開始使用原則Get started with policies

開始使用 Intune 的其中一個主要目標是註冊裝置,以確定它們符合公司原則。One of the main goals of getting started with Intune is enrolling devices to make sure that they are compliant with corporate policies. 合規性原則不只可以協助您管理特殊裝置類型,例如公司擁有的 Kiosk,也能管理個人 (攜帶您自己) 的裝置、平板電腦和無使用者裝置。Compliance policies not only help you to manage specialized device types, such as corporate-owned kiosks, but also personal (Bring Your Own) devices, tablets, and user-less devices.

具有極少資料的合規性儀表板

合規性原則提供行動裝置的下列管理功能:Compliance policies provide the following management capabilities for mobile devices:

  • 管理每個使用者註冊的裝置數目Regulate numbers of devices each user enrolls
  • 管理裝置設定 (如裝置層級加密、密碼長度、相機使用方式)Manage devices settings (e.g. device-level encryption, password length, camera usage)
  • 提供應用程式、電子郵件設定檔、VPN 設定檔等。Deliver apps, email profiles, VPN profiles, etc.
  • 評估安全性合規性原則的裝置層級準則Evaluate device-level criteria for security compliance policies

您要個別建立每個平台的合規性原則。You create compliance policies for each platform separately. 針對此練習,我們將著重於 iOS。For this exercise, we’ll stick to iOS. 下列是 iOS 裝置可用的原則:The following policies are available for iOS devices:

  • PIN 碼或密碼設定PIN or password configuration
  • 裝置加密Device encryption
  • 已進行 JB 破解的裝置Jailbroken device
  • 電子郵件設定檔Email profile
  • 最低 OS 版本Minimum OS version
  • 最高 OS 版本Maximum OS version

如何建立原則?How do I create a policy?

  1. 登入 Azure 入口網站Sign in to the Azure portal.
  2. 使用 [搜尋資源],搜尋 IntuneSearch resources, search for Intune.
  3. 選取 [裝置合規性]。Select Device compliance.
  4. 在 [裝置合規性] 刀鋒視窗中,選取 [原則]。On the Device compliance blade, select Policies.
  5. 選取 [建立原則],然後填入詳細資訊,例如 [名稱] 和 [描述]。Select Create Policy, then fill in the details, like Name and Description. 選擇 [iOS] 作為 [平台]。Choose iOS as the Platform.
  6. 在 [設定] 中,選取 [系統安全性],然後將 [需要密碼才可解除鎖定行動裝置] 切換至 [需要]。In Settings, select System Security, then toggle Require a password to unlock mobile devices to Require. 您可以也設定其他規則,例如 [密碼長度下限]、[必要的密碼類型]和 [密碼中的非英數字元數目]。You can also set other rules, such as Minimum password length, Required password type, and Number of non-alphanumeric characters in password. 設定完成您的原則之後,選取 [確定]。When you’ve finished setting up your policy, select OK.
  7. 返回 [建立原則] 刀鋒視窗,然後選取 [建立]。Return to the Create policy blade, then select Create.
  8. 建立原則之後,選取 [指派] 將它指派給您的測試群組。Once the policy is created, select Assignments to assign it to your test group. 選取您的測試群組 - 群組中應該有您的測試使用者 - 然後按一下 [儲存] 將原則指派給該群組。Select your test group – which should have your test user in it – then assign the policy to that group by clicking Save.
  9. 等待幾分鐘的時間,您的已註冊裝置應該會提示您需要更新密碼,以維持符合公司原則。Wait a few minutes, then your enrolled device should prompt you that it needs an updated password in order to remain compliant with corporate policy. 您也可以在 iOS 公司入口網站應用程式手動檢查這點,方法是依序點選裝置名稱和 [同步] 按鈕。You can also manually check for this in the Company Portal app for iOS by tapping on the device name, then the Sync button.

後續步驟Next steps

開始註冊裝置 - 透過 iOS 裝置的完整註冊體驗,來學習註冊體驗。Get started enrolling devices - Learn the enrollment experience by going through a full enrollment experience of an iOS device.

進一步了解Learn more