為受管理的 Android 裝置新增應用程式設定原則Add app configuration policies for managed Android devices

適用對象:Azure 入口網站的 IntuneApplies to: Intune in the Azure portal
您需要傳統入口網站的 Intune 相關文件嗎?Looking for documentation about Intune in the classic portal? 請移至這裡Go here.

在 Microsoft Intune 中使用應用程式設定原則,以提供使用者執行 Android for Work 應用程式時的設定。Use app configuration policies in Microsoft Intune to supply settings when users run an Android for Work app. 您不會直接將這些原則部署給使用者與裝置。You do not assign these policies directly to users and devices. 而是將原則與應用程式關聯,然後再指派應用程式。Instead, you associate a policy with an app, and then assign the app. 每當應用程式檢查是否有原則設定時 (通常是第一次執行時),便會使用這些原則設定。The policy settings are used when the app checks for them, typically the first time it is run.

注意

並非每個應用程式都支援應用程式設定。Not every app supports app configuration. 請連絡應用程式開發人員,以了解他們建置的應用程式是否支援應用程式設定原則。Check with the app developer to see whether they have built their app to support app configuration policies.

  1. 登入 Azure 入口網站。Sign in to the Azure portal.
  2. 選擇 [更多服務] > [監視 + 管理] + [Intune]。Choose More Services > Monitoring + Management + Intune.
  3. 選擇 [Mobile Apps] 工作負載。Choose the Mobile apps workload.
  4. 選擇 [管理] 群組中的 [應用程式設定原則],然後選擇 [新增]。Choose App configuration policies in the Manage group, and then choose Add.
  5. 使用下列詳細資料:Set the following details:
    • 名稱Name
      將在 Azure 入口網站中顯示的設定檔名稱。The name of the profile that will appear in the Azure portal.
    • 說明Description
      將在 Azure 入口網站中顯示的設定檔描述。The description of the profile that will appear in the Azure portal.
    • 裝置註冊類型Device enrollment type
      選擇 [受管理裝置]。Choose Managed devices.
  6. 為 [平台] 選取 [Android]。Select Android for Platform.
  7. 選取 [相關聯的應用程式] 來選擇您要定義應用程式設定原則的應用程式。Select Associated App to choose the app for which you want to define an app configuration policy. 從 Android for Work 應用程式清單中選取您已經使用 Intune 核准並同步處理的應用程式。Select from the list of Android for Work apps that you have approved and synchronized with Intune.
  8. 選取 [組態設定]。Select Configuration settings. 您可以透過下列方式設定組態:You can set configurations by using:
  9. 選擇 [確定],然後選擇 [新增]。Choose OK, and then choose Add.

使用設定設計工具Use the configuration designer

您可以在 Intune 中已註冊或未註冊的裝置上,針對應用程式使用設定設計工具。You can use the configuration designer for apps on devices that are enrolled or not enrolled in Intune. 設計工具可讓您設定特定的設定金鑰和值。The designer lets you configure specific configuration keys and values. 您也必須指定每個值的資料類型。You must also specify the data type for each value.

對於設定中的每個金鑰和值,請設定:For each key and value in the configuration, set:

  • 設定金鑰Configuration key
    唯一識別特定設定組態的金鑰。The key that uniquely identifies the specific setting configuration.
  • 實值型別Value type
    設定值的資料類型。The data type of the configuration value. 類型包括整數、實數、字串或布林值。Types include Integer, Real, String, or Boolean.
  • 設定值Configuration value
    設定的值。The value for the configuration.

進入 JSON 編輯器Enter the JSON editor

某些應用程式 (例如套件組合類型) 上的組態設定無法使用設定設計工具來設定。Some configuration settings on apps (such as those with Bundle types) cannot be configured with the configuration designer. 您需要使用 JSON 編輯器來編輯那些值。You need to use the JSON editor for those values. 安裝應用程式時,會自動將設定值提供給應用程式。Settings are supplied to apps automatically when the app is installed.

