檢閱用戶端應用程式保護記錄Review client app protection logs

深入了解應用程式防護記錄中您可以檢閱的設定。Learn about the settings you can review in the app protection logs. 藉由在行動用戶端上啟用 Intune 診斷來存取記錄。Access logs by enabling Intune Diagnostics on a mobile client.

啟用及收集記錄的流程會因平台而有所不同:The process to enable and collect logs varies by platform:

下表列出應用程式防護原則設定名稱,以及記錄在記錄中的支援值。The following tables list the App protection policy setting name and supported values that are recorded in the log. 此外,每個設定都會識別在 Microsoft Endpoint Manager 入口網站中找到的原則設定。In addition, each setting identifies the policy setting found within Microsoft Endpoint Manager portal. 如需每項設定的詳細資訊,請參閱 iOS/iPadOS 應用程式防護原則設定Microsoft Intune 的 Android 應用程式防護原則設定For detailed information on each setting, see iOS/iPadOS app protection policy settings and Android app protection policy settings in Microsoft Intune.

iOS/iPadOS 應用程式防護原則設定iOS/iPadOS App protection policy settings

NameName 值詳細資料Value details Microsoft Endpoint Manager 應用程式保護原則中的設定Setting in Microsoft Endpoint Manager App Protection Policy
AccessRecheckOfflineTimeoutAccessRecheckOfflineTimeout x 分鐘x minutes 區段 :條件式啟動Section : Conditional Launch
設定 :使用動作「封鎖存取」的離線寬限期 (分鐘)Setting : Offline grace period with action Block access (minutes)
AccessRecheckOnlineTimeoutAccessRecheckOnlineTimeout x 分鐘x minutes 區段 :存取需求Section : Access requirements
設定 :重新檢查存取需求前的經過時間 (非使用中狀態分鐘數)Setting : Recheck the access requirements after (minutes of inactivity)
AllowedOutboundClipboardSharingExceptionLengthAllowedOutboundClipboardSharingExceptionLength x 個字元x characters 區段 :資料保護Section : Data protection
設定 :所有應用程式的剪下及複製字元限制Setting : Cut and copy character limit for any app
AppPinDisabledAppPinDisabled 0 = 需要0 = Require
1 = 不需要1 = Not required
區段 :存取需求Section : Access requirements
設定 :在設定裝置 PIN 時要求應用程式 PINSetting : App PIN when device PIN is set
AppSharingFromLevelAppSharingFromLevel 0 = 無0 = None
1 = 受原則管理的應用程式1 = Policy Managed apps
2 = 所有應用程式2 = All apps
區段 :資料保護Section : Data Protection
設定 :接收其他應用程式的資料Setting : Receive data from other apps
AppSharingToLevelAppSharingToLevel 0 = 無0 = None
1 = 受原則管理的應用程式1 = Policy managed apps
2 = 所有應用程式2 = All app
區段 :資料保護Section : Data Protection
設定 :將組織資料傳送到其他應用程式Setting : Send org data to other apps
ProtectManagedOpenInDataProtectManagedOpenInData 0 = False0 = False
1 = True1 = True
區段 :資料保護Section : Data Protection
設定 :設定為 true 時,[將組織資料傳送到其他應用程式] 會設定為 [具 Open-In/Share 篩選且受原則管理的應用程式]Setting : Send org data to other apps is set to Policy Managed apps with Open-In/Share filtering when true
AuthenticationEnabledAuthenticationEnabled 0 = 不需要0 = Not required
1 = 需要1 = Require
區段 :存取需求Section : Access requirements
設定 :公司或學校帳戶認證以進行存取Setting : Work or school account credentials for access
ClipboardSharingLevelClipboardSharingLevel 0 = 已封鎖0 = Blocked
1 = 受原則管理的應用程式1 = Policy managed apps
2 = 可貼上的受原則管理應用程式2 = Policy managed apps with paste in
3 = 任何應用程式3 = Any app
區段 :資料保護Section : Data Protection
設定 :禁止在不同的應用程式之間進行剪下、複製及貼上Setting : Restrict cut, copy, and paste between other apps
ContactSyncDisabledContactSyncDisabled 0 = 允許0 = Allow
1 = 封鎖1 = Block
區段 :資料保護Section : Data Protection
設定 :與原生連絡人應用程式同步應用程式Setting : Sync app with native contacts app
DataBackupDisabledDataBackupDisabled 0 = 允許0 = Allow
1 = 封鎖1 = Block
區段 :資料保護Section : Data Protection
設定 :禁止備份Setting : Prevent backups
DeviceComplianceEnabledDeviceComplianceEnabled 0 = False0 = False
1 = True1 = True
區段 :條件式啟動Section : Conditional Launch
設定 :已進行 JB 或 Root 破解的裝置Setting : Jailbroken/rooted devices
DeviceComplianceFailureActionDeviceComplianceFailureAction 0 = 封鎖存取0 = Block acess
1 = 抹除資料1 = Wipe data
區段 :條件式啟動Section : Conditional Launch
設定 :已進行 JB 或 Root 破解的裝置Setting : Jailbroken/rooted devices
DisableShareSenseDisableShareSense N/AN/A N/A:未主動由 Intune 服務使用。N/A: Not actively used by Intune service.
