Jump to:navigation, search
Wiki

Management of app configurations ( iOS only)

From Securepoint Wiki




























In dieser Seite werden die Variablen für unterschiedliche Sprachen definiert.
Diese Seite wird auf folgenden Seiten eingebunden



























  • Note

    This article includes descriptions of third-party software and is based on the status at the time this page was created.
    Changes to the user interface on the part of the manufacturer are possible at any time and must be taken into account accordingly in the implementation.
    All information without warranty.









    • Transmission of self-managed app configurations for -devices

    Last adaptation to the version: 1.29

    New:
    Last updated: 
      08.2024
    notempty
    This article refers to a Beta version
    Access: portal.securepoint.cloud  Mobile Security iOS/iPadOS  Apps

    Introduction

    Using the managed configuration of apps for Apple devices, it is possible to automatically carry out the app configuration on all devices on which this app is installed.
    This process does not have to be carried out individually for each device.


    Managed configuration

    Create managed configuration

    Choose prefered app under  Mobile Security iOS/iPadOS  Apps in the tab managed configuration.
    The desired configuration of the app is entered in the editor as an XML file in plist format.
    Managed configuration with the default setting of the editor
    notempty
    Errors in XML tags are recognised and displayed.
     
    <?xml version="1.0" encoding=UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
    <dict>
        <key>LicenseKey</key>
        <string>AAAAAA-BBBBBB-CCCCCC-DDDDDD-123456-V3</string>
    </dict>
</plist>
    Tag Value Description
    <key> LicenseKey (Example) The key that is to be customised by the configuration.
    The name of the key can be found out by the app manufacturer.
    <string> AAAAAA-BBBBBB-CCCCCC-DDDDDD-123456-V3 (Example) The value as a string, which is expected from the upper key.
    User variables can also be used.
    If several keys are to be configured, additional key tags can be inserted within the <dict></dict> tag.
    notempty
    There may also be keys that do not require a string.
    e.g. <key>com.microsoft.outlook.ContactSync.AddressAllowed</key>

    Show managed configuration

    Select the device on which the app is installed under  Mobile Security iOS/iPadOSdevices .
    Under Device details in the Application tab, the installed apps are displayed. For apps that have a managed configuration, there is the  Display configuration button.
    This button opens a dialogue window in which the key tags entered and their values are displayed.

    Example: Microsoft Outlook

    The following shows an example of a managed configuration of the Microsoft Outlook app.
    Further key values are can be found here. 

    <?xml version="1.0" encoding=UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
    <dict>
        <key>com.microsoft.outlook.EmailProfile.AccountType</key>
        <string>ModernAuth</string>
        <key>com.microsoft.outlook.EmailProfile.EmailAddress</key>
        <string>$emailaddress$</string>
        <key>com.microsoft.outlook.EmailProfile.EmailUPN</key>
        <string>$variable1$</string>
        <key>IntuneMAMAllowedAccountsOnly</key>
        <string>Enabled</string>
        <key>IntuneMAMUPN</key>
        <string>$variable1$</string>
        <key>com.microsoft.outlook.Mail.BlockExternalImagesEnabled</key>
        <true />
        <key>com.microsoft.outlook.ContactSync.AddressAllowed</key>
        <true />
    </dict>
</plist>


    Caption Value Description
    com.microsoft.outlook.EmailProfile.AccountType ModernAuth The account type, based on the authentication model
    com.microsoft.outlook.EmailProfile.EmailAddress $emailaddress$ The e-mail address for the profile. The variable $emailaddress$ is used for the configuration.
    com.microsoft.outlook.EmailProfile.EmailUPN $variable1$ The main name or user name of the user of the e-mail profile for authentication. Here by entering the variable $variable1$.
    IntuneMAMAllowedAccountsOnly Enable Activates the permitted account mode for the organisation, i.e. access to the AD accounts.
    IntuneMAMUPN $variable1$ The user principal name for the account
    The user name with domain name from an AD. Example from Azure AD: alice@tttpoint.onmicrosoft.com
    .
    Here by entering the variable $variable1$.
    com.microsoft.outlook.Mail.BlockExternalImagesEnabled true If true, external images are blocked
    com.microsoft.outlook.ContactSync.AddressAllowed true If the address of the contact is to be synchronised with the native contacts

    Teams, Office, Word, Excel, PowerPoint for iOS

    notempty
    The managed configuration of Microsoft Outlook for iOS described above can be completely adopted for Microsoft Teams, Office, Word, Excel and PowerPoint for iOS.

    Self-developed apps

    A managed configuration is also possible for apps developed in-house. This app must be slightly customised for this.
    Step 1: The following code must be inserted into the app so that the app has access to the configuration:
    UserDefaults.standard.object(forKey: "com.apple.configuration.managed") as? [String: Any?]

    notempty
    UserDefaults does not encrypt the data! Do not use sensitive data, such as passwords, for this!

    Step 2: The customised app must be available in the MDM portal. Depending on the intended use for this app, there are various options for this:

    Step 3: The configuration can then be inserted as an XML file as described above.

    Retrieved from "https://wiki.securepoint.de/index.php?title=MS/deployment/app/configuration&oldid=92827"