cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

App protection policy not applying

Julian12
Brass Contributor

‎Mar 03 2021 03:37 PM

‎Mar 03 2021 03:37 PM

App protection policy not applying

Hi,

I'm trying to configure an iOS app protection policy for a client but I'm failing to get it applied on a iPhone XR with a fully licensed user.

I deployed the app config policy with the IntuneMAMUPN key, currently only testing with the Outlook app, which is set as required in the portal. I reseted my phone, even created an Itunes account with my company test mail address, after configuring my phoen for the first time I installed the Intune portal App a go through the device registration process.

My phone gets an compliant status, marked as personally, even if changed to company owned no change until now, Outlook config policy is applied but not the protection policy.

When I check the monitor view I get the warning "This user is blocked by user-level wipe." and I can't find article about this error^^

Can anyone give me a hint to solve this nasty issue?
Thanks.

4,582 Views
1 Like
5 Replies
Reply
5 Replies
Alo Press

‎Mar 03 2021 09:49 PM - edited ‎Mar 03 2021 09:52 PM

‎Mar 03 2021 09:49 PM - edited ‎Mar 03 2021 09:52 PM

Re: App protection policy not applying

Hi @Julian12 

 

Where exactly are you seeing that error from? I usually use the following report to make sure whether or not my policy has applied: Apps > Monitor > App protection status > Reports > User report

 

What is your Target to apps on all device types selection? If it is not set to Yes or both types that cause some issues, the type state is a bit fiddly to pinpoint and thus its more simple to target both, more about that in Creating an iOS app protection policy docs. 

 

Ownership type should not matter when it comes to App Protection policies.

0 Likes
Reply
Julian12

‎Mar 04 2021 12:44 AM - edited ‎Mar 04 2021 01:25 AM

‎Mar 04 2021 12:44 AM - edited ‎Mar 04 2021 01:25 AM

Re: App protection policy not applying

Hi @Alo Press,

I see that error in the same reporting tool:

Julian12_0-1614847376804.png

Currently I set the target devices to managed only, tried for a short time with Both but wasn't working too. Will test this again..

Edit: Not sure if this is a problem but atm my test phone has no SIM card or any mobile number attached to it.

0 Likes
Reply
best response confirmed by Julian12 (Brass Contributor)
Alo Press

‎Mar 04 2021 01:47 AM - edited ‎Mar 04 2021 01:48 AM

‎Mar 04 2021 01:47 AM - edited ‎Mar 04 2021 01:48 AM

Solution

Re: App protection policy not applying

@Julian12 Are the apps that you are trying to Protect managed? Meaning are they published through the Intune Company Portal or are you just testing App Store apps and waiting until they apply? 

 

In some cases Signing into the app might be needed for the Protection to trigger as the app is assuming the protection from Your specific MDM - this is more relevant with multi-identity enabled apps. 

 

Also, is there anything special about that test account? What licenses have you enabled to it or is it a DEM account? There is probably a lot of things that might not work quite right for DEM accounts. 

 

Regarding the user-level wipe.. it might have something to do with pending App selective wipe, if you have any pending delete the requests. Docs here on how to Delete a device wipe request.

0 Likes
Reply
Julian12

‎Mar 04 2021 02:03 AM - edited ‎Mar 04 2021 02:04 AM

‎Mar 04 2021 02:03 AM - edited ‎Mar 04 2021 02:04 AM

Re: App protection policy not applying

Frickin hell, there was really a selective wipe in place for this account, so obvious^^
I deleted that request and reset my device, hopefully it is working now..
Many thanks for this hint, seems too easy :\

0 Likes
Reply
Julian12

‎Mar 04 2021 02:29 AM

‎Mar 04 2021 02:29 AM

Re: App protection policy not applying

Yeah, its working now, thanks for your help :)
Have a nice day!
1 Like
Reply
1 best response

Accepted Solutions
best response confirmed by Julian12 (Brass Contributor)
Alo Press

‎Mar 04 2021 01:47 AM - edited ‎Mar 04 2021 01:48 AM

‎Mar 04 2021 01:47 AM - edited ‎Mar 04 2021 01:48 AM

Solution

Re: App protection policy not applying

@Julian12 Are the apps that you are trying to Protect managed? Meaning are they published through the Intune Company Portal or are you just testing App Store apps and waiting until they apply? 

 

In some cases Signing into the app might be needed for the Protection to trigger as the app is assuming the protection from Your specific MDM - this is more relevant with multi-identity enabled apps. 

 

Also, is there anything special about that test account? What licenses have you enabled to it or is it a DEM account? There is probably a lot of things that might not work quite right for DEM accounts. 

 

Regarding the user-level wipe.. it might have something to do with pending App selective wipe, if you have any pending delete the requests. Docs here on how to Delete a device wipe request.

View solution in original post

0 Likes
Reply