Microsoft Intune App SDK Xamarin 繫結Microsoft Intune App SDK Xamarin Bindings

注意

您可能想要先閱讀 Intune App SDK 快速入門文章,其中說明如何在每個支援的平台上進行整合準備。You may wish to first read the Get Started with Intune App SDK article, which explains how to prepare for integration on each supported platform.

概觀Overview

Intune App SDK Xamarin 繫結可讓您在以 Xamarin 建置的 iOS 和 Android 應用程式中啟用 Intune 應用程式保護原則The Intune App SDK Xamarin Bindings enable Intune app protection policy in iOS and Android apps built with Xamarin. 繫結可讓開發人員輕鬆將 Intune 應用程式內的保護功能建置到以 Xamarin 為基礎的應用程式中。The bindings allow developers to easily build in Intune app protection features into their Xamarin-based app.

「Microsoft Intune App SDK Xamarin 繫結」可讓您將 Intune 應用程式保護原則 (也稱為 APP 或 MAM 原則) 合併至以 Xamarin 開發的應用程式中。The Microsoft Intune App SDK Xamarin Bindings let you incorporate Intune app protection policies (also known as APP or MAM policies) into your apps developed with Xamarin. 啟用 MAM 的應用程式是與 Intune App SDK 整合的應用程式,A MAM-enabled application is one that is integrated with the Intune App SDK. IT 系統管理員可在 Intune 主動管理應用程式時,將應用程式保護原則部署至行動應用程式。IT administrators can deploy app protection policies to your mobile app when Intune actively manages the app.

支援的項目What's supported?

開發人員電腦Developer machines

  • WindowsWindows
  • macOSmacOS

行動應用程式平台Mobile app platforms

  • AndroidAndroid
  • iOSiOS

Intune 行動應用程式管理案例Intune Mobile Application Management scenarios

  • Intune APP-WE (無裝置註冊)Intune APP-WE (without device enrollment)
  • Intune MDM 已註冊的裝置Intune MDM-enrolled devices
  • 協力廠商 EMM 已註冊的裝置Third-party EMM-enrolled devices

使用「Intune App SDK Xamarin 繫結」建置的 Xamarin 應用程式現在於 Intune 行動裝置管理 (MDM) 已註冊裝置和未註冊裝置上,都可接收 Intune 應用程式保護原則。Xamarin apps built with the Intune App SDK Xamarin Bindings can now receive Intune app protection policies on both Intune mobile device management (MDM) enrolled devices and unenrolled devices.

必要條件Prerequisites

檢閱授權條款Review the license terms. 列印並保留一份授權條款供您備查。Print and retain a copy of the license terms for your records. 下載並使用「Intune App SDK Xamarin 繫結」即表示您同意這些授權條款。By downloading and using the Intune App SDK Xamarin Bindings, you agree to such license terms. 若貴用戶不同意這些授權條款,請不要使用「軟體」。If you do not accept them, do not use the software.

在 iOS 行動應用程式中啟用 Intune 應用程式保護原則Enabling Intune app protection polices in your iOS mobile app

  1. Microsoft.Intune.MAM.Xamarin.iOS NuGet 套件新增至 Xamarin.iOS 專案。Add the Microsoft.Intune.MAM.Xamarin.iOS NuGet package to your Xamarin.iOS project.

  2. 請遵循將 Intune App SDK 整合至 iOS 行動應用程式所需的一般步驟。Follow the general steps required for integrating the Intune App SDK into an iOS mobile app. 您可以從 Intune App SDK for iOS 開發人員指南之整合指示的步驟 3 開始。You can begin with step 3 of the integration instructions from the Intune App SDK for iOS Developer Guide. 您可以略過執行 IntuneMAMConfigurator 一節中的最後一個步驟,因為此工具隨附於 Microsoft.Intune.MAM.Xamarin.iOS 套件,並會在建置時間自動執行。You can skip the final step in that section of running the IntuneMAMConfigurator, as this tool is included in the Microsoft.Intune.MAM.Xamarin.iOS package and will be run automatically at build time. 重要:在 Visual Studio 中針對應用程式啟用金鑰鏈共用的方式與 Xcode 有些許不同。Important: Enabling keychain sharing for an app is slightly different in Visual Studio from Xcode. 開啟應用程式的 Entitlements plist,並確保 [啟用金鑰鏈] 選項已啟用,且已將適當的金鑰鏈共用群組新增至該區段。Open the app's Entitlements plist and make sure the "Enable Keychain" option is enabled and the appropriate keychain sharing groups are added in that section. 接著,確保 Entitlements plist 已針對所有適當的設定/平台組合,指定於專案 [iOS 套件組合簽署] 選項的 [自訂權利] 欄位中。Then, ensure the Entitlements plist is specified in the "Custom Entitlements" field of the project's "iOS Bundle Signing" options for all the appropriate Configuration/Platform combinations.

