以 Microsoft Intune 管理使用 Managed Browser 原則的網際網路存取Manage Internet access using Managed Browser policies with Microsoft Intune

適用對象:Azure 入口網站的 IntuneApplies to: Intune in the Azure portal
您需要傳統入口網站的 Intune 相關文件嗎?Looking for documentation about Intune in the classic portal? 請移至這裡Go here.

Managed Browser 是網頁瀏覽應用程式,您可從公共應用程式市集下載,提供您的組織使用。The Managed Browser is a web browsing app that you can download from public app stores for use in your organization. 使用 Intune 設定時,Managed Browser 可以:When configured with Intune, the Managed Browser can be:

  • 透過 MyApps 服務搭配單一登入用來存取公司網站和 SaaS 應用程式,同時還能保護網頁資料。Used to access corporate sites and SaaS apps with Single Sign-On via the MyApps service, while keeping web data protected.
  • 使用 URL 和網域清單進行預先設定,在公司內容中限制使用者能巡覽的網站。Pre-configured with a list of URLs and domains to restrict which sites the user can navigate to in the corporate context.
  • 使用首頁和您指定的書籤進行預先設定。Pre-configured with a homepage, and bookmarks you specify.

因為此應用程式已與 Intune SDK 相整合,所以您也可以將應用程式保護原則套用至此應用程式,包括:Because this app has integration with the Intune SDK, you can also apply app protection policies to it, including:

  • 控制剪下、複製和貼上的運用Controlling the use of cut, copy, and paste
  • 防止擷取螢幕畫面Preventing screen captures
  • 確保使用者選取的內容連結,只在其他受管理的應用程式中開啟。Ensuring that links to content that users select open only in other managed apps.

如需詳細資料,請參閱什麼是應用程式保護原則?For details, see What are app protection policies?

您可以套用這些設定至:You can apply these settings to:

  • 向 Intune 註冊的裝置Devices that are enrolled with Intune
  • 向其他 MDM 產品註冊Enrolled with another MDM product
  • 未受管理的裝置Unmanaged devices

如果使用者從應用程式市集安裝 Managed Browser,且 Intune 並沒有管理它,可以將它作為基本網頁瀏覽器使用,並透過 Microsoft MyApps 網站支援單一登入。If users install the Managed Browser from the app store and Intune does not manage it, it can be used as a basic web browser, with support for Single Sign-On through the Microsoft MyApps site. 系統會將使用者直接帶往 MyApps 網站,他們可以在該網站看到其所有已佈建的 SaaS 應用程式。Users are taken directly to the MyApps site, where they can see all of their provisioned SaaS applications. 由於 Managed Browser 未受 Intune 管理,所以無法存取來自其他受 Intune 管理的應用程式資料。While the Managed Browser is not managed by Intune, it cannot access data from other Intune-managed applications.

Managed Browser 不支援安全通訊端層版本 3 (SSLv3) 密碼編譯通訊協定。The Managed Browser does not support the Secure Sockets Layer version 3 (SSLv3) cryptographic protocol.

您可以針對下列裝置類型建立 Managed Browser 原則:You can create Managed Browser policies for the following device types:

  • 執行 Android 4 和更新版本的裝置Devices that run Android 4 and later

  • 執行 iOS 8.0 和更新版本的裝置Devices that run iOS 8.0 and later

重要

自 2017 年 10 月起,Android 應用程式上的 Intune Managed Browser 應用程式只會支援執行 Android 4.4 和更新版本的裝置。As of October 2017, the Intune Managed Browser app on Android app supports only devices running Android 4.4 and later. iOS 上的 Intune Managed Browser 應用程式只支援執行 iOS 9.0 及更新版本的裝置。The Intune Managed Browser app on iOS will support only devices running iOS 9.0 and later. 較舊版本的 Android 和 iOS 能夠繼續使用 Managed Browser,但是無法安裝新版的應用程式,而且可能無法存取所有的應用程式功能。Earlier versions of Android and iOS will be able to continue using the Managed Browser, but will be unable to install new versions of the app and might not be able to access all of the app capabilities. 建議您將這些裝置更新為受支援的作業系統版本。We encourage you to update these devices to a supported operating system version.

Intune Managed Browser 支援從 Microsoft Intune 應用程式合作夥伴開啟網路內容。The Intune Managed Browser supports opening web content from Microsoft Intune application partners.

