Re: Five Tip Friday ~ Changing Device Names, Blocking Callers, Saving Space

0 views
Skip to first unread message
Message has been deleted

Вячеслав Бахтыгозин

unread,
Jul 13, 2024, 11:16:00 PM7/13/24
to ciouporfere

Intune may support more settings than the settings listed in this article. Not all settings are documented, and won't be documented. To see the settings you can configure, create a device configuration policy, and select Settings Catalog. For more information, go to Settings catalog.

This article describes the different settings you can control on iOS and iPadOS devices. As part of your mobile device management (MDM) solution, use these settings to allow or disable features, set password rules, allow or restrict specific apps, and more.

Five Tip Friday changing device names, blocking callers, saving space


Download File >>>>> https://mciun.com/2yK0Wq



Block viewing corporate documents in unmanaged apps: Yes prevents viewing corporate documents in unmanaged apps. When set to Not configured (default), Intune doesn't change or update this setting. By default, the OS might allow corporate documents to be viewed in any app.

For example, you want to prevent users from saving files from the OneDrive app to Dropbox. Configure this setting as Yes. After devices receive the policy (for example, after a restart), it no longer allows saving.

Allow unmanaged apps to read from managed contacts accounts: Yes lets unmanaged apps, such as the built-in iOS/iPadOS Contacts app, to read and access contact information from managed apps, including the Outlook mobile app. When set to Not configured (default), Intune doesn't change or update this setting. By default, the OS might prevent reading from the built-in Contacts app on devices.

For more information about these two settings, and their impact on Outlook for iOS/iPadOS contact export synchronization, see Support Tip: Use Intune custom profile settings with the iOS/iPadOS Native Contacts App.

Treat AirDrop as an unmanaged destination: Yes forces AirDrop to be considered an unmanaged drop target. It stops managed apps from sending data using Airdrop. When set to Not configured (default), Intune doesn't change or update this setting.

Block viewing non-corporate documents in corporate apps: Yes prevents viewing non-corporate documents in corporate apps. When set to Not configured (default), Intune doesn't change or update this setting. By default, the OS might allow any document to be viewed in corporate managed apps.

Allow copy/paste to be affected by managed open-in: Yes enforces copy/paste restrictions based on how you configured Block viewing corporate documents in unmanaged apps and Block viewing non-corporate documents in corporate apps. When set to Not configured (default), Intune doesn't change or update this setting. By default, the OS might not enforce any copy/paste restrictions.

Require iTunes Store password for all purchases: Yes forces users to enter the Apple ID password for each in-app or ITunes purchase. When set to Not configured (default), Intune doesn't change or update this setting. By default, the OS might allow purchases without prompting for a password every time.

Block download of explicit sexual content in Apple Books: Yes prevents users from downloading media from the iBook store that's tagged as erotica. When set to Not configured (default), Intune doesn't change or update this setting. By default, the OS might allow users to download books with the "Erotica" category.

Allow managed apps to write contacts to unmanaged contacts accounts: Yes lets managed apps, such as the Outlook mobile app, save or sync contact information, including business and corporate contacts, to the built-in iOS/iPadOS Contacts app. When set to Not configured (default), Intune doesn't change or update this setting. By default, the OS might prevent managed apps from saving or syncing contact information to the built-in iOS/iPadOS Contacts app on devices.

Block playback of explicit music, podcast, and iTunes U: Yes prevents explicit iTunes music, podcast, or news content. When set to Not configured (default), Intune doesn't change or update this setting. By default, the OS might allow the device to access content rated as adult from the store.

Block adding Game Center friends: Yes prevents users from adding Game Center friends. When set to Not configured (default), Intune doesn't change or update this setting. By default, the OS might allow users to add friends in Game Center.

Block multiplayer gaming in Game Center: Yes prevents multiplayer gaming. When set to Not configured (default), Intune doesn't change or update this setting. By default, the OS might allow users to play multiplayer games on devices.

Block access to network drive in Files app: Using the Server Message Block (SMB) protocol, devices can access files or other resources on a network server. Yes prevents accessing files on a network SMB drive. When set to Not configured (default), Intune doesn't change or update this setting. By default, the OS might allow access.

Use these settings to configure iOS/iPadOS devices to run specific apps in autonomous single app mode (ASAM). When ASAM is configured, and users start one of the configured apps, then the device is locked to that app. App/task switching is disabled until users exit the allowed app.

For example, in a school or university environment, add an app that lets users take a test on the device. Or, lock the device into the Company Portal app until the user authenticates. When the apps actions are completed by users, or you remove this policy, the device returns to its normal state.

Not all apps support autonomous single app mode. To put an app in ASAM, a bundle ID or a key value pair delivered by an app config policy are typically required. For more information, see the autonomousSingleAppModePermittedAppIDs restriction in Apple's MDM documentation. For more information on the specific settings required for the app you're configuring, see the vendor documentation.

For example, to configure Zoom Rooms in autonomous single app mode, Zoom says to use the us.zoom.zpcontroller bundle ID. In this instance, you also make a change in the Zoom web portal. For more information, see the Zoom help center.

On iOS/iPadOS devices, the Company Portal app supports ASAM. When the Company Portal app is in ASAM, users must manually open the Company Portal app. Then the device is locked in the Company Portal app until the user authenticates. When users sign in to the Company Portal app, they can use other apps and the Home screen button on the device. When they sign out of the Company Portal app, the device returns to single app mode, and locks on the Company Portal app.

To turn the Company Portal app into a 'sign in/sign out' app (enable ASAM), enter the Company Portal app name, such as Microsoft Intune Company Portal, and the bundle ID (com.microsoft.CompanyPortal) in these settings. After this profile is assigned, you must open the Company Portal app to lock the app so users can sign in and sign out of it. For the ASAM configuration to apply, users must manually open the Company Portal app.

Require Safari fraud warnings: Yes requires fraud warnings to be shown in the web browser on devices. When set to Not configured (default), Intune doesn't change or update this setting. By default, the OS might not show these warnings.

Block Siri for dictation: Yes prevents connections to Siri servers. Users can't use Siri to dictate text. When set to Not configured (default), Intune doesn't change or update this setting. By default, the OS might allow Siri to be used for dictation. Also available for user enrollment.

Block Siri for translation: Yes prevents connections to Siri servers so that users can't use Siri to translate text. When set to Not configured (default), Intune doesn't change or update this setting. By default, the OS might allow Siri to be used for translation. Also available for user enrollment.

Block internet search results from Spotlight: Yes stops Spotlight from returning any results from an Internet search. When set to Not configured (default), Intune doesn't change or update this setting. By default, the OS might allow Spotlight search connect to the Internet to provide search results.

Block Safari JavaScript: Yes prevents Java scripts in the browser from running on devices. When set to Not configured (default), Intune doesn't change or update this setting. By default, the OS might allow Java scripts.

Block user-generated content in Siri: Yes prevents Siri from accessing websites to answer questions. When set to Not configured (default), Intune doesn't change or update this setting. By default, the OS might allow Siri to access user-generated content from the internet.

Block Apple Books: Yes prevents access to the iBooks store. When set to Not configured (default), Intune doesn't change or update this setting. By default, the OS might allow users to browse and buy books from the iBooks store.

Block iMessage: Yes prevents using the Messages app for iMessage. If devices support text messaging, then users can still send and receive text messages using SMS. When set to Not configured (default), Intune doesn't change or update this setting. By default, the OS might allow using the Messages app to send and read messages over the internet.

7fc3f7cf58
Reply all
Reply to author
Forward
0 new messages