FileEncryptionLevelFileEncryptionLevel 0 = 當裝置已鎖定時0 = When device is locked
1 = 當裝置已鎖定且有開啟的檔案時1 = When device is locked and there are open files
2 = 在裝置重新啟動後2 = After device restart
3 = 使用裝置設定3 = Use device settings
區段 :資料保護Section : Data Protection
設定 :加密組織資料Setting : Encrypt org data
FileSharingSaveAsDisabledFileSharingSaveAsDisabled 0 = 允許0 = Allow
1 = 封鎖1 = Block
區段 :資料保護Section : Data Protection
設定 :儲存組織資料的複本Setting : Save copies of org data
IntuneIdentityUPNIntuneIdentityUPN Intune MAM 使用者的 UPNUPN of the Intune MAM user N/AN/A
ManagedBrowserRequiredManagedBrowserRequired 0 = False0 = False
1 = True1 = True
區段 :資料保護Section : Data Protection
設定 :限制與其他應用程式的 Web 內容傳輸Setting : Restrict web content transfer with other apps
ManagedLocationsManagedLocations 代表應用程式可儲存檔案的受管理儲存位置數量的值。A value that represents the number of managed storage locations to which the app can save data.
1 = OneDrive1 = OneDrive
2 = SharePoint2 = SharePoint
3 = OneDrive 和 SharePoint3 = OneDrive and SharePoint
32 = 本機儲存體32 = Local Storage
33 = 本機儲存體和 OneDrive33 = Local Storage & OneDrive
34 = 本機儲存體和 SharePoint34 = Local Storage & SharePoint
35 = 本機儲存體、OneDrive 和 SharePoint35 = Local Storage, OneDrive, and SharePoint
區段 :資料保護Section : Data Protection
設定 :允許使用者將複本儲存到選取的服務Setting : Allow user to save copies to selected services
MinAppVersionMinAppVersion "0.0" = 沒有最低的應用程式版本"0.0" = no minimum app version
任何其他值 = 最低的應用程式版本anything else = minimum app version
區段 :條件式啟動Section : Conditional launch
設定 :使用動作「封鎖存取」的最低應用程式版本Setting : Min app version with action Block access
MinAppVersionWarningMinAppVersionWarning "0.0" = 沒有最低的應用程式版本。"0.0" = no minimum app version.
任何其他值 = 最低的應用程式版本anything else = minimum app version
區段 :條件式啟動Section : Conditional launch
設定 :使用動作「警告」的最低應用程式版本Setting : Min app version with action Warn
MinAppVersionWipeMinAppVersionWipe "0.0" = 沒有最低的 OS 版本"0.0" = no minimum OS version
任何其他值 = 最低的 OS 版本anything else = minimum OS version
區段 :條件式啟動Section : Conditional launch
設定 :使用動作「抹除資料」的最低應用程式版本Setting : Min app version with action Wipe data
MinOsVersionMinOsVersion "0.0" = 沒有最低的 OS 版本"0.0" = no minimum OS version
任何其他值 = 最低的 OS 版本anything else = minimum OS version
區段 :條件式啟動Section : Conditional launch
設定 :使用動作「封鎖存取」的最低 OS 版本Setting : Min OS version with action Block access
MinOsVersionWarningMinOsVersionWarning "0.0" = 沒有最低的 OS 版本"0.0" = no minimum OS version
任何其他值 = 最低的 OS 版本anything else = minimum OS version
區段 :條件式啟動Section : Conditional launch
設定 :使用動作「警告」的最低 OS 版本Setting : Min OS version with action Warn
MinOsVersionWipeMinOsVersionWipe "0.0" = 沒有最低的 OS 版本"0.0" = no minimum OS version
任何其他值 = 最低的 OS 版本anything else = minimum OS version
區段 :條件式啟動Section : Conditional launch
設定 :使用動作「抹除資料」的最低 OS 版本Setting : Min OS version with action Wipe data
MinSDKVersionMinSDKVersion "0.0" = 沒有最低的 SDK 版本"0.0" = no minimum SDK version
