驗證 Android 或 iOS 裝置上的應用程式保護設定Validate app protection settings on Android or iOS devices

依照下列各節中的指示驗證 Android 或 iOS 裝置上的應用程式保護設定。Follow the instructions in the following sections to validate app protection settings on Android or iOS devices.

AndroidAndroid

檢查使用者裝置上的應用程式保護設定是否正常運作Check that the app protection settings are working on user devices

在您設定 Android 裝置的 App 設定以保護 App 後,可以按照這些步驟驗證您選擇的設定是否可正常運作。After you set app configurations for Android devices to protect the apps, you can follow these steps to validate that the settings you chose work.

首先,請確定原則套用至您要驗證的應用程式。First, make sure that the policy applies to the app in which you're going to validate it.

  1. 在 Microsoft 365 商務版系統管理中心中,移至 [原則] [ > 編輯原則]。In the Microsoft 365 Business Premium admin center, go to Policies > Edit policy.

  2. 針對您在安裝時所建立的設定,選擇 [ Android 應用程式原則],或選擇您建立的其他原則,然後驗證它是否強制適用于 Outlook,例如。Choose Application policy for Android for the settings you created at setup, or another policy you created, and verify that it's enforced for Outlook, for example.

    Shows all the apps for which this policy protects files.

檢查 [需要 PIN 或指紋才能存取 Office App] 設定Validate Require a PIN or a fingerprint to access Office apps

在 [編輯原則] 窗格中,選擇 [ Office 檔存取控制] 旁的 [編輯],然後展開 [管理使用者如何存取行動裝置上的 OFFICE檔案],並確定需要 PIN 或指紋才能存取 office 應用程式設定為 [開啟]。In the Edit policy pane, choose Edit next to Office documents access control, expand Manage how users access Office files on mobile devices, and make sure that Require a PIN or fingerprint to access Office apps is set to On.

確定 [需要存取 Office 應用程式的 PIN 或指紋] 設定為 [開啟]。

  1. 在使用者的 Android 裝置中,開啟 Outlook 並以使用者的 Microsoft 365 商務版認證來登入。In the user's Android device, open Outlook and sign in with the user's Microsoft 365 Business Premium credentials.

  2. 系統也會提示您輸入 PIN 或使用指紋。You'll also be prompted to enter a PIN or use a fingerprint.

    Enter a PIN on your Android device to access Office apps.

驗證 [嘗試失敗幾次之後重設 PIN ] 設定Validate Reset PIN after number of failed attempts

在 [編輯原則] 窗格中,選擇 [ Office 檔存取控制] 旁的 [編輯],然後展開 [管理使用者如何存取行動裝置上的 Office檔案],並確定在 [失敗嘗試次數] 設定為 [一定數目]後重設 PIN 碼In the Edit policy pane, choose Edit next to Office documents access control, expand Manage how users access Office files on mobile devices, and make sure that Reset PIN after number of failed attempts is set to some number. 預設為5。This is 5 by default.

  1. 在使用者的 Android 裝置中,開啟 Outlook 並以使用者的 Microsoft 365 商務版認證來登入。In the user's Android device, open Outlook and sign in with the user's Microsoft 365 Business Premium credentials.

  2. 根據原則指定的次數重複輸入不正確的 PIN。Enter an incorrect PIN as many times as specified by the policy. 您會看到一則提示,指出已接通 Pin 嘗試限制以重設 pin 碼。You'll see a prompt that states PIN Attempt Limit Reached to reset the PIN.

    After too many incorrect PIN attempts, you need to reset your PIN.

  3. 按下 [重設 PIN]。Press Reset PIN. 系統會提示您使用使用者的 Microsoft 365 商務版認證來登入,並必須設定新的 PIN 碼。You'll be prompted to sign in with the user's Microsoft 365 Business Premium credentials, and then required to set a new PIN.

驗證 [強制使用者將所有工作檔案儲存到商務用 OneDrive] 設定Validate Force users to save all work files to OneDrive for Business

在 [編輯原則] 窗格中,選擇 [針對遺失或被盜的裝置加以防護] 旁邊的 [編輯],然後在裝置遺失或遭竊時展開 [保護工作檔],並確定 [強制使用者將所有工作檔案儲存至 OneDrive 的商務檔案] 設定為 [開啟]。In the Edit policy pane, choose Edit next to Protection against lost or stolen devices, expand Protect work files when devices are lost or stolen, and make sure that Force users to save all work files to OneDrive for Business is set to On.

