MAM Application protection policy

Occasional Contributor

Hello,

i am having an issue with IOS app protection policy, nothing seems to be applied on the phone and i can easily bypass any settings, even company portal outlook seems to ignore to prompt for install:

 

 
 
Platform
iOS/iPadOS
 
Target to apps on all device types
Yes
Device types
--
Public apps
Microsoft Excel
Microsoft Outlook
Microsoft Word
Microsoft Teams
Custom apps
--
 
Prevent backups
Block
Send org data to other apps
Policy managed apps
Select apps to exempt
Default: skype;app-settings;calshow;itms;itmss;itms-apps;itms-appss;itms-services;
Save copies of org data
Block
Allow user to save copies to selected services
OneDrive for Business
SharePoint
Transfer telecommunication data to
Any dialer app
Dialer App URL Scheme
--
Receive data from other apps
All apps
Open data into Org documents
Allow
Allow users to open data from selected services
OneDrive for Business
SharePoint
Camera
Restrict cut, copy, and paste between other apps
Blocked
Cut and copy character limit for any app
0
Third party keyboards
Allow
Encrypt org data
Require
Sync policy managed app data with native apps
Allow
Printing org data
Allow
Restrict web content transfer with other apps
Any app
Unmanaged browser protocol
--
Org data notifications
Allow
 
PIN for access
Require
PIN type
Numeric
Simple PIN
Allow
Select minimum PIN length
6
Touch ID instead of PIN for access (iOS 8+/iPadOS)
Allow
Override biometrics with PIN after timeout
Require
Timeout (minutes of inactivity)
1
Face ID instead of PIN for access (iOS 11+/iPadOS)
Allow
PIN reset after number of days
No
Number of days
0
App PIN when device PIN is set
Require
Work or school account credentials for access
Not required
Recheck the access requirements after (minutes of inactivity)
1
 
Setting
 
 
Value
 
 
Action
 
 
Max PIN attempts
5
Reset PIN
Offline grace period
720
Block access (minutes)
Offline grace period
90
Wipe data (days)
Jailbroken/rooted devices
 
Block access
Default
Included groups
all
Excluded groups
--



what am i missing here ?
 
 
thanks everyone.
 
 
2 Replies

@Karim Hamdy 

Is app protection policy applied on enrolled iOS devices or no-enrolled devices?

 

Of you are also using it for enrolled devices, follow these steps,

1) Create 1 app protection policy for non-enrolled device and other for enrolled devices.

2) Set up UPN configuration.

Manage transferring data between iOS apps - Microsoft Intune | Microsoft Docs

 

@Pa_D i recreated the policy and it worked.

 

thanks