任何其他值 = 最低的 OS 版本anything else = minimum OS version
區段 :條件式啟動Section : Conditional launch
設定 :使用動作「封鎖存取」的最低 SDK 版本Setting : Min SDK version with action Block access
MinSDKVersionWipeMinSDKVersionWipe "0.0" = 沒有最低的 SDK 版本"0.0" = no minimum SDK version
任何其他值 = 最低的 OS 版本anything else = minimum OS version
區段 :條件式啟動Section : Conditional launch
設定 :使用動作「封鎖存取」的最低 SDK 版本Setting : Min SDK version with action Block access
NotificationRestrictionNotificationRestriction 0 = 允許0 = Allow
1 = 封鎖組織資料1 = Block Org Data
2 = 封鎖2 = Block
區段 :資料保護Section : Data Protection
設定 :組織資料通知Setting : Org data notifications
PINCharacterTypePINCharacterType 0 = 密碼0 = Passcode
1= 數字1 = Numeric
區段 :存取需求Section : Access requirements
設定 :PIN 類型Setting : Pin type
PINEnabledPINEnabled 0 = 不需要0 = Not required
1 = 需要1 = Require
區段 :存取需求Section : Access requirements
設定 :使用 PIN 進行存取Setting : PIN for access
PINMinLengthPINMinLength x 個字元x characters 區段 :存取需求Section : Access requirements
設定 :選取 PIN 長度下限Setting : Select minimum PIN length
PINNumRetryPINNumRetry x 次嘗試x attempts 區段 :條件式啟動Section : Conditional launch
設定 :PIN 碼嘗試次數上限Setting : Max PIN attempts
MaxPinRetryExceededActionMaxPinRetryExceededAction 0 = 重設 PIN0 = Reset PIN
1 = 抹除資料1 = Wipe data
區段 :條件式啟動Section : Conditional launch
設定 :PIN 碼嘗試次數上限Setting : Max PIN attempts
PrintingBlockedPrintingBlocked 0 = 允許0 = Allow
1 = 封鎖1 = Block
區段 :資料保護Section : Data Protection
設定 :列印組織資料Setting : Printing org data
SimplePINAllowedSimplePINAllowed 0 = 封鎖0 = Block
1 = 允許1 = Allow
區段 :存取需求Section : Access requirements
設定 :簡單的 PINSetting : Simple PIN
TouchIDEnabledTouchIDEnabled 0 = 封鎖0 = Block
1 = 允許1 = Allow
區段 :存取需求Section : Access requirements
設定 :以 Touch ID 而非 PIN 進行存取 (iOS 8+/iPadOS)Setting : Touch ID instead of PIN for access (iOS 8+/iPadOS)
ThirdPartyKeyboardsBlockedThirdPartyKeyboardsBlocked 0 = 允許0 = Allow
1 = 封鎖1 = Block
區段 :資料保護Section : Data Protection
設定 :協力廠商鍵盤Setting : Third party keyboards
FaceIDEnabledFaceIDEnabled 0 = 封鎖0 = Block
1 = 允許1 = Allow
區段 :存取需求Section : Access requirements
設定 :以 Face ID 而非 PIN 進行存取 (iOS 11+/iPadOS)Setting : Face ID instead of PIN for access (iOS 11+/iPadOS)
PINExpiryDaysPINExpiryDays x 個字元x characters 區段 :存取需求Section : Access requirements
設定 :在數天後重設 PIN > 天數Setting : PIN reset after number of days > Number of days
NonBioPassTimeOutRequiredNonBioPassTimeOutRequired 0 = 不需要0 = Not required
1 = 需要1 = Require
區段 :存取需求Section : Access requirements
設定 :逾時後以 PIN 覆寫 Touch IDSetting : Override Touch ID with PIN after timeout
NonBioPassTimeOutNonBioPassTimeOut x 分鐘x minutes 區段 :存取需求Section : Access requirements
設定 :逾時後以 PIN 覆寫 Touch ID > 逾時 (非使用狀態分鐘數)Setting : Override Touch ID with PIN after timeout > Timeout (minutes of inactivity)
DictationBlockedDictationBlocked 0 = 允許0 = Allow
1 = 封鎖1 = Block
沒有此設定的管理控制。No administration control for this setting.
