Microsoft Intune 的已知問題Known issues in Microsoft Intune

您可以使用本文來了解 Microsoft Intune 中的任何已知問題。Use this article to learn about any known issues in Microsoft Intune.

若要回報此處未列的 Bug,可提出支援要求If you want to report a bug that is not listed here, open a support request.

如果您想要要求在 Intune 中新增功能,請考慮在 Uservoice網站上提出報告。If you want to request a new feature for Intune, consider filing a report on Uservoice site.

移轉Migration

Intune 舊版電腦用戶端功能只在 Silverlight 主控台提供Intune legacy PC client features are only available in the Silverlight console

Azure 入口網站上的 Intune 提供了使用 Windows MDM 註冊管理 Windows 10 的能力。The ability to manage Windows 10 in the Intune on Azure portal is available via Windows MDM enrollment. 如需詳細資訊,請參閱 Azure 主控台上的 Intune 和電腦用戶端上的舊版 IntuneFor more information, see Intune on Azure console and legacy Intune PC Client.

由 Intune 在移轉期間所建立的群組,可能會影響其他 Microsoft 產品的功能Groups created by Intune during migration might affect functionality of other Microsoft products

當您從 Intune 移轉到 Azure 入口網站時,可能會看到名為 All Users - b0b08746-4dbe-4a37-9adf-9e7652c0b421 的新群組。When you migrate from Intune to the Azure portal, you might see a new group named All Users - b0b08746-4dbe-4a37-9adf-9e7652c0b421. 此群組包含 Azure Active Directory 中的所有使用者,而非只有 Intune 授權的使用者。This group contains all users in your Azure Active Directory, not only Intune licensed users. 如果您預期有某些不屬於任何群組的現有或新使用者,此使用方式可能會對其他 Microsoft 產品造成問題。This usage can cause issues with other Microsoft products if you expect some existing or new users to not be a member of any groups.

用於移轉原則的「狀態」刀鋒視窗無法運作Status blades for migrated policies do not work

您無法在 Azure 入口網站中,檢視從 Azure 傳統入口網站移轉之原則的狀態資訊。You cannot view status information for policies that were migrated from the Azure classic portal in the Azure portal. 但是,您可以在傳統入口網站中繼續檢視這些原則的報表。However, you can continue to view reports for these policies in the classic portal. 若要檢視移轉之設定原則的狀態資訊,請在 Azure 入口網站中重新建立它們。To view status information for migrated configuration policies, recreate them in the Azure portal.

應用程式Apps

特定 VPP 應用程式的多個應用程式安裝提示Multiple app install prompts for certain VPP apps

您可能會看到終端使用者裝置上已安裝之特定 VPP 應用程式的多個應用程式安裝提示。You may see multiple app install prompts for certain VPP apps which are already installed on end user devices. 如果您將已上傳至 Intune Azure 入口網站之 VPP 權杖的 [Automatic app updates] (自動應用程式更新) 選項設定為 [開啟],就會發生此問題。This issue occurs if you have the Automatic app updates option set to On for the VPP token that you have uploaded to the Intune Azure portal.

若要解決此問題,您可以停用 VPP 權杖的 [Automatic app updates] (自動應用程式更新) 選項。To workaround this issue, you can disable the Automatic app updates option for the VPP token. 若要執行這項作業,請在 Azure 入口網站中,開啟 Microsoft Intune。To do this, in the Azure portal open Microsoft Intune. 從 Intune 選取 [Mobile Apps] > [iOS VPP tokens] (iOS VPP 權杖)。From Intune, select Mobile apps > iOS VPP tokens. 接下來,選取已部署受影響應用程式的 VPP 權杖,然後選取 [編輯] > [Automatic app updates] (自動應用程式更新) > [關閉] > [儲存]。Next, select the VPP Token which has deployed the affected app and select Edit > Automatic app updates > Off > Save. 或者,您可以停止將受影響的應用程式部署為 VPP 應用程式,這將會停止提示。Alternatively, you can stop the deployment of the affected app as a VPP app, which will stop the prompts.

這是目前版本中的已知問題。This is a known issue in the current release. 我們將在未來推出修正程式來解決此問題。We have an upcoming fix which will resolve this issue. 實作修正程式之後,您的使用者就不會再看到多個應用程式安裝提示。When the fix is implemented, your users will no longer see multiple app install prompts.

iOS 大量採購應用程式僅適用於預設的 Intune 租用戶語言iOS volume-purchased apps only available in default Intune tenant language

iOS 大量採購應用程式只能針對與您的 Intune 帳戶相同的國碼/地區碼顯示,並且予以指派。iOS volume-purchased apps are displayed, and can be assigned only for the same country code as your Intune account. Intune 只會同步其 iTunes 地區設定與 Intune 租用戶帳戶國碼/地區碼相同的應用程式。Intune only syncs apps from the same iTunes locale as the Intune tenant account country code. 例如,如果您購買僅於美國市集中提供的應用程式,但您的 Intune 帳戶是德文,Intune 就不會顯示該應用程式。For example, if you purchase an app only available in a U.S. store, but your Intune account is German, Intune does not show that app.

上傳多份相同的 iOS 大量採購方案Multiple copies of the same iOS volume-purchase program are uploaded

請勿針對相同的 VPP 權杖多次按一下 [上傳] 按鈕。Do not click the Upload button multiple times for the same VPP token. 這會導致上傳重複的 VPP 權杖,並針對相同的 VPP 權杖多次進行應用程式同步處理。This will result in duplicate VPP tokens being uploaded, and apps syncing multiple times for the same VPP token.

