簽署企業營運應用程式以使用 Intune 將它們部署到 Windows 裝置Sign line-of-business apps so they can be deployed to Windows devices with Intune

適用於︰IntuneApplies to: Intune
本主題適用於 Azure 入口網站和傳統主控台中的 Intune。This topic applies to Intune in both the Azure portal and the classic console.

身為 Intune 系統管理員,您可以將企業營運 (LOB) 應用程式部署到 Windows 和 Windows 10 行動裝置版的裝置,包括公司入口網站應用程式。As an Intune administrator, you can deploy line-of-business (LOB) apps to Windows and Windows 10 Mobile devices, including the Company Portal app. 若要將 .appx 或.xap 應用程式部署到 Windows 10 和 Windows 10 行動裝置版的裝置,或將任何 LOB 應用程式部署到 Windows 8.1 或 Windows Phone 8.1 裝置,您必須取得 Symantec 企業行動程式碼簽署憑證To deploy .appx or .xap apps to Windows 10 and Windows 10 mobile devices, or to deploy any LOB app to Windows 8.1 or Windows Phone 8.1 devices, you must get a Symantec Enterprise Mobile Code Signing Certificate. 這些適用於個別 Windows 裝置的應用程式只信任 Symantec 憑證。Only the Symantec certificate is trusted for these apps for the respective Windows devices. 您可以針對 Windows 10 應用程式和「通用」應用程式,使用自己的憑證授權單位。You can use your own certificate authority for Windows 10 apps and "universal" apps. 您必須擁有此憑證,才能執行下列動作:This certificate is required in order to:

  • 簽署公司入口網站應用程式以部署到 Windows 電腦、Windows 10 行動裝置版的裝置和 Windows Phone 裝置Sign the Company Portal app for deployment to Windows PCs, Windows 10 Mobile devices, and Windows Phone devices

  • 簽署公司企業營運系統應用程式,讓 Intune 可將其部署到 Windows PhoneSign company line-of-business apps so Intune can deploy them to Windows devices

下列步驟可協助您取得所需的憑證及簽署應用程式。The steps below will help you get the required certificate and sign the apps. 您將必須註冊為 Microsoft 開發人員,然後購買 Symantec 憑證。You will need to register as a Microsoft developer, and then purchase a Symantec certificate.

  1. 註冊為 Microsoft 開發人員Register as a Microsoft developer
    使用您登入以購買公司帳戶時所使用的公司帳戶資訊 註冊為 Microsoft 開發人員 Register as a Microsoft developer using the corporate account information you used when logging in to purchase your company account. 這項要求需要在您收到程式碼簽署憑證之前,由公司主管人員授權。This request will need to be authorized by a company officer before you receive a code-signing certificate.

  2. 取得公司 Symantec 憑證Get a company Symantec certificate
    使用您的 Symantec 識別碼,從 Symantec 網站 購買憑證。Purchase a certificate from the Symantec website using your Symantec ID. 購買憑證之後,您在註冊為 Microsoft 開發人員時指定的公司核准者,將會收到一封請求核准憑證要求的電子郵件。After you purchase the certificate, the corporate approver whom you designated when you registered as a Microsoft developer will receive an email asking for approval of the certificate request. 如需 Symantec 憑證需求的詳細資訊,請參閱為什麼 Windows Phone 需要 Symantec 憑證?For more information about the Symantec certificate requirement, see the Why Windows Phone requires a Symantec certificate? Windows 裝置註冊常見問題集。Windows device enrollment FAQ.

  3. 匯入憑證Import certificates
    一旦核准要求後,您就會收到包含匯入憑證指示的電子郵件。Once the request has been approved, you will receive an email containing instructions for importing certificates. 請遵循電子郵件中的指示,匯入憑證。Follow the instructions in the email to import the certificates.

  4. 確認憑證已匯入Verify certificates imported
    若要確認憑證是否已正確匯入,請移至 [憑證] 嵌入式管理單元,以滑鼠右鍵按一下 [憑證],然後選取 [尋找憑證]。To verify that the certificates have been imported correctly, go to the Certificates snap-in, right-click Certificates, and select Find Certificates. 在 [包含] 欄位中輸入 “Symantec”,然後按一下 [立即尋找] 。In the Contains field, enter “Symantec”, and click Find Now. 您匯入的憑證應該會出現在結果中。The certificates you imported should appear in the results.

