deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-19 20:33:42 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Updating content

Browse Source
This commit is contained in:
LizRoss
2017-04-11 11:02:57 -07:00
parent 20ca2ed238
commit 371746cfd2
4 changed files with 52 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

78
windows/keep-secure/add-apps-to-protected-list-using-custom-uri.md
View File

@ -59,28 +59,41 @@ You can add apps to your Windows Information Protection (WIP) protected app list
![Local security snap-in, showing the Export Policies option](images/wip-applocker-secpol-export-rules.png) ![Local security snap-in, showing the Export Policies option](images/wip-applocker-secpol-export-rules.png)
<!-- Need new info for here, this is the old process 8. Open the Microsoft Azure Intune mobile application management console, click **Device configuration**, and then click **Create Profile**.
8. Open the Intune administration console, and go to the **Policy** node, click **Add Policy** from the **Tasks** area, go to **Windows**, click the **Custom Configuration (Windows 10 Desktop and Mobile and later)** policy, click **Create and Deploy a Custom Policy**, and then click **Create Policy**. ![Microsoft Azure Intune, Create a new policy using the the Azure portal](images/wip-azure-vpn-device-policy.png)
9. Type a name (required) and an optional description for your policy into the **Name** and **Description** boxes. 9. In the **Create Profile** blade, type a name for your profile, such as *contoso_allowed_store_apps_uri*, into the **Name** box, add an optional description for your policy into the **Description** box, select **Windows 10 and later** from the **Platform** dropdown box, select **Custom** from the **Profile type** dropdown box, and then click **Configure**.
10. In the **Add one or more OMA-URI settings that control functionality on Windows devices** box, click **Add**. ![Microsoft Azure Intune, Create a new policy using the Create Profile blade](images/wip-azure-configure-policy-using-uri.png)
11. Type your new **Setting Name** and **Description** into the associated boxes, keeping the default **Data Type** of **String**. 10. In the **Custom OMA-URI Settings** blade, click **Add**.
12. In the **OMA-URI** box, type `./Vendor/MSFT/AppLocker/EnterpriseDataProtection/<your_enterprise_name>/StoreApp EXE` 11. In the **Add Row** blade, type:
13. Open File Explorer, go to the location where you saved your new XML file, and open it using an XML editor, such as Notepad. - **Name.** Type a name for your setting, such as *AllowedStoreAppsURI*.
- **Description.** Type an optional description for your setting.
- **OMA-URI.** Type _./Vendor/MSFT/AppLocker/EnterpriseDataProtection/&gt;your_enterprise_name&lt;/StoreApp EXE_ into the box.
14. Copy the text that has a **Type** of `Appx`, within the **RuleCollection** tags, and then go back to Intune and paste the text into the **Value** box of the **Add or edit OMA-URI Setting** box. For example: - **Data type.** Select **String** from the dropdown box.
- **Value.** To find the text to type here, follow these steps:
1. Open File Explorer, go to the location where you saved your exported XML file from above, and open it using an XML editor, such as Notepad.
``` 2. Copy the text that includes the **Type** of `Appx` within the **RuleCollection** tags, pasting this info into the **Value** box. For example:
<RuleCollection Type="Appx" EnforcementMode="Enabled"><your_xml_rules_here></RuleCollection>
``` ```
<RuleCollection Type="Appx" EnforcementMode="Enabled"><your_xml_rules_here></RuleCollection>
```
15. Click **OK** to close the **Add or edit OMA-URI Setting** box, and then click **Save Policy**.<p> 5. Click **OK** to save your setting info in the **Add Row** blade, and then click **OK** in the **Custom OMA-URI Settings** blade to save the setting with your policy.
After saving the policy, youll need to deploy it to your employees devices. For more info, see the [Deploy your Windows Information Protection (WIP) policy](deploy-wip-policy-using-intune.md) topic. -->
6. Click **Create** to create the policy, including your OMA_URI info.
After saving the policy, youll need to deploy it to your employees devices. For more info, see the [Deploy your Windows Information Protection (WIP) policy](deploy-wip-policy-using-intune.md) topic.
## Add Desktop apps ## Add Desktop apps
1. Open the Local Security Policy snap-in (SecPol.msc). 1. Open the Local Security Policy snap-in (SecPol.msc).
@ -122,28 +135,41 @@ After saving the policy, youll need to deploy it to your employees devices
