MAM Without Enrollment

31 January 2017 nbonnet Comments 0 Comment

MAM Without Enrollment

Microsoft has implemented a MAM (Mobile Application Management) solution in Intune. However, this solution requires enroll the device in the MDM (Mobile Device Management). For people not wishing to add their equipment in a type MDM platform, it is possible to proceed with the creation of rules MAM without enrollment.

How to implement the rules ?

As a first step, it is necessary to access the Azure portal with the URL azure.microsoft.com. After to be authenticated, the Azure Portal appears.

In the portal, click in other Services button and on search bar enter Intune. Click application Intune Protection. In the portal, click in other Services button and on search bar enter Intune. Click application Intune Protection.

A new window appears, click on enforcement strategy in settings.

Click Add a strategy then enter the name you want and select the platform.

Click Select the required applications and select the desired applications. Click select pour validate your choice.

It is now necessary to configure settings that will apply to the strategy. To do this, click Configure the required parameters. It is possible to apply several types of parameters:

Prohibit the Itunes backup and Icloud

Prohibit save as

Restrict operations cut / copy / paste

Force the use of the Managed Browser

Ask for the encryption of the application

Disable the synchronization of contacts

Disable printing

Require a PIN

Require the company to access credentials

Block applications from running if rooted or jailbroken device

I have configured this parameter, a PIN is requested however the fingerprint cannot be used for access to the resource.

CLick OK to validate the rules and Create. After the rule is created, It is necessary to assign the rules to a user group. Click on the rule in order to access its properties, and then click user groups. Finally click Add user group.