Verify that Force users to save all work files to OneDrive for Business is set to On.

  1. 在使用者的 Android 裝置中,開啟 Outlook 並以使用者的 Microsoft 365 商務版認證認證登入,並視需要輸入 PIN 碼。In the user's Android device, open Outlook and sign in with the user's Microsoft 365 Business Premium credentials, and enter a PIN if requested.

  2. 開啟包含附件的電子郵件,然後點選附件資訊旁邊的向下箭號圖示。Open an email that contains an attachment and tap the down arrow icon next to the attachment's information.

    Tap the down arrow next to an attachment to try to save it.

    您將會看到畫面底部無法儲存至裝置You'll see Cannot save to device on the bottom of the screen.

    Warning text that indicates cannot save a file locally to an Android.

    注意

    目前 Android 裝置無法儲存到商務用 OneDrive,因此您只會看到本機儲存已遭到封鎖。Saving to OneDrive for Business is not enabled for Android at this time, so you can only see that saving locally is blocked.

驗證 [Office App 閒置這段時間之後要求使用者重新登入] 設定Validate Require user to sign in again if Office apps have been idle for a specified time

在 [編輯原則] 窗格中,選擇 [ Office 檔存取控制] 旁的 [編輯],然後展開 [管理使用者存取行動裝置上的 Office檔案的方式],並確定 [要求使用者在 Office app 閒置閒置後再次登入] 設定為數分鐘。In the Edit policy pane, choose Edit next to Office documents access control, expand Manage how users access Office files on mobile devices, and make sure that Require users to sign in again after Office apps have been idle for is set to some number of minutes. 預設為30分鐘。This is 30 minutes by default.

  1. 在使用者的 Android 裝置中,開啟 Outlook 並以使用者的 Microsoft 365 商務版認證認證登入,並視需要輸入 PIN 碼。In the user's Android device, open Outlook and sign in with the user's Microsoft 365 Business Premium credentials, and enter a PIN if requested.

  2. 現在,您應該會看到 Outlook 的收件匣。請不要觸控 Android 裝置至少 30 分鐘 (或是其他比您在原則中指定的時間還要久的時間長度)。裝置畫面會變暗。You should now see Outlook's inbox. Let the Android device idle untouched for at least 30 minutes (or some other amount of time, longer than what you specified in the policy). The device will likely dim.

  3. 在 Android 裝置上重新存取 Outlook。Access Outlook on the Android device again.

  4. 系統會提示您輸入 PIN 碼,您才能再次存取 Outlook。You'll be prompted to enter your PIN before you can access Outlook again.

驗證 [使用加密保護工作檔案] 設定Validate Protect work files with encryption

在 [編輯原則] 窗格中,選擇 [針對遺失或被盜的裝置加以防護] 旁邊的 [編輯],然後在裝置遺失或遭盜時展開 [保護工作檔],並確定 [以加密方式保護工作檔] 設定為 [開啟],並且 [強制使用者將所有工作檔案儲存到商務用 OneDrive ] 設定為 [關閉]In the Edit policy pane, choose Edit next to Protection against lost or stolen devices, expand Protect work files when devices are lost or stolen, and make sure that Protect work files with encryption is set to On, and Force users to save all work files to OneDrive for Business is set to Off.

  1. 在使用者的 Android 裝置中,開啟 Outlook 並以使用者的 Microsoft 365 商務版認證認證登入,並視需要輸入 PIN 碼。In the user's Android device, open Outlook and sign in with the user's Microsoft 365 Business Premium credentials, and enter a PIN if requested.

  2. 開啟包含一些影像檔附件的電子郵件。Open an email that contains a few image file attachments.

  3. 點選附件資訊旁邊的向下箭號圖示以儲存附件。Tap the down arrow icon next to the attachment's info to save it.

    Tap the down arrow to save the figure file to the Android device.

  4. 系統可能會提示您允許 Outlook 存取裝置上的相片、媒體和檔案。You may be prompted to allow Outlook to access photos, media, and files on your device. 按 [允許]。Tap Allow.

  5. 在螢幕底部,選擇 [儲存至裝置],然後開啟圖庫應用程式。At the bottom of the screen, choose to Save to Device and then open the Gallery app.