    尋找 Symantec 憑證

  5. 匯出簽署憑證Export a signing certificate
    確認憑證存在之後,您就可以匯出 .pfx 檔案來簽署公司入口網站。Having verified that the certificates are present, you can export the .pfx file to sign the company portal. 選取 [使用目的] 為「程式碼簽署」的 Symantec 憑證。Select the Symantec certificate with Intended purpose “code-signing.” 以滑鼠右鍵按一下該程式碼簽署憑證,然後選取 [匯出]。Right-click the code-signing certificate and select Export.

    匯出簽署憑證

    [憑證匯出精靈]中,選取 [是,匯出私密金鑰] ,然後按一下 [下一步] 。In the Certificate Export Wizard, select Yes, export the private key and then click Next. 選取 [個人資訊交換 – PKCS #12 (.PFX)],然後選取 [如果可能的話,包含憑證路徑中的所有憑證]。Select Personal Information Exchange –PKCS #12 (.PFX) and check Include all the certificates in the certification path if possible. 完成精靈。Complete the wizard. 如需詳細資訊,請參閱 How to Export a Certificate with the Private Key (如何以私密金鑰匯出憑證)For more information, see How to Export a Certificate with the Private Key.

  6. 將應用程式上傳至 IntuneUpload the app to Intune
    上傳已簽署的應用程式檔案和您的程式碼簽署憑證,讓使用者能夠使用應用程式。Upload the signed app file and your code-signing certificate to make the app available to your end users.

    1. 在 Intune 入口網站中,依序按一下 [系統管理] > [Windows Phone]。In the Intune portal, click Administration > Windows Phone.

    2. 按一下 [上傳已簽署的應用程式檔案] ,並使用您的 Intune 系統管理員識別碼登入。Click the Upload Signed App File and sign in with your Intune Administrator ID.

    3. 將您匯出的憑證 (.pfx) 檔案新增至 [程式碼簽署憑證],並建立憑證的密碼。Add the certificate (.pfx) file that you exported to Code-signing certificate and create a password for the certificate.

    4. 完成精靈。Complete the wizard.

範例:下載、簽署和部署適用於 Windows 裝置的公司入口網站應用程式Example: Download, sign, and deploy the Company Portal app for Windows devices

您可以使用 Intune,將公司入口網站應用程式部署到 Windows 裝置 (包括 Windows Phone 和 Windows 10 行動裝置版的裝置),而不是從 Windows 市集進行安裝。You can deploy the Company Portal app to Windows devices, including Windows Phone and Windows 10 Mobile devices, with Intune instead of installing from the Windows Store. 您必須下載公司入口網站應用程式,並使用您的憑證進行簽署。You must download the Company Portal app and sign it with your certificate. 只有在您的使用者不會使用公司市集,並且您想要將公司入口網站部署到 Windows Phone 8.1 裝置時,才需要執行這項動作。This is only necessary if your users won't use the Company Store and you want to deploy the Company Portal to Windows Phone 8.1 devices.

  1. 下載公司入口網站Download the Company Portal

    若要使用 Intune 部署公司入口網站應用程式,您可以從下載中心下載適用於 Windows Phone 8.1 的 Microsoft Intune 公司入口網站應用程式,並執行自我解壓縮 (.exe) 檔案。To deploy the Company Portal app using Intune, you can download the Microsoft Intune Company Portal App for Windows Phone 8.1 from the Download Center and run the self-extracting (.exe) file. 此檔案會包含兩個檔案:This file contains two files:

    • CompanyPortal.appx - 適用於 Windows Phone 8.1 的公司入口網站安裝應用程式CompanyPortal.appx– The Company Portal installation app for Windows Phone 8.1

    • WinPhoneCompanyPortal.ps1 - PowerShell 指令碼,您可用來簽署公司入口網站應用程式檔案,因此可將它部署到 Windows Phone 8.1 裝置WinPhoneCompanyPortal.ps1 – A PowerShell script you can use to sign the Company Portal app file so it can be deployed to Windows Phone 8.1 devices