建立 Managed Browser 應用程式設定Create a Managed Browser app configuration

  1. 登入 Azure 入口網站。Sign into the Azure portal.
  2. 選擇 [更多服務] > [監視 + 管理] > [Intune]。Choose More Services > Monitoring + Management > Intune.
  3. 在 [管理] 清單的 [Mobile Apps] 刀鋒視窗中,選擇 [應用程式設定原則]。On the Mobile apps blade of the Manage list, choose App configuration policies.
  4. 在 [應用程式設定原則] 刀鋒視窗上,選擇 [新增]。On the App Configuration policies blade, choose Add.
  5. 在 [新增應用程式設定] 刀鋒視窗上,輸入應用程式組態設定的 [名稱] 和選擇性 [描述]。On the Add app configuration blade, enter a Name, and optional Description for the app configuration settings.
  6. 針對 [裝置註冊] 類型請選擇 [受管理的應用程式]。For Device enrollment type, choose Managed apps.
  7. 選擇 Select the required apps,然後在 [目標 App] 刀鋒視窗上,選擇適用於 iOS、Adroid 或兩者的 [Managed Browser]。Choose Select the required apps and then, on the Targeted apps blade, choose the Managed Browser for iOS, for Android, or for both.
  8. 選擇 [確定] 返回 [新增應用程式設定] 刀鋒視窗。Choose OK to return to the Add app configuration blade.
  9. 選擇 [組態設定]。Choose Configuration Settings. 在 [設定] 刀鋒視窗上,您可以定義金鑰和值組來為 Managed Browser 提供設定。On the Configuration blade, you define key and value pairs to supply configurations for the Managed Browser. 請使用本文稍後的各個章節,來了解您可以定義的不同金鑰和值組。Use the sections later in this article to learn about the different key and value pairs you can define.
  10. 完成後,請選擇 [確定]。When you are done, choose OK.
  11. 在 [新增應用程式設定] 刀鋒視窗上,選擇 [建立]。On the Add app configuration blade, choose Create.
  12. 就會建立新設定,然後在 [應用程式設定] 刀鋒視窗上顯示。The new configuration is created, and displayed on the App configuration blade.

重要

Managed Browser 目前依賴自動註冊。Currently, the Managed Browser relies on auto-enrollment. 如要套用應用程式設定,裝置上的另一個應用程式必須已受 Intune 應用程式保護原則管理。For app configurations to apply, another application on the device must already be managed by Intune app protection policies.

指派您建立的組態設定Assign the configuration settings you created

您可以將設定指派給使用者的 Azure AD 群組。You assign the settings to Azure AD groups of users. 如果該使用者已經安裝 Managed Browser 應用程式,則此應用程式是由您指定的設定管理。If that user has the Managed Browser app installed, then the app is managed by the settings you specified.

  1. 在 Intune 行動應用程式管理儀表板的 [設定] 刀鋒視窗上,選擇 [應用程式設定]。On the Settings blade of the Intune mobile application management dashboard, choose App configuration.
  2. 從應用程式設定清單,選取您要指派的設定。From the list of app configurations, select the one you want to assign.
  3. 在下一個刀鋒視窗中選擇 [使用者群組]。On the next blade, choose User Groups.
  4. 在 [使用者群組] 刀鋒視窗中,選取您要指派應用程式設定的 Azure AD 群組,然後選擇 [確定]。On the User groups blade, select the Azure AD group to which you want to assign the app configuration, and then choose OK.

如何設定 Managed Browser 的應用程式 Proxy 設定How to configure Application Proxy settings for the Managed Browser

Intune Managed Browser 和 Azure AD 應用程式 Proxy 可以一起使用,以支援下列 iOS 和 Android 裝置的使用者案例:The Intune Managed Browser and Azure AD Application Proxy can be used together to support the following scenarios for users of iOS and Android devices:

