當 iOS 應用程式交由應用程式保護原則管理時的行為What to expect when your iOS app is managed by app protection policies

適用於︰IntuneApplies to: Intune
本主題適用於 Azure 入口網站和傳統主控台中的 Intune。This topic applies to Intune in both the Azure portal and the classic console.

針對已套用應用程式保護原則的應用程式,本主題說明使用者的使用體驗。This topic describes the user experience when using apps with app protection policies applied to. 只有在工作環境中使用應用程式時,才會套用應用程式保護原則;例如,當使用者使用工作帳戶來存取應用程式的情況,或是存取公司商務用 OneDrive 地點中所儲存檔案的情況。App protection policies are applied only when apps are used in the work context; for example, when the user is accessing apps with a work account or accessing files that are stored in a company OneDrive for business location.

存取應用程式Access apps

如果裝置未註冊於 Intune 中,會要求使用者在第一次使用應用程式時重新啟動應用程式。If the device is not enrolled in Intune, the user is asked to restart the app when they first use it. 必須先重新啟動,才會將應用程式保護原則套用到應用程式。A restart is required so that app protection polices can be applied to the app.

針對在 Intune 中註冊以進行管理的裝置,使用者會看到其應用程式現在已受管理的訊息。For devices that are enrolled for management in Intune, the user sees a message that their app is now managed.

使用具有多重身分識別支援的應用程式Use apps with multi-identity support

當應用程式保護原則只有在工作環境中使用應用程式時才會套用,支援多重身分識別的應用程式讓您能夠使用不同的帳戶 (工作和個人) 來存取相同的應用程式。Apps that support multi-identity let you use different accounts (work and personal) to access the same apps, while app protection policies are applied only when the apps are used in the work context.

例如,使用者會在存取工作資料時看到 PIN 提示。For example, the user gets a PIN prompt when accessing work data. 針對 Outlook 應用程式,使用者在啟動應用程式時,系統會提示使用者輸入 PIN。For the Outlook app, the user is prompted for a PIN when they launch the app. 針對 OneDrive 應用程式,使用者輸入工作帳戶時,系統會提示使用者輸入 PIN。For the OneDrive app, the user is prompted for a pin when they type in the work account. 針對 Microsoft WordPowerPointExcel,當使用者存取公司商務用 OneDrive 位置中所儲存的文件時,系統會提示使用者輸入 PIN。For Microsoft Word, PowerPoint, and Excel, the user is prompted for a pin when they access documents that are stored in the company OneDrive for Business location.

應用程式保護原則只適用於工作環境。App protection polices are only applied in the work context. 因此,應用程式可能因工作環境或個人環境而有不同的行為。Therefore, the app might behave differently depending on whether the context is work or personal.

管理裝置上的使用者帳戶Manage user accounts on the device

Intune 僅支援將應用程式保護原則部署到每個裝置的一個使用者帳戶。Intune supports the deployment of app protection policies to one user account per device only.

  • 根據您所使用的應用程式,可能會封鎖裝置上的第二個使用者。Depending on the app that you are using, the second user might be blocked on the device. 在所有情況下,只有套用應用程式保護原則的第一位使用者會受原則影響。However, in all cases, only the first user who gets the app protection policies is affected by the policy.

    • Microsoft WordExcelPowerPoint 不會封鎖第二個使用者帳戶,但第二個使用者帳戶不會受應用程式保護原則影響。Microsoft Word, Excel, and PowerPoint don't block a second user account, but the second user account is not affected by the app protection policies.

    • 若為 OneDriveOutlook 應用程式,您只能使用一個工作帳戶。For OneDrive and Outlook apps, you can only use one work account. 您無法針對這些應用程式新增多個工作帳戶。You can't add multiple work accounts for these apps. 不過,您可以在裝置上移除使用者並新增不同的使用者。You can however, remove a user and add a different user on the device.

  • 若裝置在應用程式保護原則部署之前已有多個使用者帳戶,則應用程式保護原則所部署的第一個帳戶將由 Intune 應用程式保護原則管理。If a device has existing multiple user accounts before the app protection policies are deployed, the account that the app protection policies are deployed to first is managed by Intune app protection policies.

閱讀下列案例範例以深入了解如何處理多個使用者帳戶。Read the following example scenario to get a deeper understanding of how multiple user accounts are treated.

使用者 A 為兩家公司服務 - X 公司Y 公司。使用者 A 在這兩家公司各有一個工作帳戶,且兩者全都使用 Intune 部署應用程式保護原則。User A works for two companies—Company X and Company Y. User A has a work account for each company, and both use Intune to deploy app protection policies. X 公司部署先於 Y 公司部署應用程式保護原則。X 公司關聯的帳戶將得到應用程式保護原則,Y 公司關聯的帳戶則否。如果您希望 Y 公司關聯的使用者帳戶受應用程式保護原則管理,您必須移除與 X 公司關聯的使用者帳戶。Company X deploys app protection policies before Company Y. The account that's associated with Company X gets the app protection policy, but not the account that's associated with Company Y. If you want the user account that's associated with Company Y to be managed by the app protection policies, you must remove the user account that's associated with Company X.

新增第二個帳戶Add a second account

如果您使用 iOS 裝置,則嘗試在該裝置上新增第二個工作帳戶時,會看到封鎖訊息。If you are using an iOS device, when you try to add a second work account on that device, you might see a blocking message. 將會顯示帳戶,接著您可以選擇想要移除的帳戶。The accounts will be displayed, and then you can choose the account you want to remove.

後續步驟Next steps

當 Android 應用程式交由應用程式保護原則管理時的行為What to expect when your Android app is managed by app protection policies

若要提交意見反應,請前往 Intune Feedback