    或者,您可以從商務用 Windows 市集下載 Windows Phone 8.1 公司入口網站 (離線授權套件) 或 Windows 10 公司入口網站 (離線授權套件)。Alternatively, you can download the Windows Phone 8.1 Company Portal (offline licensed package) or the Windows 10 Company Portal (offline licensed package) from the Windows Store for Business. 您必須使用離線授權及下載來供離線使用的適當封裝,來取得公司入口網站應用程式。The Company Portal app will need to be acquired with an offline license and the appropriate package downloaded for offline use. 選項中的 Windows 8 和 Windows Phone 8 平台清單會參考其 8.1 對應項。Windows 8 and Windows Phone 8 platform listings in the selection refer to their 8.1 counterparts. 如需如何使用 Intune 執行此作業的相關詳細資訊,請參閱管理購自商務用 Windows 市集的應用程式For details about how to do this with Intune, see Manage apps you purchased from the Windows Store for Business.

  2. 下載 Windows Phone SDK 下載 Windows Phone SDK 8.0](http://go.microsoft.com/fwlink/?LinkId=615570),並將 SDK 安裝到您的電腦。Download the Windows Phone SDK Download the Windows Phone SDK 8.0](http://go.microsoft.com/fwlink/?LinkId=615570) and install the SDK to your computer. 您需要有這個 SDK,才能產生應用程式註冊權杖。This SDK is needed to generate an application enrollment token.

  3. 產生 AETX 檔案:使用 AETGenerator.exe,從 Symantec PFX 檔案產生應用程式註冊權杖 (.aetx) 檔案,其為 Windows Phone SDK 8.0 的一部分。Generate an AETX file Generate an application enrollment token (.aetx) file from the Symantec PFX file using AETGenerator.exe, part of Windows Phone SDK 8.0. 如需如何建立 AETX 檔案的相關指示,請參閱 如何產生適用於 Windows Phone 的應用程式註冊權杖For instructions on how to create an AETX file, see How to generate an application enrollment token for Windows Phone

  4. 下載適用於 Windows 8.1 的 Windows SDK:下載並安裝 Windows Phone SDK (http://go.microsoft.com/fwlink/?LinkId=613525)。Download the Windows SDK for Windows 8.1 Download and install the Windows Phone SDK (http://go.microsoft.com/fwlink/?LinkId=613525). 請注意,公司入口網站應用程式隨附的 PowerShell 指令碼會使用預設安裝位置 ${env:ProgramFiles(x86)}\Windows Kits\8.1Note that the PowerShell script included with the Company Portal app uses the default install location, ${env:ProgramFiles(x86)}\Windows Kits\8.1. 如果您安裝在其他地方,就必須在 cmdlet 參數中包含位置。If you install elsewhere, you must include the location in a cmdlet parameter.

  5. 使用 PowerShell 進行應用程式的程式碼簽署:以系統管理員身分,在主機電腦上開啟與 Windows SDK 一併安裝的 Windows PowerShell、Symantec 企業行動程式碼簽署憑證,巡覽至 Sign-WinPhoneCompanyPortal.ps1 檔案,然後執行指令碼。Code-sign the app using PowerShell As an administrator, open Windows PowerShell on the host computer installed with the Windows SDK, the Symantec Enterprise Mobile Code Signing Certificate, navigate to the Sign-WinPhoneCompanyPortal.ps1 file and run the script.

    範例 1Example 1

    .\Sign-WinPhoneCompanyPortal.ps1 -InputAppx 'C:\temp\CompanyPortal.appx' -OutputAppx 'C:\temp\CompanyPortalEnterpriseSigned.appx' -PfxFilePath 'C:\signing\cert.pfx' -PfxPassword '1234' -AetxPath 'C:\signing\cert.aetx'
    

    這個範例會簽署 C:\temp\ 中的 CompanyPortal.appx,並產生 CompanyPortalEnterpriseSigned.appx。This example signs the CompanyPortal.appx at C:\temp\ and produces the CompanyPortalEnterpriseSigned.appx. 它會使用 PFX 密碼 1234,並從 PFX 檔案中讀取發行者識別碼。It would use PFX password 1234 and read the publisher ID from the PFX file. 它也會從 cert.aetx 檔案讀取企業識別碼。It reads the enterprise ID from the cert.aetx file as well.

