如何驗證您的應用程式保護原則設定How to validate your app protection policy setup

驗證應用程式保護原則已正確設定和運作。Validate that your app protection policy is correctly set up and working. 本指南適用於 Azure 入口網站的應用程式保護原則。This guidance applies to app protection policies in the Azure portal.

檢查是否有徵兆Checking for symptoms

因為 MAM 是資料保護工具,所以無法讓使用者回報問題。Users are unlikely to report issues since app protection is a data protection tool. 如果應用程式保護設定發生問題,則因為缺少應用程式保護,所以使用者存取將不會受到限制,而且不會知道發生問題。If there is a problem with the app protection configuration the user has unrestricted access, as they would have without app protection, and do not know that there is an issue. 因此,建議您先對一小群可以協助仔細測試這些應用程式保護限制的使用者來試驗您的應用程式保護原則,從而驗證您的應用程式保護設定。For this reason, we recommend that you validate your app protection configuration by piloting your app protection policies with a small group of users who can deliberately test the app protection restrictions.

要檢查的項目What to check

如果測試顯示您的應用程式保護原則行為不如預期,則建議您檢查下列項目︰If testing shows that your app protection policy behavior is not as anticipated, we recommend that you check these items:

  • 這些使用者具備應用程式保護的授權嗎?Are the users licensed for app protection?
  • 使用者具備 O365 授權嗎?Are the users licensed for O365?
  • 每個使用者之應用程式保護應用程式的狀態。The status of each of the users' app protection apps. 可能的應用程式狀態為 [已簽入] 和 [未簽入]。The possible statuses for the apps are Checked in and Not checked in.

使用者應用程式保護的狀態User app protection status

  1. 登入 Azure 入口網站Sign into the Azure portal.

  2. 選擇 [All services] (所有服務) > [Intune]。Choose All services > Intune. Intune 位於 [監視 + 管理] 區段。Intune is located in the Monitoring + Management section.

  3. 選擇 [管理應用程式] > [監視器] > [應用程式保護狀態] > [指派的使用者]。Choose Manage apps > Monitor > App protection status > Assigned users.

  4. 從清單中選擇使用者,或是搜尋並選取使用者,然後選擇 [選取使用者]。Choose a user from the list, or search for and select a user, then choose Select user. 應用程式報告資料行頂端,您可以看到使用者是否具備應用程式保護的授權。At the top of the App reporting column, you can see whether the user is licensed for app protection. 您也可以看到使用者是否具有 O365 授權,以及使用者所有裝置的應用程式狀態。You can also see whether the user is licensed for O365 and the app status for all of the user's devices.

解決方式What to do

以下是要根據使用者狀態所採取的動作︰Here are the actions to take based on the user status:

  • 若使用者未獲應用程式保護授權,請指派 Intune 授權給使用者。If the user is not licensed for app protection, assign an Intune license to the user.
  • 如果使用者不具有 O365 授權,替使用者取得授權。If the user is not licensed for O365 obtain a license for the user.
  • 如果使用者的應用程式列為 [未簽入],請確定您為該應用程式設定的應用程式保護原則正確。If a user's app is listed as Not checked in, check if you've correctly configured an app protection policy for that app.
  • 請確認這些條件會套用到所有需要套用應用程式保原則的使用者。Ensure that these conditions are applied across all users to which you want app protection policies to apply.

另請參閱See also

什麼是 Intune 應用程式保護原則?What is Intune app protection policy?