  • 使用者下載並登入 Microsoft Outlook 應用程式。A user downloads and signs in to the Microsoft Outlook app. 自動套用 Intune 應用程式保護原則。Intune app protection policies are automatically applied. 它們會加密已儲存的資料,並阻擋使用者將公司檔案傳輸至裝置上未受管理的應用程式或位置。They encrypt saved data and block the user from transferring corporate files to unmanaged apps or locations on the device. 當使用者接著在 Outlook 中按一下內部網路網站的連結時,您可以指定用 Managed Browser 應用程式開啟該連結,不用其他瀏覽器。When the user then clicks a link to an intranet site in Outlook, you can specify that the link opens in the Managed Browser app, rather than another browser. Managed Browser 可辨識此內部網路網站是透過應用程式 Proxy 向使用者公開。The Managed Browser recognizes that this intranet site has been exposed to the user through the Application Proxy. 使用者是透過應用程式 Proxy 自動路由,在到達內部網路網站之前,向所有合適的 Multi-Factor Authentication 和條件式存取驗證。The user is automatically routed through the Application Proxy, to authenticate with any applicable multi-factor authentication, and conditional access before reaching the intranet site. 使用者以前從遠端找不到這個網站,現在不但可以存取,Outlook 中的連結也一如預期般運作。This site, which could previously not be found while the user was remote, is now accessible and the link in Outlook works as expected.
  • 遠端使用者開啟 Managed Browser 應用程式,並巡覽至使用內部 URL 的內部網路網站。A remote user opens the Managed Browser application and navigates to an intranet site using the internal URL. Managed Browser 可辨識此內部網路網站是透過應用程式 Proxy 向使用者公開。The Managed Browser recognizes that this intranet site has been exposed to the user via the Application Proxy. 使用者是透過應用程式 Proxy 自動路由,在到達內部網路網站之前,向所有合適的 Multi-Factor Authentication 和條件式存取驗證。The user is automatically routed through the Application Proxy, to authenticate with any applicable multi-factor authentication, and conditional access before reaching the intranet site. 使用者以前從遠端找不到這個網站,但現在可以存取。This site, which could previously not be found while the user was remote, is now accessible.

開始之前Before you start

  • 透過 Azure AD 應用程式 Proxy 設定內部應用程式。Set up your internal applications through the Azure AD Application Proxy.
  • 您至少必須使用 Managed Browser 應用程式 1.2.0 版本。You must be using minimum version 1.2.0 of the Managed Browser app.
  • Managed Browser 應用程式的使用者已將 Intune 應用程式保護原則指派給應用程式。Users of the Managed Browser app have an Intune app protection policy assigned to the app. 注意:更新的應用程式 Proxy 重新導向資料,最多可能需要花費 24 小時才會在 Managed Browser 中生效。Note: Updated Application Proxy redirection data can take up to 24 hours to take effect in the Managed Browser.

步驟 1:從 Outlook 啟用自動重新導向至 Managed BrowserStep 1: Enable automatic redirection to the Managed Browser from Outlook

Outlook 必須設定啟用以下設定的應用程式保護原則:限制 Web 內容只在 Managed Browser 中顯示Outlook must be configured with an app protection policy that enables the setting Restrict web content to display in the Managed Browser.

步驟 2:指派為 Managed Browser 指派的應用程式設定原則。Step 2: Assign an app configuration policy assigned for the Managed Browser.

此程序會設定 Managed Browser 應用程式使用應用程式 Proxy 重新導向。This procedure configures the Managed Browser app to use app proxy redirection. 使用程序來建立 Managed Browser 應用程式設定,提供以下金鑰和值組:Using the procedure to create a Managed Browser app configuration, supply the following key and value pair:

金鑰Key Value
com.microsoft.intune.mam.managedbrowser.AppProxyRedirectioncom.microsoft.intune.mam.managedbrowser.AppProxyRedirection truetrue

如何設定 Managed Browser 首頁How to configure the homepage for the Managed Browser

此設定可讓您設定使用者啟動 Managed Browser 或建立新索引標籤時看到的首頁。使用程序來建立 Managed Browser 應用程式設定,提供以下金鑰和值組:This setting allows you to configure the homepage that users see when they start the Managed Browser or create a new tab. Using the procedure to create a Managed Browser app configuration, supply the following key and value pair:

金鑰Key Value
com.microsoft.intune.mam.managedbrowser.homepagecom.microsoft.intune.mam.managedbrowser.homepage 指定有效的 URL。Specify a valid URL. 基於安全性考量,會封鎖不正確的 URL。Incorrect URLs are blocked as a security measure.
範例:https://www.bing.comExample: https://www.bing.com

如何設定 Managed Browser 書籤How to configure bookmarks for the Managed Browser

此設定可讓您設定一組書籤,供 Managed Browser 的使用者使用。This setting allows you to configure a set of bookmarks that is available to users of the Managed Browser.

