The 5.2 and later versions of Symantec Mobility: Suite provide the capability to assign a collection of devices to a device-based group structure. Groups of this type are called Operational Groups. Unlike previous versions where groups could only be populated with users, operational groups allow group membership by devices.
A typical use-case for the operational group is an organization that wants to provision a set of devices on an ad-hoc basis without regard to any particular user. A good example is a retail outlet that distributes pre-configured tablets from a device pool to their sales associates. These tablets have no specific user assignment, so any sales associate can use any device from the pool. The devices are returned to the pool at the end of the work period and become available for the next group of employees, without the need for additional device management activities.
Access to the operational group and its management functions is through Mobility APIs. Additionally, APIs are used to migrate existing user-group devices to an operational group. When migrating devices, you can optionally remove any user associations to devices.
Before you begin
Symantec Mobility API documentation provides important details for using the APIs noted in the following workflow. Download the current version of the API documentation from: http://www.symantec.com/docs/DOC8151
Following is an example workflow for first identifying a collection of devices, and then moving them to an operational devices group.
- Obtain IDs
Obtain user IDs with the API: /api1/users/<user-id | user-name | user-email>. Pass either the user name or email address to retrieve the user ID.
To return a list of devices, use the devices report API, /api1/report/devices/. You can filter the list based on various parameters. See the API documentation for a list of available parameters.
Note: Filtering the report by “user” requires the user ID from the users API noted above.
- Obtain the opertational group IDs
To add the devices identified in Step 1 to an operational group, you must first obtain the operational group ID. Call /api1/groups , and pass the parameter, device_groups=exclusive
Add devices to the operational group and remove any user associations from the devices
Call /api1/devices/devicegroups and in the POST request, pass the data gathered from the API actions of the previous steps. You have the following options:
remove_user Use this option to remove any user associations with the device(s). If you don’t use this option, the user association is retained regardless of any group assignment.
group_action Use this action to either add the devices to the device group (add) or retain the current group membership (noop)