![Local security snap-in, showing the Export Policies option](images/wip-applocker-secpol-export-rules-desktop.png) ![Local security snap-in, showing the Export Policies option](images/wip-applocker-secpol-export-rules-desktop.png)
<!-- Need new info for here, this is the old process 8. Open the Microsoft Azure Intune mobile application management console, click **Device configuration**, and then click **Create Profile**.
8. Open the Intune administration console, and go to the **Policy** node, click **Add Policy** from the **Tasks** area, go to **Windows**, click the **Custom Configuration (Windows 10 Desktop and Mobile and later)** policy, click **Create and Deploy a Custom Policy**, and then click **Create Policy**.
9. Type a name (required) and an optional description for your policy into the **Name** and **Description** boxes. ![Microsoft Azure Intune, Create a new policy using the the Azure portal](images/wip-azure-vpn-device-policy.png)
10. In the **Add one or more OMA-URI settings that control functionality on Windows devices** box, click **Add**. 9. In the **Create Profile** blade, type a name for your profile, such as *contoso_allowed_desktop-apps_uri*, into the **Name** box, add an optional description for your policy into the **Description** box, select **Windows 10 and later** from the **Platform** dropdown box, select **Custom** from the **Profile type** dropdown box, and then click **Configure**.
11. Type your new **Setting Name** and **Description** into the associated boxes, keeping the default **Data Type** of **String**. ![Microsoft Azure Intune, Create a new policy using the Create Profile blade](images/wip-azure-configure-policy-using-uri.png)
12. In the **OMA-URI** box, type `./Vendor/MSFT/AppLocker/EnterpriseDataProtection/<your_enterprise_name>/EXE` 10. In the **Custom OMA-URI Settings** blade, click **Add**.
13. Open File Explorer, go to the location where you saved your new XML file, and open it using an XML editor, such as Notepad. 11. In the **Add Row** blade, type:
14. Copy the text that has a **Type** of `EXE`, within in the **RuleCollection** tags, and then go back to Intune and paste the text into the **Value** box of the **Add or edit OMA-URI Setting** box. For example: - **Name.** Type a name for your setting, such as *AllowedDesktopAppsURI*.
- **Description.** Type an optional description for your setting.
- **OMA-URI.** Type _./Vendor/MSFT/AppLocker/EnterpriseDataProtection/&gt;your_enterprise_name&lt;/EXE_ into the box.
``` - **Data type.** Select **String** from the dropdown box.
<RuleCollection Type="Exe" EnforcementMode="Enabled"><your_xml_rules_here></RuleCollection>
``` - **Value.** To find the text to type here, follow these steps:
15. Click **OK** to close the **Add or edit OMA-URI Setting** box, and then click **Save Policy**. 1. Open File Explorer, go to the location where you saved your exported XML file from above, and open it using an XML editor, such as Notepad.
After saving the policy, youll need to deploy it to your employees devices. For more info, see the [Deploy your Windows Information Protection (WIP) policy](deploy-wip-policy-using-intune.md) topic. --> 2. Copy the text that includes the **Type** of `Exe` within the **RuleCollection** tags, pasting this info into the **Value** box. For example:
```
<RuleCollection Type="Exe" EnforcementMode="Enabled"><your_xml_rules_here></RuleCollection>
```
5. Click **OK** to save your setting info in the **Add Row** blade, and then click **OK** in the **Custom OMA-URI Settings** blade to save the setting with your policy.
6. Click **Create** to create the policy, including your OMA_URI info.
After saving the policy, youll need to deploy it to your employees devices. For more info, see the [Deploy your Windows Information Protection (WIP) policy](deploy-wip-policy-using-intune.md) topic.
>[!NOTE] >[!NOTE]
>Help to make this topic better by providing us with edits, additions, and feedback. For info about how to contribute to this topic, see [Contributing to TechNet content](https://github.com/Microsoft/windows-itpro-docs/blob/master/CONTRIBUTING.md). >Help to make this topic better by providing us with edits, additions, and feedback. For info about how to contribute to this topic, see [Contributing to TechNet content](https://github.com/Microsoft/windows-itpro-docs/blob/master/CONTRIBUTING.md).

BIN
windows/keep-secure/images/wip-azure-configure-dekstop-apps-using-uri.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 8.8 KiB

BIN
windows/keep-secure/images/wip-azure-configure-store-apps-using-uri.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 8.7 KiB

BIN
windows/keep-secure/images/wip-azure-vpn-configure-policy.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 7.9 KiB

After

Width:  |  Height:  |  Size: 8.0 KiB