  6. 您應該會在清單中看到一張經過加密的相片 (或數張相片,如果您儲存了多個影像檔案附件的話)。這張相片可能會在 [圖片] 清單中顯示為灰色的方形,中央有以白色圓圈包住的白色驚嘆號。You should see an encrypted photo (or more, if you saved multiple image file attachments) in the list. It may appear in the Pictures list as a gray square with a white exclamation point within a white circle in the center of the gray square.

    An encrypted image file in the Gallery app.

iOSiOS

檢查使用者裝置上的 App 保護設定是否可正常運作Check that the App protection settings are working on user devices

在您設定 iOS 裝置的 App 設定以保護 App 後,可以按照這些步驟驗證您選擇的設定是否可正常運作。After you set app configurations for iOS devices to protect apps, you can follow these steps to validate that the settings you chose work.

首先,請確定原則套用至您要驗證的應用程式。First, make sure that the policy applies to the app in which you're going to validate it.

  1. 在 Microsoft 365 商務版系統管理中心中,移至 [原則] [ > 編輯原則]。In the Microsoft 365 Business Premium admin center, go to Policies > Edit policy.

  2. 針對您在安裝程式所建立的設定,或您已建立的其他原則,選擇iOS 的應用程式原則,並確認已針對 Outlook 強制執行。Choose Application policy for iOS for the settings you created at setup, or another policy you created, and verify that it's enforced for Outlook for example.

    Shows all the apps for which this policy protects files.

驗證 [設定需要 PIN 才能存取 Office App] 設定Validate Require a PIN to access Office apps

在 [編輯原則] 窗格中,選擇 [ Office 檔存取控制] 旁的 [編輯],然後展開 [管理使用者如何存取行動裝置上的 OFFICE檔案],並確定需要 PIN 或指紋才能存取 office 應用程式設定為 [開啟]。In the Edit policy pane, choose Edit next to Office documents access control, expand Manage how users access Office files on mobile devices, and make sure that Require a PIN or fingerprint to access Office apps is set to On.

確定 [需要存取 Office 應用程式的 PIN 或指紋] 設定為 [開啟]。

  1. 在使用者的 iOS 裝置中,開啟 Outlook 並以使用者的 Microsoft 365 商務版認證登入。In the user's iOS device, open Outlook and sign in with the user's Microsoft 365 Business Premium credentials.

  2. 系統也會提示您輸入 PIN 或使用指紋。You'll also be prompted to enter a PIN or use a fingerprint.

    Enter a PIN on your IOS device to access Office apps.

驗證 [嘗試失敗幾次之後重設 PIN ] 設定Validate Reset PIN after number of failed attempts

在 [編輯原則] 窗格中,選擇 [ Office 檔存取控制] 旁的 [編輯],然後展開 [管理使用者如何存取行動裝置上的 Office檔案],並確定在 [失敗嘗試次數] 設定為 [一定數目]後重設 PIN 碼In the Edit policy pane, choose Edit next to Office documents access control, expand Manage how users access Office files on mobile devices, and make sure that Reset PIN after number of failed attempts is set to some number. 預設為5。This is 5 by default.

  1. 在使用者的 iOS 裝置中,開啟 Outlook 並以使用者的 Microsoft 365 商務版認證登入。In the user's iOS device, open Outlook and sign in with the user's Microsoft 365 Business Premium credentials.

  2. 根據原則指定的次數重複輸入不正確的 PIN。Enter an incorrect PIN as many times as specified by the policy. 您會看到一則提示,指出已接通 Pin 嘗試限制以重設 pin 碼。You'll see a prompt that states PIN Attempt Limit Reached to reset the PIN.

    After too many incorrect PIN attempts, you need to reset your PIN.

  3. [確定]Press OK. 系統會提示您使用使用者的 Microsoft 365 商務版認證來登入,並必須設定新的 PIN 碼。You'll be prompted to sign in with the user's Microsoft 365 Business Premium credentials, and then required to set a new PIN.

驗證 [強制使用者將所有工作檔案儲存到商務用 OneDrive] 設定Validate Force users to save all work files to OneDrive for Business

在 [編輯原則] 窗格中,選擇 [針對遺失或被盜的裝置加以防護] 旁邊的 [編輯],然後在裝置遺失或遭竊時展開 [保護工作檔],並確定 [強制使用者將所有工作檔案儲存至 OneDrive 的商務檔案] 設定為 [開啟]。In the Edit policy pane, choose Edit next to Protection against lost or stolen devices, expand Protect work files when devices are lost or stolen, and make sure that Force users to save all work files to OneDrive for Business is set to On.