部分 Managed Browser 流量未透過 Azure 應用程式 Proxy 進行路由傳送 Some Managed Browser traffic not routed through Azure App Proxy

Managed Browser 和應用程式 Proxy 整合存在一個已知問題,即某些第三流量 (例如 javascript 或 AJAX 呼叫) 不會透過 Azure 應用程式 Proxy 進行路由傳送。There is a known issue with the Managed Browser and App Proxy integration where certain tertiary traffic (like javascript or AJAX calls) are not routed through the Azure App Proxy. 這是目前版本中的已知問題。This is a known issue in the current release.

裝置設定Device configuration

您無法為某些裝置儲存「Windows 資訊保護」原則You cannot save a Windows Information Protection policy for some devices

對於沒有在 Intune 註冊的裝置,您只能在「Windows 資訊保護」原則設定的 [公司識別] 欄位中指定一個主要網域。For devices not enrolled with Intune, you can only specify a primary domain in the Corporate Identify field in the settings for a Windows Information Protection policy. 如果您新增了其他網域 (使用 [進階設定] > [網路周圍] > [新增受保護網域]),則將無法儲存原則。If you add additional domains (using Advanced settings > Network perimeter > Add a protected domain), you cannot save the policy. 您看到的錯誤訊息很快就會變得更為準確。The error message you see will soon be changed to be more accurate.

Cisco AnyConnect 和 Cisco Legacy AnyConnect VPN 用戶端支援 - iOSCisco AnyConnect and Cisco Legacy AnyConnect VPN client support - iOS

在 iOS 裝置上,網路存取控制 (NAC) 整合不適用於新的 Cisco AnyConnect 用戶端。On iOS devices, network access control (NAC) integration does not work with the new Cisco AnyConnect client. 我們正與 Cisco 合作來提供 NAC 整合。We are working with Cisco to provide NAC integration.

在 Intune 中建立 VPN 設定檔提供 Cisco AnyConnect 和 Cisco Legacy AnyConnect 用戶端更詳細的資訊。Create VPN profiles in Intune provides more details on the Cisco AnyConnect and Cisco Legacy AnyConnect clients.

搭配 macOS Sierra 裝置使用數值密碼類型Using the numeric password type with macOS Sierra devices

目前,如果您在 macOS Sierra 裝置的裝置限制設定檔中依序選取 [數值] > [必要的密碼類型],它會強制為 [英數字元]。Currently, if you select the Numeric Required password type in a device restriction profile for macOS Sierra devices, it is enforced as Alphanumeric. 如果您想要搭配這些裝置使用數值密碼,請不要設定這項設定。If you want to use a numeric password with these devices, do not configure this setting. 未來的 macOS 版本可能會更正這個問題。This issue might be corrected in a future version of macOS.

如需這些設定的詳細資訊,請參閱 Microsoft Intune 中的 macOS 裝置限制設定For more information about these settings, see macOS device restriction settings in Microsoft Intune.

合規性Compliance

Intune 的合規性原則不會顯示於新的主控台中Compliance policies from Intune do not show up in new console

您在傳統入口網站中所建立的合規性原則都會移轉,但並不會顯示於 Azure 入口網站中,因為 Azure 入口網站的設計改變了。Compliance policies you created in the classic portal are migrated, but are not displayed in the Azure portal because of design changes in the Azure portal. 您在傳統 Intune 傳統入口網站所建立的合規性原則仍然會強制執行,但您必須在傳統入口網站中檢視及編輯這些原則。Compliance policies you created in the Intune classic portal are still enforced, but you must view and edit them in the classic portal.

除此之外,您在 Azure 入口網站中所建立的新合規性原則不會顯示於傳統入口網站中。Additionally, new compliance policies you create in the Azure portal are not visible in the classic portal.

如需詳細資訊,請參閱什麼是裝置合規性For more information, see What is device compliance.

資料保護Data protection

iOS 應用程式保護原則iOS app protection policies

您可以定義 iOS 應用程式保護原則,在透過行動應用程式管理 (MAM) 進行管理而不需要註冊的裝置上供使用者使用。You can define app protection policies for iOS that are available for users on devices managed through mobile app management (MAM) without enrollment. 由於暫時性的錯誤,您只能為僅一個小數位數、而非多個小數位數的 iOS 版本定義這些原則。Due to a temporary error, you can only define these policies for iOS versions with a single decimal point version rather than multiple decimal points. 可為 iOS 10.3 設定,不能為 iOS 10.3.1 的最低版本設定。Instead of setting a minimum version of iOS 10.3.1, you set it for iOS 10.3. 即將推出的 iOS SDK 更新會解決此問題。This will be resolved with a forthcoming update to the iOS SDK.

管理與帳戶Administration and accounts

全域管理員 (也稱為租用戶管理員) 無須個別的 Intune 或 Enterprise Mobility Suite (EMS) 授權,也可以繼續執行日常的管理工作。Global Admins (also referred to as Tenant Admins) can continue day-to-day administration tasks without a separate Intune or Enterprise Mobility Suite (EMS) license. 但是,若要使用服務,例如註冊自己的裝置、公司裝置或使用 Intune 公司入口網站,他們就需要有 Intune 或 EMS 授權。However, to use the service, such as to enroll their own device, a corporate device, or use the Intune Company Portal, they need an Intune or EMS license.