OfflineWipeIntervalOfflineWipeInterval x 天x days 注意 :沒有此設定的管理控制。Note : No admin control for this setting.
ProtocolExclusionsProtocolExclusions 0 = 允許0 = Allow
1 = 封鎖1 = Block
區段 :資料保護Section : Data Protection
設定 :選取要豁免的應用程式Setting : Select apps to exempt
EnableOpenInFilterEnableOpenInFilter 0 = 停用0 = Disabled
1 = 啟用1 = Enabled
區段 :資料保護Section : Data Protection
設定 :[將組織資料傳送到其他應用程式] > [具 Open-In/Share 篩選且受原則管理的應用程式]Setting : Send Org data to other apps > Policy managed apps with Open-In/Share filtering
MinimumRequiredDeviceThreatProtectionLevelMinimumRequiredDeviceThreatProtectionLevel 0 = 未設定0 = Not configured
1 = 安全1 = Secured
2 = 低2 = Low
3 = 中等3 = Medium
4 = 高4 = High
區段 :條件式啟動Section : Conditional launch
設定 :允許的裝置威脅等級上限Setting : Max allowed device threat level
MobileThreatDefenseRemediationActionMobileThreatDefenseRemediationAction 0 = 封鎖存取0 = Block access
1 = 抹除資料1 = Wipe data
區段 :存取需求Section : Access requirements
設定 :[允許的裝置威脅等級上限] 動作)Setting : Max allowed device threat level action)
AllowedIOSModelsElseBlockAllowedIOSModelsElseBlock x 個字元x characters 區段 :條件式啟動Section : Conditional launch
設定 :具有動作「允許指定的 (封鎖非特定的)」的裝置型號Setting : Device model(s) with action Allow specified (Block non-specific)
AllowedIOSModelsElseWipeAllowedIOSModelsElseWipe x 個字元x characters 區段 :條件式啟動Section : Conditional launch
設定 :具有動作「允許指定的 (抹除非特定的)」的裝置型號Setting : Device model(s) with action Allow specified (Wipe non-specific)
ProtectAllIncomingUnknownSourceDataProtectAllIncomingUnknownSourceData N/AN/A 注意 :未主動由 Intune 服務使用。Note : Not actively used by Intune service.

Android 應用程式防護原則設定Android App protection policy settings

NameName 值詳細資料Value details Microsoft Endpoint Manager 應用程式保護原則中的設定Setting in Microsoft Endpoint Manager App Protection Policy
AccessRecheckOfflineTimeoutAccessRecheckOfflineTimeout x 分鐘x minutes 區段 :條件式啟動Section : Conditional Launch
設定 :使用動作「封鎖存取」的離線寬限期 (分鐘)Setting : Offline grace period with action Block access (minutes)
AccessRecheckOnlineTimeoutAccessRecheckOnlineTimeout x 分鐘x minutes 區段 :存取需求Section : Access requirements
設定 :重新檢查存取需求前的經過時間 (非使用中狀態分鐘數)Setting : Recheck the access requirements after (minutes of inactivity)
AppPinDisabledAppPinDisabled true = 需要true = Require
false = 不需要false = Not required
區段 :存取需求Section : Access requirements
設定 :在設定裝置 PIN 時要求應用程式 PINSetting : App PIN when device PIN is set
AllowedAndroidManufacturersElseBlockAllowedAndroidManufacturersElseBlock 如果未設定,則為空白;否則為允許的製造商清單Empty if not set, otherwise list of allowed manufacturers 區段 :條件式啟動Section : Conditional launch
設定 :使用動作「允許指定 (封鎖非指定)」的裝置製造商Setting : Device manufacturers with action Allow specified (Block non-specified)
AllowedAndroidManufacturersElseWipeAllowedAndroidManufacturersElseWipe 如果未設定,則為空白;否則為允許的製造商清單Empty if not set, otherwise list of allowed manufacturers 區段 :條件式啟動Section : Conditional launch
設定 :使用動作「允許指定 (抹除非指定)」的裝置製造商Setting : Device manufacturers with action Allow specified (Wipe non-specified)
AllowedAndroidModelsElseBlockAllowedAndroidModelsElseBlock 如果未設定,則為空白;否則為允許的型號Empty if not set, otherwise list of allowed models 沒有此設定的管理控制。No administration control for this setting.
AllowedAndroidModelsElseWipeAllowedAndroidModelsElseWipe 如果未設定,則為空白;否則為允許的型號Empty if not set, otherwise list of allowed models 沒有此設定的管理控制。No administration control for this setting.