    範例 2Example 2

    .\Sign-WinPhoneCompanyPortal.ps1 -InputAppx 'C:\temp\CompanyPortal.appx' -OutputAppx 'C:\temp\CompanyPortalEnterpriseSigned.appx' -PfxFilePath 'C:\signing\cert.pfx' -PfxPassword '1234' -PublisherId 'OID.0.9.2342.19200300.100.1.1=1000000001, CN="Test, Inc.", OU=Test 1' -EnterpriseId 1000000001
    

    這個範例會簽署 C:\temp\ 中的 CompanyPortal.appx,並產生 CompanyPortalEnterpriseSigned.appx。This example signs the CompanyPortal.appx at C:\temp\ and produces the CompanyPortalEnterpriseSigned.appx. 其會使用 PFX 密碼 1234,並使用指定的發行者識別碼。It would use PFX password 1234 and use the publisher ID specified.

    參數:Parameters:

    • -InputAppx - 以單引號括住的 CompanyPortal.appx 檔案的本機路徑。-InputAppx – The local path to the CompanyPortal.appx file in single quotes. 例如 ' C:\temp\CompanyPortal.appx'For example 'C:\temp\CompanyPortal.appx'

    • -OutputAppx - 以單引號括住的已簽署公司入口網站應用程式的本機路徑和檔案名稱。-OutputAppx – The local path and file name for the signed Company Portal app in single quotes. 例如,' C:\temp\CompanyPortalEnterpriseSigned.appx'For example, 'C:\temp\CompanyPortalEnterpriseSigned.appx'

    • -PfxFilePath - Symantec 憑證的已匯出 PFX 檔案的本機路徑和檔案名稱。-PfxFilePath – The local path and file name for the exported PFX file of the Symantec certificate. 例如,' C:\signing\cert.pfx'For example, 'C:\signing\cert.pfx'

    • -PfxPassword - 以單引號括住、用來簽署 PFX 檔案的密碼。-PfxPassword – The password used to sign the PFX file in single quotes. 例如,'1234'For example '1234'

    • -AetxPath - 如果未定義的 'EnterpriseId' 引數,可用來讀取企業識別碼的 .aetx 檔案的本機路徑。-AetxPath – The local path to the .aetx file which is used for reading the enterprise ID if the 'EnterpriseId' argument is not defined. 您必須提供這個引數或 EnterpriseId。Either this argument or EnterpriseId must be provided. 例如,'C:\signing\cert.aetx'For example 'C:\signing\cert.aetx'

    • -PublisherId - 企業的發行者識別碼。-PublisherId - The Publisher ID of the enterprise. 如果這個參數不存在,則會使用 Symantec 企業行動程式碼簽署憑證的 [主旨] 欄位。If absent, the 'Subject' field of the Symantec Enterprise Mobile Code Signing Certificate is used. 例如 'OID.0.9.2342.19200300.100.1.1=1000000001, CN="Test, Inc.", OU=Test 1'For example, 'OID.0.9.2342.19200300.100.1.1=1000000001, CN="Test, Inc.", OU=Test 1'

    • -SdkPath - 適用於 Windows 8.1 之 Windows SDK 的根資料夾路徑。-SdkPath - The path to the root folder of the Windows SDK for Windows 8.1. 這個引數是選擇性,且預設值為 ${env:ProgramFiles(x86)}\Windows Kits\8.1。This argument is optional and defaults to ${env:ProgramFiles(x86)}\Windows Kits\8.1.

    • -EnterpriseId - 企業識別碼。-EnterpriseId - The enterprise ID. 您必須提供這個引數或 'AetxPath'。Either this argument or 'AetxPath' must be provided. 如果未提供這個引數,則會從 AETX 檔案讀取企業識別碼。If this argument is not provided, the enterprise ID is read from the AETX file. 例如,1000000001For example, 1000000001

  6. 部署 Windows Phone 8.1 公司入口網站 (SSP.appx) 應用程式。Deploy the Windows Phone 8.1 Company Portal (SSP.appx) app. 如需指引,請參閱如何新增 Windows Phone 企業營運 (LOB) 應用程式 (傳統主控台)。For guidance, see How to add Windows Phone line-of-business (LOB) apps (Classic console).

如何更新 Symantec 企業程式碼簽署憑證How to renew the Symantec enterprise code-signing certificate

用來部署 Windows 和 Windows Phone 行動應用程式的 Symantec 憑證必須定期更新。The Symantec certificate used to deploy Windows and Windows Phone mobile apps must be renewed periodically.

