配置和部署 Lookout for Work 应用Configure and deploy Lookout for Work app

适用于:经典门户中的 IntuneApplies to: Intune in the classic portal
在寻找有关 Azure 门户中 Intune 的文档吗?Looking for documentation about Intune in the Azure portal? 请转到此处Go here.

本文介绍了如何为 Android 和 iOS 设备配置和部署 Lookout for Work 应用。This article explains how to configure and deploy the Lookout for Work app for Android and iOS devices.

Android(Google Play 商店应用)Android (Google Play Store app)

  1. Microsoft Intune 管理员控制台中,转到“应用”并选择“添加应用”。In the Microsoft Intune administrator console, go to Apps and choose Add Apps.
  2. 在发布者的“软件设置”页,选择“外部链接”,并指定下列 URL:https://play.google.com/store/apps/details?id=com.lookout.enterpriseOn the Software Setup page of the publisher, choose External link, and specify the following URL: https://play.google.com/store/apps/details?id=com.lookout.enterprise

    备注

    请勿单击要求使用托管浏览器的框。Do not click the box for requiring a managed browser.

  3. 在“软件描述”页填入以下信息:On the Software description page fill in the following information:

    • 发布者:Lookout Mobile SecurityPublisher: Lookout Mobile Security
    • 名称:Lookout for WorkName: Lookout for Work
    • 说明:Lookout 能为设备提供针对移动威胁的最佳保护。Description: Lookout offers the best protection against mobile threats to keep your device safe. 在设备上安装 Lookout 应用后,该应用可让设备免受威胁,并将在发现任何威胁时向用户、公司和管理员发出警报。When the Lookout app is installed on the device, the app protects your device from threats and will alert you, and your company administrator, if any are found.
    • 类型:计算机管理Category: Computer Management
  4. 成功完成时将显示消息“数据已成功上传至 Microsoft Intune”。Upon successful completion you see a message Upload of data to Microsoft Intune successfully completed.

    在 Intune 控制台单击“应用”时,现可在列表中看到 Lookout for Work 应用 在列表中显示 Lookout for Work 应用的 Intune 管理员控制台应用页屏幕截图In the Intune Console when you click on the Apps you will now see the Lookout for Work app in the list screenshot of Intune admin console apps page showing the Lookout for work apps in the list

  5. 通过选择 Lookout for Work 应用,并选择“管理部署”,将应用部署到用户。Deploy the app to users by selecting the Lookout for Work app and choosing Manage Deployment.

    选择的用户必须与添加到 Lookout MTP 控制台“注册管理”选项中的用户一致。You must select the same users added in to the Enrollment Management option in the Lookout MTP console. 请参阅为订阅配置 Lookout MTP 部分中的步骤 3,了解有关将用户组添加到 Lookout MTP 的信息。See Step 3 in the configure your subscription with Lookout MTP section for information about adding user groups to Lookout MTP.

    重要

    Intune 应用部署向导不会感知 Azure AD 用户组,而会使用 Intune 用户组。The Intune app deployment Wizard is not aware of the Azure AD user groups and uses the Intune user groups instead. 因此,必须以在 Lookout MTP 控制台中注册的 Azure AD 用户组为基础创建 Intune 用户组,如本主题所述。So you must create an Intune user group based on the Azure AD user group that is enrolled in the Lookout MTP console as described in thistopic.

  6. 选择“必需安装”选项,该选项要求在用户设备上安装 Lookout 应用。Choose the Required Install option to require that the Lookout app be installed on the user’s device.

iOS(企业签名的 Lookout 应用版本)iOS (Enterprise-signed version of Lookout app)

  1. 确保在设备上设置了 iOS 管理Make sure iOS management is set up on your device. 有关如何针对 iOS 管理设置设备的说明,请参阅设置 iOS 和 Mac 设备管理For instructions on how to set up your device for iOS management, see Set up iOS and Mac device management.

