使用自定义策略允许和阻止适用于 Samsung KNOX 标准版设备的应用Use custom policies to allow and block apps for Samsung KNOX Standard devices

适用于:经典门户中的 IntuneApplies to: Intune in the classic portal
在寻找有关 Azure 门户中 Intune 的文档吗?Looking for documentation about Intune in the Azure portal? 请转到此处Go here.

使用此主题中的过程创建 Microsoft Intune 自定义策略,该策略创建以下内容之一:Use the procedures in this topic to create a Microsoft Intune custom policy that creates one of the following:

  • 阻止在设备上运行的应用的列表。A list of apps that are blocked from running on the device. 阻止运行此列表中的应用,即使应用此策略时已安装这些应用也是如此。Apps in this list are blocked from being run, even if they were already installed when the policy was applied.
  • 允许设备用户从 Google Play 商店中安装的应用的列表。A list of apps that users of the device are allowed to install from the Google Play store. 仅可安装你列出的应用。Only the apps you list can be installed. 其他应用不能从应用商店安装。No other apps can be installed from the store.

仅运行 Samsung KNOX 标准版的设备可以使用这些设置。These settings can only be used by devices that run Samsung KNOX Standard.

若要创建允许或阻止的应用列表To create an allowed or blocked app list

  1. Microsoft Intune 管理控制台中,选择“策略”>“配置策略”>“添加”。In the Microsoft Intune administration console, choose Policy > Configuration Policies > Add.
  2. 在“创建新策略”对话框中,展开“Android”,选择“自定义配置”,然后选择“创建策略”。In the Create a New Policy dialog box, expand Android, choose Custom Configuration, and then choose Create Policy.
  3. 提供策略的名称和可选描述,然后在“OMA-URI 设置”部分,选择“添加”。Provide a name and optional description for the policy and then, in the OMA-URI Settings section, choose Add.
  4. 在“添加或编辑 OMA-URI 设置”对话框中,指定以下内容:有关阻止在设备上运行的应用列表:In the Add or Edit OMA-URI Setting dialog box, specify the following: For a list of apps that are blocked from running on the device:

    • 设置名称。Setting name. 输入 PreventStartPackagesEnter PreventStartPackages.
    • 设置描述。Setting description. 输入可选描述,如“阻止运行的应用列表”。Enter an optional description like 'List of apps that are blocked from running.'
    • 数据类型。Data type. 在下拉列表中,选择“字符串”。From the drop-down list, choose String.
    • OMA-URI。OMA-URI. 输入 ./Vendor/MSFT/PolicyManager/My/ApplicationManagement/PreventStartPackagesEnter ./Vendor/MSFT/PolicyManager/My/ApplicationManagement/PreventStartPackages
    • 值。Value. 输入你要阻止的应用包名称的列表。Enter a list of the app package names you want to block. 你可使用 ; : ,| 作为分隔符。You can use ; : , or | as a delimiter. (示例:package1;package2;)(Example: package1;package2;)

      有关允许用户从 Google Play 商店中安装的应用(同时排除所有其他应用)的列表:For a list of apps that users are allowed to install from the Google Play store while excluding all other apps:

    • 设置名称。Setting name. 输入 AllowInstallPackagesEnter AllowInstallPackages.

    • 设置描述。Setting description. 输入可选描述,如“用户可从 Google Play 安装的应用的列表”。Enter an optional description like 'List of apps that users can install from Google Play.'
    • 数据类型。Data type. 在下拉列表中,选择“字符串”。From the drop-down list, choose String.
    • OMA-URI。OMA-URI. 输入 ./Vendor/MSFT/PolicyManager/My/ApplicationManagement/AllowInstallPackagesEnter ./Vendor/MSFT/PolicyManager/My/ApplicationManagement/AllowInstallPackages
    • 值。Value. 输入你要允许的应用包名称的列表。Enter a list of the app package names you want to allow. 你可使用 ; : ,| 作为分隔符。You can use ; : , or | as a delimiter. (示例:package1;package2;)(Example: package1;package2;)
  5. 单击“确定”,然后单击“保存策略”。Click OK, and then click Save Policy.

提示

可通过浏览 Google Play 商店上的应用找到应用的包 ID。You can find the package ID of an app by browsing to the app on the Google Play store. 包 ID 包含在应用页面的 URL 中。The package ID is contained in the URL of the app's page. 例如,Microsoft Word 应用的包 ID 是 com.microsoft.office.wordFor example, the package ID of the Microsoft Word app is com.microsoft.office.word.

每个目标设备下次签入时,将应用此应用设置。The next time each targeted device checks in, the app settings will be applied.

部署策略Deploy the policy

  1. 在“策略” 工作区中,选择想要部署的策略,然后单击“管理部署” 。In the Policy workspace, select the policy you want to deploy, then click Manage Deployment.

  2. 在“管理部署”对话框中,选择要向其部署策略的一个或多个组,然后单击“添加” >“确定”。In the Manage Deployment dialog box, select one or more groups to which you want to deploy the policy, then click Add > OK.

如果你选择的是已部署的策略,则可以在策略列表的下半部分查看有关部署的详细信息。When you select a deployed policy, you can view further information about the deployment in the lower part of the policies list.

另请参阅See also

Microsoft Intune 中 Android 和 Samsung KNOX 策略设置Android and Samsung KNOX policy settings in Microsoft Intune