  1. 在憑證到期約 14 天前,請尋找 Symantec 寄來的更新電子郵件。Look for a renewal email sent from Symantec approximately 14 days prior to certificate expiration. 這封電子郵件會包含來自 Symantec 有關更新您企業憑證的指引。This email contains directions from Symantec about renewing your enterprise certificate.

    如需 Symantec 憑證的詳細資訊,請瀏覽 www.symantec.com,或致電 1-877-438-8776 或 1-650-426-3400。For additional information about Symantec certificates, visit www.symantec.com or call 1-877-438-8776 or 1-650-426-3400.

  2. 移至網站 (例如, https://products.websecurity.symantec.com/orders/enrollment/microsoftCert.do),並使用 Symantec 發行者識別碼和與憑證相關的電子郵件位址登入。Go to the website (example: https://products.websecurity.symantec.com/orders/enrollment/microsoftCert.do) and login with the Symantec Publisher ID and email addressed associated with the certificate. 請務必使用您用以下載憑證的電腦來啟動更新。Remember to use the same machine for starting the renewal that you’ll use to download the certificate.

  3. 一旦更新核准,且已支付,即可下載憑證。Once the renewal is approved and paid for, download the certificate.

如何安裝企業營運 (LOB) 應用程式的更新憑證How to install the updated certificate for line-of-business (LOB) apps

  1. 簽署企業營運應用程式的最新版本。Sign the latest version of your line-of-business app.

  2. 開啟 Intune 主控台並移至 [管理員] > [行動裝置管理] > [Windows Phone],然後按一下 [上傳已簽署的應用程式]。Open the Intune console and go to Admin > Mobile Device Management > Windows Phone and click Upload Signed App.

  3. 上傳新簽署的公司入口網站。Upload the newly signed Company Portal. 您會需要新簽署的 SSP.xap,以及您從 Symantec 收到的 .PFX 檔案,或由此 .PFX 檔案所建立的應用程式註冊權杖。You’ll need the newly signed SSP.xap and the new .PFX file you received from Symantec or the Application enrollment token that was created with this new .PFX file.

  4. 上傳完成後,請從 [軟體] 工作區中移除舊版公司入口網站。When the upload is complete, remove the old Company Portal version in the Software workspace.

  5. 使用新的憑證簽署所有新增及更新的企業營運應用程式。Sign all new and any updated enterprise line-of-business apps using the new certificate. 現有的應用程式無須重新簽署,也無須重新部署。Existing applications do not need to be resigned and redeployed.

手動部署 Windows 10 公司入口網站應用程式Manually deploy Windows 10 Company Portal app

即使您還沒有整合 Intune 與商務用 Windows 市集,仍可直接從 Intune 手動部署 Windows 10 公司入口網站應用程式。You can manually deploy the Windows 10 Company Portal app directly from Intune, even if you haven’t integrated Intune with the Windows Store for Business.

注意

這個選項將需要在每次應用程式發行更新時,部署手動更新。This option will require deploying manual updates each time an app update is released.

  1. 商務用 Windows 市集登入您的帳戶,取得公司入口網站應用程式的離線授權版本。Log in to your account in the Windows Store for Business and acquire the offline license version of the Company Portal app.
  2. 取得應用程式之後,在 [詳細目錄] 頁面中選取該應用程式。Once the app has been acquired, select the app in the Inventory page.
  3. 在 [平台] 選取 [Windows 10 所有裝置],然後選取適當的 [架構] 並下載。Select Windows 10 all devices as the Platform, then the appropriate Architecture and download. 此應用程式不需要應用程式授權檔案。An app license file is not needed for this app. Windows 10 所有裝置和供下載之 X86 架構套件詳細資料的圖片Image of Windows 10 all devices and Architecture X86 Package details for Download
  4. 下載「必要架構」底下的所有套件。Download all the packages under “Required Frameworks”. x86、x64 及 ARM 架構都要執行這個步驟 – 所以總共 9 個套件,如下圖所示。This must be done for x86, x64 and ARM architectures – resulting in a total of 9 packages as shown below.