  2. 重新签名 Lookout for Work iOS 应用。Re-sign the Lookout for Work iOS app. Lookout 会在 iOS 应用商店之外分发其 Lookout for Work iOS 应用。Lookout distributes its Lookout for Work iOS app outside of the iOS App Store. 分发应用之前,必须使用 iOS 企业开发人员证书对应用重新签名。Before distributing the app, you must re-sign the app with your iOS Enterprise Developer Certificate. 有关对 Lookout for Work iOS 应用重新签名的详细说明,请参阅 Lookout 站点上的 Lookout for Work iOS 应用重新签名过程For detailed instructions to re-sign the Lookout for Work iOS apps, see Lookout for Work iOS app re-signing process on the Lookout site.

  3. 通过执行以下操作为 iOS 用户启用 Azure Active Directory 身份验证:Enable Azure Active Directory authentication for the iOS users by doing the following:

    1. 登录到 Azure Active Directory 管理门户,并导航到应用程序页。Login to the Azure Active Directory management portal, and navigate to the application page.
    2. 添加 Lookout for Work iOS 应用作为本机客户端应用程序Add the Lookout for Work iOS app as a native client application. 显示本机客户端应用选项的添加应用对话框屏幕截图screenshot of the add apps dialog showing the native client app option
    3. com.lookout.enterprise.yourcompanyname 替换为对 IPA 签名时选择的客户捆绑 ID。Replace the com.lookout.enterprise.yourcompanyname with the customer bundle ID you selected when you signed the IPA.
    4. 添加其他重定向 URI:<companyportal://code/>,后跟原始重定向 URI 的 URL 编码形式版本。Add additional redirect URI: <companyportal://code/> followed by a URLencoded version of your original redirect URI.
    5. 委托的权限添加到应用。Add Delegated Permissions to your app.

    有关详细信息,请参阅配置本机客户端应用程序For more details, see Configure a native client application.

  4. 按照在 Microsoft Intune 中为移动设备添加应用主题中所述,上传重新签名的 .ipa 文件。Upload the re-signed .ipa file as described in the Add app for mobile devices in Microsoft Intune topic. 将最低操作系统版本为 iOS 8.0 或更高版本。Set the minimum OS version to iOS 8.0 or later.

    Intune 管理员控制台中在应用列表中显示了 Lookout for work 应用的应用页的屏幕截图

  5. 按照使用 Microsoft Intune 中的移动应用配置策略配置 iOS 应用主题中所述,创建托管应用配置策略。Create the managed app configuration policy as described in the Configure iOS apps with mobile app configuration policies in Microsoft Intune topic.

    突出显示了 iOS 8.0 或更高版本应用配置策略的创建新策略向导的屏幕截图

  6. 若要将应用部署到用户,请选择 Lookout for Work 应用,然后选择“管理部署”。To deploy the app to users, select the Lookout for Work app, and choose Manage Deployment.

    选择的用户必须与添加到 Lookout 控制台“注册管理”选项中的用户一致。You must select the same users that were added to the Enrollment Management option in the Lookout console. 请参阅配置 Lookout 订阅部分中的步骤 3,了解有关将用户组添加到 Lookout MTP 的信息。See Step 3 in the configure your Lookout subscription section for information about adding user groups to Lookout MTP.

    重要

    Intune 应用部署向导并未识别到 Azure AD 用户组且使用的是 Intune 用户组,因此必须基于在 Lookout 控制台中注册的 Azure AD 用户组创建 Intune 用户组(如主题所述)。The Intune app deployment wizard is not aware of the Azure AD user groups and uses the Intune user groups instead, so you must create an Intune user group based on the Azure AD user group that is enrolled in the Lookout console as described in this topic.

    选择“必需安装”选项,该选项要求在用户设备上安装 Lookout 应用。Choose the Required Install option to require that the Lookout app be installed on the user’s device.

在设备上打开部署的应用时发生的情况What happens when the deployed app is opened on the device

https://github.com/Microsoft/Docs/blob/master/ContributorGuide/index.md 用户在设备上打开 Lookout for Work 时,将提示其激活应用并选择“使用 Azure Active Directory 登录”选项。https://github.com/Microsoft/Docs/blob/master/ContributorGuide/index.md When the user opens the Lookout for Work on the device they are prompted to activate the app, and choose the Sign in with Azure Active Directory option. 以下主题中提供了最终用户操作流程的详细指导:A detailed walkthrough with the end-user flow can be found in the following topics:

后续步骤Next steps