AndroidSafetyNetDeviceAttestationEnforcementAndroidSafetyNetDeviceAttestationEnforcement NOT_REQUIRED = 未設定NOT_REQUIRED = not set
BASIC_INTEGRITY = 基本完整性BASIC_INTEGRITY = Basic Integrity
BASIC_INTEGRITY_AND_DEVICE_CERTIFICATION = 基本完整性和經認證的裝置BASIC_INTEGRITY_AND_DEVICE_CERTIFICATION = Basic Integrity and certified devices
區段 :條件式啟動Section : Conditional launch
設定 :SafetyNet 裝置證明Setting : SafetyNet device attestation
AndroidSafetyNetDeviceAttestationFailedActionAndroidSafetyNetDeviceAttestationFailedAction BLOCK = 封鎖存取BLOCK = Block access
WARN = 警告WARN = Warn
WIPE_DATA = 抹除資料WIPE_DATA = Wipe Data
區段 :條件式啟動Section : Conditional launch
設定 :SafetyNet 裝置證明Setting : SafetyNet device attestation
AndroidSafetyNetVerifyAppsEnforcementTypeAndroidSafetyNetVerifyAppsEnforcementType NOT_REQUIRED = 未設定NOT_REQUIRED = not set
REQUIRE_ENABLED = 已設定REQUIRE_ENABLED = configured
區段 :條件式啟動Section : Conditional launch
設定 :需要對應用程式進行威脅掃描Setting : Require threat scan on apps
AndroidSafetyNetVerifyAppsFailedActionAndroidSafetyNetVerifyAppsFailedAction BLOCK = 封鎖存取BLOCK = Block access
WARN = 警告WARN = Warn
區段 :條件式啟動Section : Conditional launch
設定 :需要對應用程式進行威脅掃描Setting : Require threat scan on apps
AppSharingFromLevelAppSharingFromLevel BLOCKED = 無BLOCKED = None
MANAGED = 原則受控應用程式MANAGED = Policy Managed apps
UNRESTRICTED = 所有應用程式UNRESTRICTED = All apps
區段 :資料保護Section : Data Protection
設定 :接收其他應用程式的資料Setting : Receive data from other apps
AppSharingToLevelAppSharingToLevel BLOCKED = 無BLOCKED = None
MANAGED = 原則受控應用程式MANAGED = Policy Managed apps
UNRESTRICTED = 所有應用程式UNRESTRICTED = All app
區段 :資料保護Section : Data Protection
設定 :將組織資料傳送到其他應用程式Setting : Send org data to other apps
AuthenticationEnabledAuthenticationEnabled false = 不需要false = Not required
true = 需要true = Require
區段 :存取需求Section : Access requirements
設定 :公司或學校帳戶認證以進行存取Setting : Work or school account credentials for access
BlockScreenCaptureBlockScreenCapture false = 允許false = Allow
true = 封鎖true = Block
區段 :資料保護Section : Data Protection
設定 :螢幕擷取和 Google 助理Setting : Screen capture and Google Assistant
ClipboardCharacterExceptionLengthClipboardCharacterExceptionLength x 個字元x characters 區段 :資料保護Section : Data protection
設定 :所有應用程式的剪下及複製字元限制Setting : Cut and copy character limit for any app
ClipboardSharingLevelClipboardSharingLevel BLOCKED = 已封鎖BLOCKED = Blocked
MANAGED = 原則受控應用程式MANAGED = Policy managed apps
MANAGED_PASTE_IN = 可貼上的原則受控應用程式MANAGED_PASTE_IN = Policy managed apps with paste in
UNMANAGED = 任何應用程式UNMANAGED = Any app
區段 :資料保護Section : Data Protection
設定 :禁止在不同的應用程式之間進行剪下、複製及貼上Setting : Restrict cut, copy, and paste between other apps
ConditionalEncryptionEnabledConditionalEncryptionEnabled false = 需要false = Require
true = 不需要true = Not required
區段 :資料保護Section : Data Protection
設定 :加密已註冊裝置上的組織資料Setting : Encrypt org data on enrolled devices
ContactSyncDisabledContactSyncDisabled false = 允許false = Allow
true = 封鎖true = Block
區段 :資料保護Section : Data Protection
設定 :與原生連絡人應用程式同步應用程式Setting : Sync app with native contacts app
DataBackupDisabledDataBackupDisabled false = 允許false = Allow
true = 封鎖true = Block
區段 :資料保護Section : Data Protection
設定 :禁止備份Setting : Prevent backups
DeviceComplianceEnabledDeviceComplianceEnabled false = Falsefalse = False
true = Truetrue = True
區段 :條件式啟動Section : Conditional Launch
設定 :已進行 JB 或 Root 破解的裝置Setting : Jailbroken/rooted devices
DeviceComplianceFailureActionDeviceComplianceFailureAction BLOCK = 封鎖存取BLOCK = Block acess
WIPE_DATA = 抹除資料WIPE_DATA = Wipe data
區段 :條件式啟動Section : Conditional Launch
設定 :已進行 JB 或 Root 破解的裝置Setting : Jailbroken/rooted devices
DialerRestrictionLevelDialerRestrictionLevel 0 = 無,不在應用程式之間傳送此資料0 = None, do not transfer this data between apps
1 = 特定的撥號應用程式1 = A specific dialer app
2 = 任一原則受控撥號應用程式2 = Any policy-managed dialer app
3 = 任一撥號應用程式3 = Any dialer app
區段 :資料保護Section : Data Protection
設定 :將電信資料傳送至Setting : Transfer telecommunication data to
DictationBlockedDictationBlocked false = 允許false = Allow
true = 封鎖true = Block
沒有此設定的管理控制。No administration control for this setting.
