如何驗證您的應用程式保護原則設定How to validate your app protection policy setup

適用對象:Azure 入口網站的 IntuneApplies to: Intune in the Azure portal
您需要傳統入口網站的 Intune 相關文件嗎?Looking for documentation about Intune in the classic portal? 請移至這裡Go here.

本主題提供有關如何在設定應用程式保護原則之後檢查問題的資訊。This topic provides information on checking for issues after you set up an app protection policy. 本指南適用於 Azure 入口網站的應用程式保護原則。This guidance applies to app protection policies in the Azure portal.

檢查有無徵兆Checking for symptoms

因為 MAM 是資料保護工具,所以無法讓使用者回報問題。Users are unlikely to report issues since app protection is a data protection tool. 當 MAM 設定有問題時,因為缺少了應用程式保護,所以使用者存取將不會受到限制,而且也不會察覺到發生問題。If there is a problem with the app protection configuration the user will have unrestricted access, as they would have without app protection, and would not be aware that there is an issue. 因此建議您先對一小群可以協助仔細測試這些應用程式保護限制的使用者來試驗您的應用程式保護原則,從而驗證您的應用程式保護設定。For this reason we recommend that you validate your app protection configuration by piloting your app protection policies with a small group of users who can deliberately test the app protection restrictions.

要檢查的項目What to check

若測試顯示您的應用程式保護原則行為不如預期,建議您檢查下列項目︰If testing shows that your app protection policy behavior is not as anticipated, we recommend that you check the following:

  • 這些使用者具備應用程式保護的授權嗎?Are the users licensed for app protection?
  • 使用者具備 O365 授權嗎?Are the users licensed for O365?
  • 每個使用者之應用程式保護應用程式的狀態。The status of each of the users' app protection apps. 可能的應用程式狀態為 [已簽入] 和 [未簽入 (Not checked in)]。The possible statuses for the apps are Checked in and Not checked in.

使用者應用程式保護的狀態User app protection status

  1. 在 Azure 入口網站中選擇 [管理應用程式] > [監視] > [應用程式保護使用者狀態] > [使用者]。In the Azure portal choose Manage apps > Monitor > App protection user status > users.

  2. 從清單中選擇使用者,或是搜尋並選擇使用者,然後選擇 [選取使用者]。Choose a user from the list or search for and choose a user, then choose Select user. 在 [應用程式報告] 資料行頂端會顯示使用者是否具備應用程式保護的授權。At the top of the App reporting column you will see whether the user is licensed for app protection. 您會在下方看到使用者是否具有 O365 授權,以及使用者所有裝置的應用程式狀態。Below that you will see whether the user is licensed for O365 and the app status for all of the user's devices.

解決方式What to do

以下是要根據使用者狀態所採取的動作︰Here are the actions to take based on the user status:

  • 若使用者未獲應用程式保護授權,請指派 Intune 授權給使用者。If the user is not licensed for app protection, assign an Intune license to the user.
  • 如果使用者不具有 O365 授權,替使用者取得授權。If the user is not licensed for O365 obtain a license for the user.
  • 若使用者的應用程式列為 [未簽入],請確定您為該應用程式設定的應用程式保護原則正確。If a user's app is listed as Not checked in, check if you've correctly configured a app protection policy for that app.
  • 請確認這些條件會套用到所有需要套用應用程式保原則的使用者。Ensure that these conditions are applied across all users to which you want app protection policies to apply.

請參閱See also

什麼是 Intune 應用程式保護原則?What is Intune app protection policy?