  3. 在新增繫結並正確設定應用程式之後,您的應用程式便可以開始使用 Intune SDK 的 API。Once the bindings are added and the app is properly configured, your app can begin using the Intune SDK's APIs. 若要這麼做,您必須包含下列命名空間:To do so, you must include the following namespace:

    using Microsoft.Intune.MAM;
    
  4. 若要開始接收應用程式保護原則,您的應用程式必須註冊至 Intune MAM 服務。To begin receiving app protection policies, your app must enroll in the Intune MAM service. 如果您的應用程式已使用 Azure Active Directory Authentication Library (ADAL) 來驗證使用者,應用程式應該在成功驗證之後,將使用者的 UPN 提供給 IntuneMAMEnrollmentManager 的 registerAndEnrollAccount 方法:If your app already uses the Azure Active Directory Authentication Library (ADAL) to authenticate users, your app should provide the user's UPN to the IntuneMAMEnrollmentManager's registerAndEnrollAccount method after it has successfully authenticated:

    IntuneMAMEnrollmentManager.Instance.RegisterAndEnrollAccount(string identity);
    

    重要:請務必以您應用程式的 ADAL 設定覆寫 Intune App SDK 的預設 ADAL 設定。Important: Be sure to override the Intune App SDK's default ADAL settings with those of your app. 若要這麼做,您可以依 Intune App SDK for iOS 開發人員指南中所述的方式透過應用程式 Info.plist 中的 IntuneMAMSettings 目錄,或是使用 IntuneMAMPolicyManager 執行個體的 AAD 覆寫屬性來完成。You can do so via the IntuneMAMSettings dictionary in the app's Info.plist, as mentioned in the Intune App SDK for iOS Developer Guide, or you can use the AAD override properties of the IntuneMAMPolicyManager instance. Info.plist 方法是針對 ADAL 設定為靜態之應用程式的建議選項,而覆寫屬性則是針對會於執行階段決定那些值之應用程式的建議選項。The Info.plist approach is recommended for applications whose ADAL settings are static while the override properties are recommended for applications that determine those values at runtime.

    如果您的應用程式不使用 ADAL,且想要由 Intune SDK 負責處理驗證,您的應用程式便應呼叫 IntuneMAMEnrollmentManager 的 loginAndEnrollAccount 方法:If your app does not use ADAL, and you'd like the Intune SDK to handle authentication, your app should call the IntuneMAMEnrollmentManager's loginAndEnrollAccount method:

     IntuneMAMEnrollmentManager.Instance.LoginAndEnrollAccount([NullAllowed] string identity);
    

在 Android 行動應用程式中啟用 Intune 應用程式保護原則Enabling Intune app protection policies in your Android mobile app

Xamarin.Android 整合Xamarin.Android integration

  1. 將最新版的 Microsoft.Intune.MAM.Xamarin.Android NuGet 套件新增至 Xamarin.Android 專案。Add the latest version of the Microsoft.Intune.MAM.Xamarin.Android NuGet package to your Xamarin.Android project. 這會提供您 Intune 的必要參考來啟用應用程式。This will provide you with the necessary references to Intune enable your application.

  2. 徹底閱讀並遵循 Intune App SDK for Android 開發人員指南,並特別注意:Read and follow the Intune App SDK for Android Developers Guide fully, paying special attention to:

    1. 完整類別和方法取代一節。The entire class and method replacements section.
    2. MAMApplication The MAMApplication section. 確定您的子類別已正確地使用 [Application] 屬性加以裝飾,並覆寫 (IntPtr, JniHandleOwnership) 建構函式。Be sure that your subclass is properly decorated with the [Application] attribute and overrides the (IntPtr, JniHandleOwnership) constructor.
    3. ADAL 整合一節 (如果您的應用程式向 AAD 執行驗證)。The ADAL integration section if your app performs authentication against AAD.
    4. MAM-WE 註冊一節 (如果您想從應用程式中的 MAM 服務取得原則)。The MAM-WE enrollment section if you plan on obtaining policy from the MAM service in your application.