<span data-ttu-id="e7922-221">要下載之相依性檔案的圖片</span><span class="sxs-lookup"><span data-stu-id="e7922-221">Image of dependency files to Download</span></span>

  1. 將公司入口網站應用程式上傳至 Intune 之前,先建立資料夾 (例如 C:\Company Portal),並以如下結構放置套件︰Before uploading the Company Portal app to Intune, create a folder (e.g., C:\Company Portal) with the packages structured in the following way:
    1. 將公司入口網站套件放入 C:\Company Portal。Place the Company Portal package into C:\Company Portal. 在此位置中建立 Dependencies 子資料夾。Create a Dependencies subfolder in this location as well.
      已建好 Dependencies 資料夾並存有 APPXBUN 檔案的圖片
    2. 將 9 個相依性套件放在 Dependencies 資料夾中。Place the nine dependencies packages in the Dependencies folder.
      如果相依性套件未依如此方式放置,Intune 將無法在套件上傳期間辨識及上傳這些項目,而導致上傳失敗並出現下列錯誤。If the dependencies are not placed in this format, Intune will not be able to recognize and upload them during the package upload, causing the upload to fail with the following error.
      在應用程式資料夾中找不到此軟體安裝程式的 Windows 應用程式相依性。
  2. 返回 Intune,將公司入口網站應用程式上傳為新應用程式。Return to Intune, then upload the Company Portal app as a new app. 針對所需的目標使用者群,將其部署為必要的應用程式。Deploy it as a required app to the desired set of target users.

有關 Intune 如何處理通用應用程式的相依性,詳細資訊請參閱透過 Microsoft Intune MDM 部署具相依性的 appxbundleSee Deploying an appxbundle with dependencies via Microsoft Intune MDM for more information about how Intune handles dependencies for Universal apps.

如果使用者已從市集安裝較舊的公司入口網站應用程式,我如何能更新他們裝置上的公司入口網站應用程式?How do I update the Company Portal on my users’ devices if they have already installed the older apps from the store?

如果您的使用者已經從市集安裝 Windows 8.1 或 Windows Phone 8.1 公司入口網站應用程式,則他們的裝置應該會自動更新到新版本,您或您的使用者不需要採取任何動作。If your users have already installed the Windows 8.1 or Windows Phone 8.1 Company Portal apps from the Store, then they should be automatically updated to the new version with no action required from you or your user. 如果更新沒發生,請使用者確認他們已在其裝置上啟用自動更新市集應用程式。If the update does not happen, ask your users to check that they have enabled autoupdates for Store apps on their devices.

如何將我側載的 Windows 8.1 公司入口網站應用程式升級至 Windows 10 公司入口網站應用程式?How do I upgrade my sideloaded Windows 8.1 Company Portal app to the Windows 10 Company Portal app?

我們建議的移轉方式是刪除 Windows 8.1 公司入口網站應用程式的部署,做法是將部署動作設定為「解除安裝」。Our recommended migration path is to delete the deployment for the Windows 8.1 Company Portal app by setting the deployment action to “Uninstall”. 完成後,可以使用任何上述選項部署 Windows 10 公司入口網站應用程式。Once this is done, the Windows 10 Company Portal app can be deployed using any of the above options.

如果您需要側載應用程式,且您部署 Windows 8.1 公司入口網站時未使用 Symantec 憑證簽署它,請遵循之前「透過 Intune 直接部署」一節所述步驟完成升級。If you need to sideload the app and deployed the Windows 8.1 Company Portal without signing it with the Symantec Certificate, follow the steps in the Deploy directly via Intune section above to complete the upgrade.

如果您需要側載應用程式,且您已使用 Symantec 程式碼簽署憑證簽署及部署 Windows 8.1 公司入口網站,請遵循下一節的步驟。If you need to sideload the app and you signed and deployed the Windows 8.1 Company Portal with the Symantec code-signing certificate, follow the steps in the section below.

如何將我已簽署及側載的 Windows Phone 8.1 公司入口網站應用程式或 Windows 8.1 公司入口網站應用程式,升級至 Windows 10 公司入口網站應用程式?How do I upgrade my signed and sideloaded Windows Phone 8.1 Company Portal app or Windows 8.1 Company Portal app to the Windows 10 Company Portal app?

我們建議的移轉方式是刪除 Windows Phone 8.1 公司入口網站應用程式或 Windows 8.1 公司入口網站應用程式的現有部署,做法是將部署動作設定為「解除安裝」。Our recommended migration path is to delete the existing deployment for the Windows Phone 8.1 Company Portal app or the Windows 8.1 Company Portal app by setting the deployment action to “Uninstall”. 完成後,便可以正常部署 Windows 10 公司入口網站應用程式。Once this is done, the Windows 10 Company Portal app can be deployed normally.

