID | Error Message |
|---|---|
| 9200001 | The application is not an administrator application of the device. |
| 9200002 | The administrator application does not have permission to manage the device. |
| 9201003 | Failed to add an OS account. |
| 201 | Permission verification failed. The application does not have the permission required to call the API. |
| 202 | Permission verification failed. A non-system application calls a system API. |
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. |
Example
import { Want } from '@kit.AbilityKit';
import { osAccount } from '@kit.BasicServicesKit';
let wantTemp: Want = {
bundleName: 'com.example.myapplication',
abilityName: 'EntryAbility',
};
try {
let info: osAccount.OsAccountInfo = accountManager.addOsAccount(wantTemp, "TestAccountName", osAccount.OsAccountType.NORMAL);
console.info(`Succeeded in creating os account: ${JSON.stringify(info)}`);
} catch (err) {
console.error(`Failed to creating os account. Code: ${err.code}, message: ${err.message}`);
}