Intune app protection diagnostics and managed browser bookmarks


 

Many of the organizations I work with have deployed or are deploying Microsoft Intune to manage devices as well as applications. Microsoft Intune offers application protection (aka Mobile Application Management (MAM)) where policies manage applications. Application protection may be used with or without MDM enrollment. If you already have an MDM solution, Intune application protection may be utilized alongside of any MDM provider.

To learn more about Intune app protection please visit: https://docs.microsoft.com/en-us/intune/app-protection-policy

For those already utilizing Intune app protection, there’s a diagnostic feature available within the Intune managed browser for iOS allowing users to view and send diagnostic logs to their support team and/or Microsoft support.

For more details on the Intune diagnostic console please visit: https://blogs.technet.microsoft.com/intunesupport/2017/11/10/support-tip-new-intune-diagnostic-console-for-log-submission-in-the-intune-managed-browser/

 

Let’s look at Intune Mobile App Protection (MAM) diagnostics

Requirements

  • Microsoft Intune
  • Intune app protection policy assigned to users
  • Intune managed browser
  • Apple iOS device

 

Intune App Protection Policies

I won’t go into details about how to configure an app protect policy as there’s plenty of documentation available.  To learn more about creating app protection policies please visit: https://docs.microsoft.com/en-us/intune/app-protection-policies

If devices are enrolled with Intune simply deploy the Intune managed browser to iOS devices.  For devices that are not enrolled with Intune, have users download the Intune managed browser from the Apple app store: https://itunes.apple.com/us/app/intune-managed-browser/id943264951?mt=8 

 

Use Intune managed browser to troubleshoot app protection

Open in the Intune managed browser on the iOS device where applications are protected by Intune app protection policies.  In the navigation space type in: about:intunehelp and search.  You’ll be taken to Intune Diagnostics page where you can begin your investigation:

Later in this post I’ll show you how to create a bookmark for your users to access Intune Diagnostics.

Review the device information and select “View Intune App Status”:

image

 

Select an application that is protected, in my case I’ve selected Outlook and I’m able to see diagnostic info about the app and the policies settings that are deployed to it:

image

 

Configure the Intune managed browser with a bookmark that takes users straight to the Intune diagnostic screen

Navigate to the Intune admin portal via portal.azure.com and select Intune.  Next select Mobile apps, App configuration policies, and Add:

image

 

  1. In the General tab, give the policy a name
  2. In the Targeted apps tab, select Managed Browser
  3. In the Configuration tab, add the following:
  4. Assign the configuration to users

Under Name

com.microsoft.intune.mam.managedbrowser.bookmarks

Under Value

Bing|https://www.bing.com||Intune Diagnostic|about:intunehelp

Note: Bing is optional, take it out if you don’t want to add it.

Once configuration is complete, assign the configuration to users.

 

image

 

After the policy syncs with the app (usually a few minutes or so), open the Intune managed browser and select bookmarks and your bookmarks will be populated as shown below:

image

 

That’s it, we looked at troubleshooting Intune app protection and adding a bookmark for your users to easily access it.


Comments (0)

Skip to main content