Verify that Force users to save all work files to OneDrive for Business is set to On.

  1. 在使用者的 iOS 裝置中,開啟 Outlook 並以使用者的 Microsoft 365 商務版認證認證登入,並視需要輸入 PIN 碼。In the user's iOS device, open Outlook and sign in with the user's Microsoft 365 Business Premium credentials, and enter a PIN if requested.

  2. 開啟包含附件的電子郵件,開啟附件,然後選擇畫面底部的 [儲存]。Open an email that contains an attachment, open the attachment and choose Save on the bottom of the screen.

    Tap the Save option after you open an attachment to try to save it.

  3. 您應該只會看到一個適用於商務用 OneDrive 的選項。You should only see an option for OneDrive for Business. 如果不是,請點擊 [新增帳戶],然後從 [新增儲存帳戶] 畫面中,選取商務 OneDriveIf not, tap Add Account and select OneDrive for Business from the Add Storage Account screen. 當系統提示時,提供使用者的 Microsoft 365 商務版特優登入。Provide the end user's Microsoft 365 Business Premium to sign in when prompted.

    按一下 [儲存],然後選取 [商務 OneDrive]。Tap Save and select OneDrive for Business.

驗證 [Office App 閒置這段時間之後要求使用者重新登入] 設定Validate Require user to sign in again if Office apps have been idle for a specified time

在 [編輯原則] 窗格中,選擇 [ Office 檔存取控制] 旁的 [編輯],然後展開 [管理使用者存取行動裝置上的 Office檔案的方式],並確定 [要求使用者在 Office app 閒置閒置後再次登入] 設定為數分鐘。In the Edit policy pane, choose Edit next to Office documents access control, expand Manage how users access Office files on mobile devices, and make sure that Require users to sign in again after Office apps have been idle for is set to some number of minutes. 預設為30分鐘。This is 30 minutes by default.

  1. 在使用者的 iOS 裝置中,開啟 Outlook 並以使用者的 Microsoft 365 商務版認證認證登入,並視需要輸入 PIN 碼。In the user's iOS device, open Outlook and sign in with the user's Microsoft 365 Business Premium credentials, and enter a PIN if requested.

  2. 現在,您應該會看到 Outlook 的收件匣。請不要觸控 iOS 裝置至少 30 分鐘 (或是其他比您在原則中指定的時間還要久的時間長度)。裝置畫面會變暗。You should now see Outlook's inbox. Let the iOS device untouched for at least 30 minutes (or some other amount of time, longer than what you specified in the policy). The device will likely dim.

  3. 在 iOS 裝置上重新存取 Outlook。Access Outlook on the iOS device again.

  4. 系統會提示您輸入 PIN 碼,您才能再次存取 Outlook。You'll be prompted to enter your PIN before you can access Outlook again.

驗證 [使用加密保護工作檔案] 設定Validate Protect work files with encryption

在 [編輯原則] 窗格中,選擇 [針對遺失或被盜的裝置加以防護] 旁邊的 [編輯],然後在裝置遺失或遭盜時展開 [保護工作檔],並確定 [以加密方式保護工作檔] 設定為 [開啟],並且 [強制使用者將所有工作檔案儲存到商務用 OneDrive ] 設定為 [關閉]In the Edit policy pane, choose Edit next to Protection against lost or stolen devices, expand Protect work files when devices are lost or stolen, and make sure that Protect work files with encryption is set to On, and Force users to save all work files to OneDrive for Business is set to Off.

  1. 在使用者的 iOS 裝置中,開啟 Outlook 並以使用者的 Microsoft 365 商務版認證認證登入,並視需要輸入 PIN 碼。In the user's iOS device, open Outlook and sign in with the user's Microsoft 365 Business Premium credentials, and enter a PIN if requested.

  2. 開啟包含一些影像檔附件的電子郵件。Open an email that contains a few image file attachments.

  3. 點擊附件,然後點擊它底下的 [儲存] 選項。Tap the attachment and then tap the Save option under it.

  4. 從主畫面開啟相片應用程式。Open Photos app from the home screen. 您應該會看到一張經過加密的相片被儲存 (或數張相片,如果您儲存多個影像檔案附件的話)。You should see an encrypted photo (or more, if you saved multiple image file attachments) saved, but encrypted.