1# @ohos.enterprise.accountManager (Account Management) 2 3The **accountManager** module provides APIs for account management of enterprise devices. 4 5> **NOTE** 6> 7> - The initial APIs of this module are supported since API version 12. Newly added APIs will be marked with a superscript to indicate their earliest API version. 8> 9> - The APIs of this module can be used only in the stage model. 10> 11> - The APIs of this module can be called only by a [device administrator application](../../mdm/mdm-kit-guide.md#introduction) that is enabled. 12 13## Modules to Import 14 15```ts 16import { accountManager } from '@kit.MDMKit'; 17``` 18 19## accountManager.disallowOsAccountAddition 20 21disallowOsAccountAddition(admin: Want, disallow: boolean, accountId?: number): void 22 23Disallows a user to add system accounts through the specified device administrator application. 24 25**Required permissions**: ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 26 27**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 28 29 30 31**Parameters** 32 33| Name | Type | Mandatory| Description | 34| --------- | ------------------------------------------------------- | ---- | ----------------------------------------------------------- | 35| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | Device administrator application. | 36| disallow | boolean | Yes | Whether to forbid the addition of local user accounts. The value **true** means the addition of local user accounts is forbidden, and the value **false** means the opposite. | 37| accountId | number | No | User ID, which must be greater than or equal to 0. | 38 39**Error codes** 40 41For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 42 43| ID| Error Message | 44| -------- | ------------------------------------------------------------ | 45| 9200001 | The application is not an administrator application of the device. | 46| 9200002 | The administrator application does not have permission to manage the device. | 47| 201 | Permission verification failed. The application does not have the permission required to call the API. | 48| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 49 50**Example** 51 52```ts 53import { Want } from '@kit.AbilityKit'; 54let wantTemp: Want = { 55 bundleName: 'com.example.myapplication', 56 abilityName: 'EntryAbility', 57}; 58 59try { 60 accountManager.disallowOsAccountAddition(wantTemp, true, 100); 61 console.info('Succeeded in disallowing os account addition.'); 62} catch (err) { 63 console.error(`Failed to disallow os account addition. Code: ${err.code}, message: ${err.message}`); 64} 65``` 66 67## accountManager.isOsAccountAdditionDisallowed 68 69isOsAccountAdditionDisallowed(admin: Want, accountId?: number): boolean 70 71Checks whether a user is not allowed to add system accounts through the specified device administrator application. 72 73**Required permissions**: ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 74 75**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 76 77 78 79**Parameters** 80 81| Name | Type | Mandatory| Description | 82| --------- | ------------------------------------------------------- | ---- | ------------------------------------------- | 83| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | Device administrator application. | 84| accountId | number | No | User ID, which must be greater than or equal to 0.| 85 86**Return value** 87 88| Type | Description | 89| ------- | ------------------------------------------------------------ | 90| boolean | Returns **true** if the user is not allowed to add system accounts;<br>returns **false** otherwise.| 91 92**Error codes** 93 94For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 95 96| ID| Error Message | 97| -------- | ------------------------------------------------------------ | 98| 9200001 | The application is not an administrator application of the device. | 99| 9200002 | The administrator application does not have permission to manage the device. | 100| 201 | Permission verification failed. The application does not have the permission required to call the API. | 101| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 102 103**Example** 104 105```ts 106import { Want } from '@kit.AbilityKit'; 107let wantTemp: Want = { 108 bundleName: 'com.example.myapplication', 109 abilityName: 'EntryAbility', 110}; 111 112try { 113 let isDisallowed: boolean = accountManager.isOsAccountAdditionDisallowed(wantTemp, 100); 114 console.info(`Succeeded in querying the os account addition or not: ${isDisallowed}`); 115} catch (err) { 116 console.error(`Failed to query the os account addition or not. Code: ${err.code}, message: ${err.message}`); 117} 118``` 119 120## accountManager.addOsAccountAsync 121 122addOsAccountAsync(admin: Want, name: string, type: osAccount.OsAccountType): Promise<osAccount.OsAccountInfo> 123 124Adds a system account in the background through the specified device administrator application. This API uses a promise to return the result. 125 126**Required permissions**: ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY 127 128**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 129 130 131 132**Parameters** 133 134| Name| Type | Mandatory| Description | 135| ------ | ------------------------------------------------------------ | ---- | ------------------------------------------------------------ | 136| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | Device administrator application. | 137| name | string | Yes | User ID, which must be greater than or equal to 0. | 138| type | [osAccount.OsAccountType](../apis-basic-services-kit/js-apis-osAccount.md#osaccounttype) | Yes | Type of the account to add.<br>The value can be any of the following:<br>· **ADMIN**: administrator account.<br>· **NORMAL**: normal account.<br>· **GUEST**: guest account.| 139 140**Return value** 141 142| Type | Description | 143| ------------------------------------------------------------ | -------------------- | 144| [osAccount.OsAccountInfo](../apis-basic-services-kit/js-apis-osAccount.md#osaccounttype) | Information about the account added.| 145 146**Error codes** 147 148For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 149 150| ID| Error Message | 151| -------- | ------------------------------------------------------------ | 152| 9200001 | The application is not an administrator application of the device. | 153| 9200002 | The administrator application does not have permission to manage the device. | 154| 9201003 | Failed to add an OS account. | 155| 201 | Permission verification failed. The application does not have the permission required to call the API. | 156| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 157 158**Example** 159 160```ts 161import { Want } from '@kit.AbilityKit'; 162import { BusinessError, osAccount } from '@kit.BasicServicesKit'; 163let wantTemp: Want = { 164 bundleName: 'com.example.myapplication', 165 abilityName: 'EntryAbility', 166}; 167 168accountManager.addOsAccountAsync(wantTemp, "TestAccountName", osAccount.OsAccountType.NORMAL).then((info) => { 169 console.info(`Succeeded in creating os account: ${JSON.stringify(info)}`); 170}).catch((err: BusinessError) => { 171 console.error(`Failed to creating os account. Code: ${err.code}, message: ${err.message}`); 172}); 173``` 174