  • 使用者無法刪除或修改這些書籤These bookmarks cannot be deleted or modified by users
  • 這些書籤會顯示在清單頂端。These bookmarks display at the top of the list. 使用者建立的所有書籤都會顯示在這些書籤下方。Any bookmarks that users create are displayed below these bookmarks.
  • 如果您已啟用 App Proxy 重新導向,即可使用 App Proxy Web 應用程式的內部或外部 URL 來新增這些 Web 應用程式。If you have enabled App Proxy redirection, you can add App Proxy web apps using either their internal or external URL.

使用程序來建立 Managed Browser 應用程式設定,提供以下金鑰和值組:Using the procedure to create a Managed Browser app configuration, supply the following key and value pair:

金鑰Key Value
com.microsoft.intune.mam.managedbrowser.bookmarkscom.microsoft.intune.mam.managedbrowser.bookmarks 此設定值是一份書籤。The value for this configuration is a list of bookmarks. 每個書籤的組成都是書籤標題加書籤 URL。Each bookmark consists of the bookmark title, and the bookmark URL. 請使用 | 字元分隔標題和 URL。Separate the title, and URL with the | character.

範例:Microsoft Bing|https://www.bing.comExample: Microsoft Bing|https://www.bing.com

若要設定多個書籤,請以雙引號字元 || 分隔每組配對。To configure multiple bookmarks, separate each pair with the double character, ||

範例:Bing|https://www.bing.com||Contoso|https://www.contoso.comExample: Bing|https://www.bing.com||Contoso|https://www.contoso.com

如何為 Managed Browser 指定允許和封鎖的 URLHow to specify allowed and blocked URLs for the Managed Browser

使用程序來建立 Managed Browser 應用程式設定,提供以下金鑰和值組:Using the procedure to create a Managed Browser app configuration, supply the following key and value pair:

金鑰Key Value
從下列選項進行選擇:Choose from:

- 指定允許的 URL (只允許這些 URL;無法存取其他網站):com.microsoft.intune.mam.managedbrowser.AllowListURLs- Specify allowed URLs (only these URLs are allowed; no other sites can be accessed): com.microsoft.intune.mam.managedbrowser.AllowListURLs

- 指定封鎖的 URL (可以存取所有其他網站):- Specify blocked URLs (all other sites can be accessed):

com.microsoft.intune.mam.managedbrowser.BlockListURLscom.microsoft.intune.mam.managedbrowser.BlockListURLs
金鑰的相對應值為 URL 清單。The corresponding value for the key is a list of URLs. 您可以以單一值的方式,輸入想要允許或封鎖的所有 URL,並使用縱線 | 字元分隔。You enter all the URLs you want to allow or block as a single value, separated by a pipe | character.

範例:Examples:

URL1|URL2|URL3URL1|URL2|URL3
http://.contoso.com/|https://.bing.com/|https://expenses.contoso.comhttp://.contoso.com/|https://.bing.com/|https://expenses.contoso.com

重要

請勿同時指定這兩個金鑰。Do not specify both keys. 如果兩個金鑰都以同一使用者為目標,會使用允許金鑰,因為它是最嚴格的選項。If both keys are targeted to the same user, the allow key is used, as it's the most restrictive option. 此外,請確定未封鎖重要的網頁,例如您的公司網站。Additionally, make sure not to block important pages like your company websites.

適用於允許和封鎖 URL 的 URL 格式URL format for allowed and blocked URLs

使用下列資訊,來了解您在允許和封鎖清單中指定 URL 時可使用的允許格式與萬用字元:Use the following information to learn about the allowed formats and wildcards that you can use when specifying URLs in the allowed and blocked lists:

  • 您可以根據下列許可模式清單中的規則,來使用萬用字元符號 (*):You can use the wildcard symbol (*) according to the rules in the following permitted patterns list:

  • 確定您在清單中輸入 UTL 時,已在所有 URL 中加上 httphttps 的前置詞。Ensure that you prefix all URLs with http or https when entering them into the list.

  • 您可以在位址中指定連接埠號碼。You can specify port numbers in the address. 如不指定連接埠號碼,會使用下列值:If you do not specify a port number, the values used are:

    • 針對 http 使用連接埠 80Port 80 for http

    • 針對 https 使用連接埠 443Port 443 for https

    不支援對連接埠號碼使用萬用字元。Using wildcards for the port number is not supported. 例如,不支援 http://www.contoso.com:*;http://www.contoso.com: /*;For example, http://www.contoso.com:*; and http://www.contoso.com: /*; are not supported.