FileEncryptionKeyLengthFileEncryptionKeyLength 128128
256256
沒有此設定的管理控制。No administration control for this setting.
FileSharingSaveAsDisabledFileSharingSaveAsDisabled false = 允許false = Allow
true = 封鎖true = Block
區段 :資料保護Section : Data Protection
設定 :儲存組織資料的複本Setting : Save copies of org data
IntuneMAMPolicyVersionIntuneMAMPolicyVersion 版本號碼version number N/AN/A
isManagedisManaged truetrue
falsefalse
N/AN/A
KeyboardsRestrictedKeyboardsRestricted true = 需要true = Required
false = 不需要false = Not required
區段 :資料保護Section : Data Protection
設定 :核准的鍵盤Setting : Approved keyboards
ManagedBrowserRequiredManagedBrowserRequired true = Microsoft Edge 或非受控瀏覽器true = Microsoft Edge or Unmanaged browser
false = 任何應用程式false = Any app
區段 :資料保護Section : Data Protection
設定 :限制對其他應用程式的 Web 內容傳輸。Setting : Restrict web content transfer to other apps app.
ManagedLocationsManagedLocations 此值代表應用程式可儲存資料的受控儲存位置數量 (以分號分隔)。A value that represents the number of managed storage locations to which the app can save data, separated by a semi-colon.
ONEDRIVE_FOR_BUSINESSONEDRIVE_FOR_BUSINESS
SHAREPOINTSHAREPOINT
LOCALLOCAL
區段 :資料保護Section : Data Protection
設定 :允許使用者將複本儲存到選取的服務Setting : Allow user to save copies to selected services
MaxPinRetryExceededActionMaxPinRetryExceededAction RESET_PIN = 重設 PINRESET_PIN = Reset PIN
WIPE_DATA = 抹除資料WIPE_DATA = Wipe data
區段 :條件式啟動Section : Conditional launch
設定 :PIN 碼嘗試次數上限Setting : Max PIN attempts
MinAppVersionMinAppVersion "0.0" = 沒有最低的應用程式版本"0.0" = no minimum app version
任何其他值 = 最低的應用程式版本anything else = minimum app version
區段 :條件式啟動Section : Conditional launch
設定 :使用動作「封鎖存取」的最低應用程式版本Setting : Min app version with action Block access
MinAppVersionWarningMinAppVersionWarning "0.0" = 沒有最低的應用程式版本。"0.0" = no minimum app version.