  1. 對於 [組態設定格式],請選取 [進入 JSON 編輯器]。For Configuration settings format, select Enter JSON editor.
  2. 您可以在編輯器中定義組態設定的 JSON 值。In the editor, you can define JSON values for configuration settings. 您可以選擇 [下載 JSON 範本] 來下載之後可以設定的範例檔案。You can choose Download JSON template to download a sample file that you can then configure.
  3. 選擇 [確定],然後選擇 [新增]。Choose OK, and then choose Add.

已建立此原則,並顯示在 [原則清單] 刀鋒視窗上。The policy is created and appears on the policies list blade.

當指派的應用程式在裝置上執行時,會依照您在應用程式設定原則中的設定執行。When the assigned app is run on a device, it runs with the settings that you configured in the app configuration policy.

預先設定應用程式的權限授與狀態Preconfigure the permissions grant state for apps

您也可以預先設定應用程式的權限,以存取 Android 裝置功能。You can also preconfigure permission for apps to access Android device features. 根據預設,需要裝置權限 (例如存取位置或裝置相機) 的 Android 應用程式會提示使用者接受或拒絕授與權限。By default, Android apps that require device permissions—such as access to location or the device camera—prompt users to accept or deny permissions. 例如,若應用程式會使用裝置的麥克風,則系統會提示使用者授與應用程式使用麥克風的權限。For example, if an app uses the device's microphone, the user is prompted to grant the app permission to use the microphone.

  1. 登入 Azure 入口網站。Sign in to the Azure portal.
  2. 選擇 [更多服務] > [監視 + 管理] + [Intune]。Choose More Services > Monitoring + Management + Intune.
  3. 選擇 [Mobile Apps]。Choose Mobile apps. 在 [管理] 下方,選擇 [應用程式設定原則],然後選擇 [新增]。Under Manage, choose App configuration policies, and then choose Add.
  4. 使用下列詳細資料:Set the following details:
    • 名稱Name. 將在 Azure 入口網站中顯示的設定檔名稱。The name of the profile that will appear in the Azure portal.
    • 描述Description. 將在 Azure 入口網站中顯示的設定檔描述。The description of the profile that will appear in the Azure portal.
    • 平台Platform. 選取 [Android]。Select Android.
    • 裝置註冊類型Device enrollment type. 已經預先為您選取 [受管理的裝置]。Managed devices is pre-selected for you.
  5. 選取 [相關聯的應用程式] 來選擇您要定義設定原則的應用程式。Select Associated App to choose the app for which you want to define a configuration policy. 從 Android for Work 應用程式清單中選取您已經使用 Intune 核准並同步處理的應用程式。Select from the list of Android for Work apps that you have approved and synchronized with Intune.
  6. 選取 [權限],然後選擇 [新增]。Select Permissions and then choose Add.
  7. 從可用應用程式權限的清單選取權限,然後選擇 [確定]。Select from the list of available app permissions and then choose OK.
  8. 為每個權限選取要使用此原則授與的選項:Select an option for each permission to grant with this policy:
    • 提示Prompt. 提示使用者接受或拒絕。Prompt the user to accept or deny.
    • 自動授與Auto grant. 自動核准且不通知使用者。Automatically approve without notifying the user.
    • 自動拒絕Auto deny. 自動拒絕且不通知使用者。Automatically deny without notifying the user.
  9. 若要指派應用程式設定原則,請選取應用程式設定原則,選取 [指派],然後選取 [選取群組]。To assign the app configuration policy, select the app configuration policy, select Assignment, and then select Select groups.
  10. 選取要指派的使用者群組,然後選擇 [選取]。Select the user groups to assign, and then choose Select.
  11. 選擇 [儲存] 來指派原則。Choose Save to assign the policy.

後續步驟Next steps

繼續指派監視應用程式。Continue to assign and monitor the app.