  • 使用下表來了解您在指定 URL 時可使用的允許模式:Use the following table to learn about the permitted patterns that you can use when you specify URLs:

URLURL 詳細資料Details 相符項Matches 不符合Does not match
http://www.contoso.comhttp://www.contoso.com 比對單一頁面Matches a single page www.contoso.comwww.contoso.com host.contoso.comhost.contoso.com

www.contoso.com/imageswww.contoso.com/images

contoso.com/contoso.com/
http://contoso.comhttp://contoso.com 比對單一頁面Matches a single page contoso.com/contoso.com/ host.contoso.comhost.contoso.com

www.contoso.com/imageswww.contoso.com/images

www.contoso.comwww.contoso.com
http://www.contoso.com/*;http://www.contoso.com/*; 比對所有以 www.contoso.com 開頭的 URLMatches all URLs that begin with www.contoso.com www.contoso.comwww.contoso.com

www.contoso.com/imageswww.contoso.com/images

www.contoso.com/videos/tvshowswww.contoso.com/videos/tvshows
host.contoso.comhost.contoso.com

host.contoso.com/imageshost.contoso.com/images
http://*.contoso.com/*http://*.contoso.com/* 比對 contoso.com 下的所有子網域Matches all subdomains under contoso.com developer.contoso.com/resourcesdeveloper.contoso.com/resources

news.contoso.com/imagesnews.contoso.com/images

news.contoso.com/videosnews.contoso.com/videos
contoso.host.comcontoso.host.com
http://www.contoso.com/imageshttp://www.contoso.com/images 比對單一資料夾Matches a single folder www.contoso.com/imageswww.contoso.com/images www.contoso.com/images/dogswww.contoso.com/images/dogs
http://www.contoso.com:80http://www.contoso.com:80 使用連接埠號碼來比對單一頁面Matches a single page, by using a port number http://www.contoso.com:80http://www.contoso.com:80
https://www.contoso.comhttps://www.contoso.com 比對單一且安全的頁面Matches a single, secure page https://www.contoso.comhttps://www.contoso.com http://www.contoso.comhttp://www.contoso.com
http://www.contoso.com/images/*;http://www.contoso.com/images/*; 符合單一資料夾及所有子資料夾Matches a single folder and all subfolders www.contoso.com/images/dogswww.contoso.com/images/dogs

www.contoso.com/images/catswww.contoso.com/images/cats
www.contoso.com/videoswww.contoso.com/videos
  • 以下是一些您無法指定的輸入範例:The following are examples of some of the inputs that you cannot specify:

    • *.com*.com

    • *.contoso/**.contoso/*

    • www.contoso.com/*imageswww.contoso.com/*images

    • www.contoso.com/*images*pigswww.contoso.com/*images*pigs

    • www.contoso.com/page*www.contoso.com/page*

    • IP 位址IP addresses

    • https://*https://*

    • http://*http://*

    • http://www.contoso.com:*http://www.contoso.com:*

    • http://www.contoso.com: /*http://www.contoso.com: /*

如何在 iOS 上使用受管理的瀏覽器存取受管理應用程式的記錄檔How to access to managed app logs using the Managed Browser on iOS

在其 iOS 裝置上安裝了受管理瀏覽器的使用者,可以檢視所有 Microsoft 所發行應用程式的管理狀態。End users with the managed Browser installed on their iOS device can view the management status of all Microsoft published apps. 他們可以傳送記錄檔用於疑難排解其受管理的 iOS 應用程式。They can send logs for troubleshooting their managed iOS apps.

  1. 開啟 iOS [設定]。Open iOS Settings.
  2. 選取受管理的瀏覽器應用程式設定。Select the managed Browser application settings.
  3. 切換 [啟用 Intune 診斷] 在疑難排解模式中設定瀏覽器。Toggle Enable Intune Diagnostics to set the browser in troubleshooting mode.
  4. 開啟受管理的瀏覽器Open the managed Browser. 按一下 [檢視 Intune 應用程式狀態] 查看個別的應用程式原則設定。Click View Intune App Status to review individual application policy settings.
  5. 按 [開始使用] 和 [共用記錄] 或 [將記錄傳送給 Microsoft],將疑難排解記錄檔傳送給您的 IT 系統管理員或 Microsoft。Press Get Started and Share Logs or Send Logs to Microsoft to send the troubleshooting logs to your IT administrator or Microsoft.

您也可以從應用程式內,在疑難排解模式中開啟瀏覽器。You can also open the Browser in troubleshooting mode from within the app.

