Skip to content

Commit 2d6e874

Browse files
jamiesil-msftjamiesil-msft
authored
Update app-protection-policy-settings-ios.md
Adding new requirement for IntuneMAMOID
1 parent cce6d6e commit 2d6e874

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

memdocs/intune/apps/app-protection-policy-settings-ios.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,7 @@ There are three categories of policy settings: *Data relocation*, *Access requir
4747
| Setting | How to use | Default value |
4848
|------|----------|-------|
4949
| **Backup Org data to iTunes and iCloud backups** | Select **Block** to prevent this app from backing up work or school data to iTunes and iCloud. Select **Allow** to allow this app to back up of work or school data to iTunes and iCloud. | **Allow** |
50-
| **Send Org data to other apps** | Specify what apps can receive data from this app: <ul><li>**All apps**: Allow transfer to any app. The receiving app will have the ability to read and edit the data.</li><li>**None**: Do not allow data transfer to any app, including other policy-managed apps. If the user performs a managed open-in function and transfers a document, the data will be encrypted and unreadable.</li><li> **Policy managed apps**: Allow transfer only to other policy-managed apps. <p><p>**Note:** _Users may be able to transfer content via Open-in or Share extensions to unmanaged apps on unenrolled devices or enrolled devices that allow sharing to unmanaged apps. Transferred data is encrypted by Intune and unreadable by unmanaged apps._</li><li> **Policy managed apps with OS sharing**: Only allow data transfer to other policy managed apps, as well as file transfers to other MDM managed apps on enrolled devices. <p><p>**Note:** _The **Policy managed apps with OS sharing** value is applicable to MDM enrolled devices only. If this setting is targeted to a user on an unenrolled device, the behavior of the **Policy managed apps** value applies. Users will be able to transfer unencrypted content via Open-in or Share extensions to any application allowed by the iOS MDM allowOpenFromManagedtoUnmanaged setting, assuming the sending app has the IntuneMAMUPN configured; for more information, see [How to manage data transfer between iOS apps in Microsoft Intune](data-transfer-between-apps-manage-ios.md). See https://developer.apple.com/business/documentation/Configuration-Profile-Reference.pdf for more information on this iOS/iPadOS MDM setting._<p><p></li><li>**Policy managed apps with Open-In/Share filtering**: Allow transfer only to other policy managed apps, and filter OS Open-in/Share dialogs to only display policy managed apps. To configure the filtering of the **Open-In/Share** dialog, it requires both the app(s) acting as the file/document source and the app(s) that can open this file/document to have the Intune SDK for iOS version 8.1.1 or above. <p><p>**Note:** _Users may be able to transfer content via Open-in or Share extensions to unmanaged apps if Intune private data type are supported by the app. Transferred data is encrypted by Intune and unreadable by unmanaged apps._</li></ul><br>In addition, when set to **Policy managed apps** or **None**, the Spotlight search (enables searching data within apps) and Siri shortcuts iOS features are blocked. <p><p>This policy can also apply to iOS/iPadOS Universal Links. General web links are managed by the **Open app links in Intune Managed Browser** policy setting. <p> There are some exempt apps and services to which Intune may allow data transfer by default. In addition, you can create your own exemptions if you need to allow data to transfer to an app that doesn't support Intune APP. See [data transfer exemptions](#data-transfer-exemptions) for more information. | **All apps** |
50+
| **Send Org data to other apps** | Specify what apps can receive data from this app: <ul><li>**All apps**: Allow transfer to any app. The receiving app will have the ability to read and edit the data.</li><li>**None**: Do not allow data transfer to any app, including other policy-managed apps. If the user performs a managed open-in function and transfers a document, the data will be encrypted and unreadable.</li><li> **Policy managed apps**: Allow transfer only to other policy-managed apps. <p><p>**Note:** _Users may be able to transfer content via Open-in or Share extensions to unmanaged apps on unenrolled devices or enrolled devices that allow sharing to unmanaged apps. Transferred data is encrypted by Intune and unreadable by unmanaged apps._</li><li> **Policy managed apps with OS sharing**: Only allow data transfer to other policy managed apps, as well as file transfers to other MDM managed apps on enrolled devices. <p><p>**Note:** _The **Policy managed apps with OS sharing** value is applicable to MDM enrolled devices only. If this setting is targeted to a user on an unenrolled device, the behavior of the **Policy managed apps** value applies. Users will be able to transfer unencrypted content via Open-in or Share extensions to any application allowed by the iOS MDM allowOpenFromManagedtoUnmanaged setting, assuming the sending app has the IntuneMAMUPN and IntuneMAMOID configured; for more information, see [How to manage data transfer between iOS apps in Microsoft Intune](data-transfer-between-apps-manage-ios.md). See https://developer.apple.com/business/documentation/Configuration-Profile-Reference.pdf for more information on this iOS/iPadOS MDM setting._<p><p></li><li>**Policy managed apps with Open-In/Share filtering**: Allow transfer only to other policy managed apps, and filter OS Open-in/Share dialogs to only display policy managed apps. To configure the filtering of the **Open-In/Share** dialog, it requires both the app(s) acting as the file/document source and the app(s) that can open this file/document to have the Intune SDK for iOS version 8.1.1 or above. <p><p>**Note:** _Users may be able to transfer content via Open-in or Share extensions to unmanaged apps if Intune private data type are supported by the app. Transferred data is encrypted by Intune and unreadable by unmanaged apps._</li></ul><br>In addition, when set to **Policy managed apps** or **None**, the Spotlight search (enables searching data within apps) and Siri shortcuts iOS features are blocked. <p><p>This policy can also apply to iOS/iPadOS Universal Links. General web links are managed by the **Open app links in Intune Managed Browser** policy setting. <p> There are some exempt apps and services to which Intune may allow data transfer by default. In addition, you can create your own exemptions if you need to allow data to transfer to an app that doesn't support Intune APP. See [data transfer exemptions](#data-transfer-exemptions) for more information. | **All apps** |
5151
| <ul>**Select apps to exempt** | This option is available when you select *Policy managed apps* for the previous option. | |
5252
| <ul>**Select universal links to exempt** | Specify which iOS/iPadOS [Universal Links](#universal-links) should open in the specified *unmanaged* application instead of the protected browser specified by the **Restrict web content transfer with other apps** setting. You must contact the application developer to determine the correct universal link format for each application. | |
5353
| <ul>**Select managed universal links** | Specify which iOS/iPadOS [Universal Links](#universal-links) should open in the specified *managed* application instead of the protected browser specified by the **Restrict web content transfer with other apps** setting. You must contact the application developer to determine the correct universal link format for each application. | |

0 commit comments

Comments
 (0)