Forum Discussion

jarvis2020's avatar
jarvis2020
Brass Contributor
Jun 09, 2020

iOS application protection policy not working-SOLVED

iOS enrolled in Intune as personally owned device

 

Outlook Application configuration policy created:

 

Device enrollment type:Managed devices
Platform:iOS/iPadOS
Targeted app:Microsoft Outlook
Configure email account settings:Yes
Authentication type:ModernAuth
Username attribute from AAD:User Principal Name
Email address attribute from AAD:User Principal Name
Allow only work or school accounts:Enabled
Configuration key:IntuneMAMUPN
value type:string
Configuration value: {{UserprincipalName}}
 
Policy works fine, it detect email address correctly.
 
Office 365 applications are deployed by Intune (managed applications)
 
Created application protection policy for all Office365 applications to prevent paste to unamanaged application and save only to OneDrive/SharePoint
 
Target to apps on all device types:No
Device types:Managed
Public apps: Microsoft Excel
                    Microsoft Outlook
                    Microsoft Word
                    Microsoft OneNote
                    Microsoft SharePoint
                    Microsoft OneDrive
                    Microsoft Team
 
Prevent Backups: Block
Send org data to other apps:Policy Managed apps
Select apps to exempt:Default: tel;telprompt;skype;app-settings;calshow;itms;itmss;itms-apps;itms-appss;itms-services;
Save copies to org data:Block
Allow user to save copies to selected services:OneDrive for Business,Share Point
Receive data from other apps:Policy managed apps
Restrict cut,copy and paste between other apps:Policy managed apps with paste in
Cut and copy character limit for any app:0
 
 From any office apps i can paste to unmanaged apps and can save data on phone local storage
 
 
  • PKlapwijk  thanks, i just managed to solve it:

     

    Changed enrollment type to All and it started working

     

    Device enrollment type:All

     

    Thanks !

     

     

     

     

  • jarvis2020 Is the policy correctly applied to the apps? You can see this from Apps, Monitor, App protection status, report. Enter the username of the user and check if the policy is successfully applied to the iOS device. The app you`re testing should have a status of Compliant, checked in.

    • jarvis2020's avatar
      jarvis2020
      Brass Contributor

      PKlapwijk  thanks, i just managed to solve it:

       

      Changed enrollment type to All and it started working

       

      Device enrollment type:All

       

      Thanks !

       

       

       

       

Resources