注意

嘗試從 Intune App SDK for Android 開發人員指南尋找 Microsoft.Intune.MAM.Xamarin.Android 繫結中的對等 API,或從該指南轉換程式碼片段時,請注意 Xamarin 的繫結產生器會以下列顯著的方式修改 Android API:When attempting to find equivalent APIs from the Intune App SDK for Android Developers Guide in the Microsoft.Intune.MAM.Xamarin.Android Bindings or when converting code snippets from the guide, be aware that Xamarin's bindings generator modifies the Android APIs in the following notable ways:

  • 所有識別碼都會轉換成 Pascal 命名法的大小寫 (com.foo.bar -> Com.Foo.Bar)All identifiers are converted to Pascal case (com.foo.bar -> Com.Foo.Bar)
  • 所有 get/set 作業都會轉換成屬性作業 (例如 Foo.getBar() -> Foo.Bar、Foo.setBar("zap") -> Foo.Bar = "zap")All get/set operations are converted to property operations (e.g. Foo.getBar() -> Foo.Bar, Foo.setBar("zap") -> Foo.Bar = "zap")
  • 所有介面的名稱前面都會加上 'I' 字元 (FooInterface -> IFooInterface)All interfaces have the character 'I' prepended on the name (FooInterface -> IFooInterface)

Xamarin.Forms 整合Xamarin.Forms integration

除了執行所有上述步驟之外,我們還針對 Xamarin.Forms 應用程式提供 Microsoft.Intune.MAM.Remapper 套件。In addition to performing all of the steps above, for Xamarin.Forms applications we have provided the Microsoft.Intune.MAM.Remapper package. 此套件會將 MAM 類別插入常用 Xamarin.Forms 類別 (例如 FormsAppCompatActivityFormsApplicationActivity) 的類別階層中,為您完成類別取代,讓您可以透過提供 MAM 對等功能 (例如 OnMAMCreateOnMAMResume) 的覆寫來繼續使用這些類別。This package accomplishes class replacement for you by injecting MAM classes into the class hierarchy of commonly used Xamarin.Forms classes like FormsAppCompatActivity and FormsApplicationActivity so you can continue to use those classes by providing overrides for the MAM equivalent functions like OnMAMCreate and OnMAMResume. 若要使用它,請執行下列操作:To use it, do the following:

  1. Microsoft.Intune.MAM.Remapper.Tasks NuGet 套件新增至您的專案。Add the Microsoft.Intune.MAM.Remapper.Tasks NuGet package to your project. 如果您尚未包含 Intune APP SDK Xamarin 繫結,則會自動新增繫結。This will automatically add the Intune APP SDK Xamarin bindings if you have not already included them.

  2. 在您於上述步驟 2.2 中建立之 MAMApplication 類別的 OnMAMCreate 函式中,新增對 Xamarin.Forms.Forms.Init(Context, Bundle) 的呼叫。Add a call to Xamarin.Forms.Forms.Init(Context, Bundle) in the OnMAMCreate function of the MAMApplication class you created in step 2.2 above. 因為使用 Intune 管理時,應用程式可以在位於背景時啟動,所以需要這樣做。This is needed because with Intune management your application can be started while in the background.

注意

由於此作業會重寫 Visual Studio 用於 IntelliSense 自動完成的相依性,因此您可能需要在第一次執行 Remapper 之後重新啟動 Visual Studio,IntelliSense 才能正確辨識變更。Because this operation re-writes a dependency that Visual Studio uses for Intellisense auto-completion, you may need to restart Visual Studio after the first time the remapper runs to get Intellisense to correctly recognize the changes.

支援Support

如果組織是現有的 Intune 客戶,請與您的 Microsoft 支援代表合作,在 Github 問題頁面上開啟支援票證並建立問題,我們將會儘快提供協助。If your organization is an existing Intune customer, please work with your Microsoft support representative to open a support ticket and create an issue on the Github issues page and we will help as soon as we can.