任何其他值 = 最低的應用程式版本anything else = minimum app version
區段 :條件式啟動Section : Conditional launch
設定 :使用動作「警告」的最低應用程式版本Setting : Min app version with action Warn
MinAppVersionWipeMinAppVersionWipe "0.0" = 沒有最低的 OS 版本"0.0" = no minimum OS version
任何其他值 = 最低的 OS 版本anything else = minimum OS version
區段 :條件式啟動Section : Conditional launch
設定 :使用動作「抹除資料」的最低應用程式版本Setting : Min app version with action Wipe data
MinOsVersionMinOsVersion "0.0" = 沒有最低的 OS 版本"0.0" = no minimum OS version
任何其他值 = 最低的 OS 版本anything else = minimum OS version
區段 :條件式啟動Section : Conditional launch
設定 :使用動作「封鎖存取」的最低 OS 版本Setting : Min OS version with action Block access
MinOsVersionWarningMinOsVersionWarning "0.0" = 沒有最低的 OS 版本"0.0" = no minimum OS version
任何其他值 = 最低的 OS 版本anything else = minimum OS version
區段 :條件式啟動Section : Conditional launch
設定 :使用動作「警告」的最低 OS 版本Setting : Min OS version with action Warn
MinOsVersionWipeMinOsVersionWipe "0.0" = 沒有最低的 OS 版本"0.0" = no minimum OS version
任何其他值 = 最低的 OS 版本anything else = minimum OS version
區段 :條件式啟動Section : Conditional launch
設定 :使用動作「抹除資料」的最低 OS 版本Setting : Min OS version with action Wipe data
MinPatchVersionMinPatchVersion "0000-00-00" = 沒有最低的修補程式版本"0000-00-00" = no minimum Patch version
任何其他值 = 最低的修補程式版本anything else = minimum Patch version
區段 :條件式啟動Section : Conditional launch
設定 :使用動作「封鎖存取」的最低修補程式版本Setting : Min Patch version with action Block access
MinPatchVersionWarningMinPatchVersionWarning "0000-00-00" = 沒有最低的修補程式版本"0000-00-00" = no minimum Patch version
任何其他值 = 最低的修補程式版本anything else = minimum Patch version
區段 :條件式啟動Section : Conditional launch
設定 :使用動作「警告」的最低修補程式版本Setting : Min Patch version with action Warn
MinPatchVersionWipeMinPatchVersionWipe "0000-00-00" = 沒有最低修補程式版本"0000-00-00" = no minimum Patch version
任何其他值 = 最低修補程式版本anything else = minimum Patch version
區段 :條件式啟動Section : Conditional launch
設定 :使用動作「抹除資料」的最低修補程式版本Setting : Min Patch version with action Wipe data
MinimumRequiredCompanyPortalVersionMinimumRequiredCompanyPortalVersion "0.0" = 沒有最低公司入口網站版本"0.0" = no minimum Company Portal version
任何其他值 = 最低公司入口網站版本anything else = minimum Company Portal version
區段 :條件式啟動Section : Conditional launch
設定 :使用動作「封鎖存取」的最低公司入口網站版本Setting : Min Company Portal version with action Block access
MinimumRequiredDeviceThreatProtectionLevelMinimumRequiredDeviceThreatProtectionLevel NOT_SET = 未在原則中定義NOT_SET = not defined in the policy
SECURED = 安全SECURED = Secured
LOW = 低LOW = Low
MEDIUM = 中MEDIUM = Medium
HIGH = 高HIGH = High
區段 :條件式啟動Section : Conditional launch
設定 :允許的裝置威脅等級上限Setting : Max allowed device threat level
MinimumWarningCompanyPortalVersionMinimumWarningCompanyPortalVersion "0.0" = 沒有最低公司入口網站版本"0.0" = no minimum Company Portal version
任何其他值 = 最低公司入口網站版本anything else = minimum Company Portal version
區段 :條件式啟動Section : Conditional launch
設定 :使用動作「警告」的最低公司入口網站版本Setting : Min Company Portal version with action Warn
MinimumWipeCompanyPortalVersionMinimumWipeCompanyPortalVersion "0.0" = 沒有最低公司入口網站版本"0.0" = no minimum Company Portal version
任何其他值 = 最低公司入口網站版本anything else = minimum Company Portal version
區段 :條件式啟動Section : Conditional launch
設定 :使用動作「抹除資料」的最低公司入口網站版本Setting : Min Company Portal version with action Wipe data
MobileThreatDefenseRemediationActionMobileThreatDefenseRemediationAction BLOCK = 封鎖存取BLOCK = Block Access
WIPE_DATA = 抹除資料WIPE_DATA = Wipe data
區段 :條件式啟動Section : Conditional launch
設定 :允許的裝置威脅等級上限Setting : Max allowed device threat level
NonBioPassTimeOutNonBioPassTimeOut x 分鐘x minutes 區段 :存取需求Section : Access requirements