否則,必須適當地更新及簽署 Windows 10 公司入口網站應用程式,以確保遵循升級方式。Otherwise, the Windows 10 Company Portal app needs to be appropriately updated and signed to ensure that the upgrade path is respected.

如果是以這種方式簽署及部署 Windows 10 公司入口網站應用程式,每當市集內有新的應用程式更新時,您就必須為每個應用程式重複此程序。If the Windows 10 Company Portal app is signed and deployed in this way, you will need to repeat this process for each new app update when it is available in the store. 當市集更新時,應用程式不會自動更新。The app will not automatically update when the store is updated.

以下說明如何以此方式簽署和部署應用程式︰Here’s how you sign and deploy the app in this way:

  1. https://aka.ms/win10cpscript 下載 Microsoft Intune Windows 10 公司入口網站應用程式簽署指令碼。Download the Microsoft Intune Windows 10 Company Portal App Signing Script from https://aka.ms/win10cpscript. 此指令碼需要在主機電腦上安裝適用於 Windows 10 的 Windows SDK。This script requires the Windows SDK for Windows 10 to be installed on the host computer. 若要下載適用於 Windows 10 的 Windows SDK,請前往 https://go.microsoft.com/fwlink/?LinkId=619296To download the Windows SDK for Windows 10, visit https://go.microsoft.com/fwlink/?LinkId=619296.
  2. 從商務用 Windows 市集下載 Windows 10 公司入口網站應用程式,詳如前述。Download the Windows 10 Company Portal app from the Windows Store for Business, as detailed above.
  3. 搭配輸入參數執行詳載於指令碼標頭內的指令碼,簽署 Windows 10 公司入口網站應用程式 (摘錄於下)。Run the script with the input parameters detailed in the script header to sign the Windows 10 Company Portal app (extracted below). 相依性不需要傳遞至指令碼。Dependencies do not need to be passed into the script. 這些只有在將應用程式上傳至 Intune 管理主控台時才需要。These are only required when the app is being uploaded to the Intune Admin Console.
參數Parameter 說明Description
InputWin10AppxBundleInputWin10AppxBundle 來源 appxbundle 檔案所在路徑。The path to where the source appxbundle file is located
OutputWin10AppxBundleOutputWin10AppxBundle 已簽署之 appxbundle 檔案的輸出路徑。The output path for the signed appxbundle file. Win81Appx Windows 8.1 或 Windows Phone 8.1 公司入口網站 (.APPX) 檔案所在路徑。Win81Appx The path to where the Windows 8.1 or Windows Phone 8.1 Company Portal (.APPX) file is located.
PfxFilePathPfxFilePath Symantec 企業行動程式碼簽署憑證 (.PFX) 的路徑。The path to Symantec Enterprise Mobile Code Signing Certificate (.PFX) file.
PfxPasswordPfxPassword Symantec 企業行動程式碼簽署憑證的密碼。The password of the Symantec Enterprise Mobile Code Signing Certificate.
PublisherIdPublisherId 企業的發行者識別碼。The Publisher ID of the enterprise. 如果這個參數不存在,則會使用 Symantec 企業行動程式碼簽署憑證的 [主旨] 欄位。If absent, the 'Subject' field of the Symantec Enterprise Mobile Code Signing Certificate is used.
SdkPathSdkPath 適用於 Windows 10 之 Windows SDK 的根資料夾路徑。The path to the root folder of the Windows SDK for Windows 10. 這個引數是選擇性,且預設值為 ${env:ProgramFiles(x86)}\Windows Kits\10This argument is optional and defaults to ${env:ProgramFiles(x86)}\Windows Kits\10

指令碼執行完成時,會輸出簽署版的 Windows 10 公司入口網站應用程式。The script will output the signed version of the Windows 10 Company Portal app when it has finished running. 然後,您可以透過 Intune 將簽署版的應用程式部署為 LOB 應用程式,這會將目前部署的版本升級至此新應用程式。You can then deploy the signed version of the app as an LOB app via Intune, which will upgrade the currently deployed versions to this new app.

若要提交意見反應,請前往 Intune Feedback