  1. 開啟受管理的瀏覽器。Open the Managed Browser.
  2. 網址方塊中的類型 about:intunehelpType about:intunehelp in the address box. 瀏覽器啟動疑難排解模式。The Browser launches troubleshooting mode.

如需儲存在應用程式記錄中的設定清單,請參閱在 Managed Browser 中檢閱應用程式保護記錄For a list of the settings stored in the app logs, see Review app protection logs in the Managed Browser.

Managed Browser 的安全性與隱私權Security and privacy for the Managed Browser

  • Managed Browser 不會使用使用者在其裝置上針對內建瀏覽器所做的設定。The Managed Browser does not use settings that users make for the built-in browser on their devices. Managed Browser 無法存取這些設定。The Managed Browser cannot access to these settings.

  • 如果您已在與 Managed Browser 建立關聯的應用程式防護原則中設定 [需要簡單的 PIN 以進行存取] 或 [需要公司認證以進行存取] 選項,而且使用者選取了驗證頁面上的說明連結,他們就可以瀏覽任何的網際網路網站,而不論其是否已加入原則的封鎖清單中。If you configure the option Require simple PIN for access or Require corporate credentials for access in an app protection policy associated with the Managed Browser, and a user selects the help link on the authentication page, they can browse any Internet sites regardless of whether they were added to a block list in the policy.

  • Managed Browser 只有在它們直接存取網站時,才能封鎖對網站的存取。The Managed Browser can block access to sites only when they are accessed directly. 使用中繼服務 (例如翻譯服務) 存取網站時,不封鎖存取。It does not block access when intermediate services (such as a translation service) are used to access the site.

  • 若要允許驗證並存取 Intune 文件,請從允許或封鎖清單設定中排除 *.microsoft.comTo allow authentication, and access to Intune documentation, *.microsoft.com is exempt from the allow or block list settings. 一律允許。It is always allowed.

關閉使用量資料Turn off usage data

Microsoft 會自動收集有關 Managed Browser 效能和使用的匿名資料,以改善 Microsoft 產品和服務。Microsoft automatically collects anonymous data about the performance and use of the Managed Browser to improve Microsoft products and services. 使用者可以在裝置上使用 [使用方式資料] 設定以關閉資料收集。Users can turn off data collection by using the Usage Data setting on their devices. 您無法控制這項資料的收集。You have no control over the collection of this data.

  • 在 iOS 裝置上,無法開啟使用者利用過期或未受信任的憑證瀏覽的網站。On iOS devices, websites that users visit that have an expired or untrusted certificate cannot be opened.
  • Managed Browser 不會使用使用者在其裝置上針對內建瀏覽器所做的設定。The Managed Browser does not use settings that users make for the built-in browser on their devices. Managed Browser 無法存取這些設定。The Managed Browser cannot access to these settings.

  • 如果您已在與 Managed Browser 建立關聯的應用程式防護原則中設定 [需要簡單的 PIN 以進行存取] 或 [需要公司認證以進行存取] 選項,而且使用者選取了驗證頁面上的說明連結,他們就可以瀏覽任何的網際網路網站,而不論其是否已加入原則的封鎖清單中。If you configure the option Require simple PIN for access or Require corporate credentials for access in an app protection policy associated with the Managed Browser, and a user selects the help link on the authentication page, they can browse any Internet sites regardless of whether they were added to a block list in the policy.

  • Managed Browser 只有在它們直接存取網站時,才能封鎖對網站的存取。The Managed Browser can block access to sites only when they are accessed directly. 使用中繼服務 (例如翻譯服務) 存取網站時,不封鎖存取。It does not block access when intermediate services (such as a translation service) are used to access the site.

  • 若要允許驗證並存取 Intune 文件,請從允許或封鎖清單設定中排除 *.microsoft.comTo allow authentication, and access to Intune documentation, *.microsoft.com is exempt from the allow or block list settings. 一律允許。It is always allowed.

關閉使用量資料Turn off usage data

Microsoft 會自動收集有關 Managed Browser 效能和使用的匿名資料,以改善 Microsoft 產品和服務。Microsoft automatically collects anonymous data about the performance and use of the Managed Browser to improve Microsoft products and services. 使用者可以在裝置上使用 [使用方式資料] 設定以關閉資料收集。Users can turn off data collection by using the Usage Data setting on their devices. 您無法控制這項資料的收集。You have no control over the collection of this data.