設定 :逾時後以 PIN 覆寫指紋 > 逾時 (非使用狀態分鐘數)Setting : Override fingerprint with PIN after timeout > Timeout (minutes of inactivity)
NonBioPassTimeOutRequiredNonBioPassTimeOutRequired false = 不需要false = Not required
true = 需要true = Require
區段 :存取需求Section : Access requirements
設定 :逾時後以 PIN 覆寫指紋Setting : Override fingerprint with PIN after timeout
NotificationRestrictionNotificationRestriction UNRESTRICTED = 允許UNRESTRICTED = Allow
BLOCK_ORG_DATA = 封鎖組織資料BLOCK_ORG_DATA = Block Org Data
BLOCK = 封鎖BLOCK = Block
區段 :資料保護Section : Data Protection
設定 :組織資料通知Setting : Org data notifications
PINCharacterTypePINCharacterType PASSCODE = 密碼PASSCODE = Passcode
NUMERIC = 數值NUMERIC = Numeric
區段 :存取需求Section : Access requirements
設定 :PIN 類型Setting : Pin type
PINEnabledPINEnabled false = 不需要false = Not required
true = 需要true = Require
區段 :存取需求Section : Access requirements
設定 :使用 PIN 進行存取Setting : PIN for access
PINMinLengthPINMinLength x 個字元x characters 區段 :存取需求Section : Access requirements
設定 :選取 PIN 長度下限Setting : Select minimum PIN length
PINNumRetryPINNumRetry x 次嘗試x attempts 區段 :條件式啟動Section : Conditional launch
設定 :PIN 碼嘗試次數上限Setting : Max PIN attempts
PackageExclusionsPackageExclusions 如果未設定套件組合識別碼,則為空白;否則為以分號分隔的套件組合識別碼Empty if no bundle IDs are configured, otherwise bundle IDs separated by a semi-colon 區段 :資料保護Section : Data protection
設定 :選取要豁免的應用程式Setting : Select apps to exempt
PinHistoryLengthPinHistoryLength 要維護的 x 個 PIN 值x PIN values to maintain 區段 :存取需求Section : Access requirements
設定 :選取要維護的先前 PIN 值數目Setting : Select number of previous PIN values to maintain
PolicyCountPolicyCount 數目number N/AN/A
PrintingBlockedPrintingBlocked false = 允許false = Allow
true = 封鎖true = Block
區段 :資料保護Section : Data Protection
設定 :列印組織資料Setting : Printing org data
RequireFileEncryptionRequireFileEncryption false = 不需要false = Not required
true = 需要true = Require
區段 :資料保護Section : Data Protection
設定 :加密組織資料Setting : Encrypt org data
SimplePINAllowedSimplePINAllowed false = 封鎖false = Block
true = 允許true = Allow
區段 :存取需求Section : Access requirements
設定 :簡單的 PINSetting : Simple PIN
SpecificDialerDisplayNameSpecificDialerDisplayName 撥號應用程式名稱Dialer app name 區段 :資料保護Section : Data Protection
設定 :撥號應用程式名稱Setting : Dialer app name
SpecificDialerPackageIDSpecificDialerPackageID 撥號應用程式套件組合識別碼Dialer app bundle ID 區段 :資料保護Section : Data Protection
設定 :撥號應用程式套件識別碼Setting : Dialer App Package ID
TouchIDEnabledTouchIDEnabled false = 封鎖false = Block
true = 允許true = Allow
區段 :存取需求Section : Access requirements
設定 :指紋而非 PIN 以進行存取 (Android 6.0+)Setting : Fingerprint instead of PIN for access (Android 6.0+)
ThirdPartyKeyboardsBlockedThirdPartyKeyboardsBlocked 0 = 允許0 = Allow
1 = 封鎖1 = Block
區段 :資料保護Section : Data Protection
設定 :協力廠商鍵盤Setting : Third party keyboards
FaceIDEnabledFaceIDEnabled 0 = 封鎖0 = Block
1 = 允許1 = Allow
區段 :存取需求Section : Access requirements
設定 :以 Face ID 而非 PIN 進行存取 (iOS 11+/iPadOS)Setting : Face ID instead of PIN for access (iOS 11+/iPadOS)
PINExpiryDaysPINExpiryDays x 個字元x characters 區段 :存取需求Section : Access requirements
設定 :在數天後重設 PIN > 天數Setting : PIN reset after number of days > Number of days
UnmanagedBrowserDisplayNameUnmanagedBrowserDisplayName 非受控網頁瀏覽器顯示名稱Unmanaged web browser display name 區段 :資料保護Section : Data protection
設定 :非受控瀏覽器名稱Setting : Unmanaged Browser name
UnmanagedBrowserPackageIDUnmanagedBrowserPackageID 非受控網頁瀏覽器套件識別碼Unmanaged web browser package ID 區段 :資料保護Section : Data protection
設定 :非受控瀏覽器識別碼Setting : Unmanaged Browser ID

後續步驟Next steps