Please check warning messages of Intune Wrapping
Jason-wonku-Ji opened this issue · 3 comments
A clear and concise description of what the bug is.
We are considering applying Intune using a wrapping method rather than using the Intune SDK.
It's not an SDK, so please check if it's okay to post a question here.
If you are allowed to post a question, we would like to ask you to confirm the following.
The following error message appears during wrapping, but when I tested the result, I confirmed that the policy was applied.
Packaging the application...
Warning: This application supports opening one or more file types, but does not have the appropriate entitlement types to be supported by the Intune app. You must specify additional provisioning profiles using the -x command line argument. This profile must contain a wildcard application identifier or contain the application identifier 'xxxx.xxxx.xxxx.IntuneOpenInAction' and contain at least one application group that is shared by the main application. If you do not specify this profile, other Intune app-enabled applications will not be able to send files to this application.
And to test the third warning message, when we shared a document from Outlook (with Intune protection policy applied) to our app, we confirmed that it was being shared normally.
These warning messages don't seem to be in the MS official documentation below.
https://learn.microsoft.com/en-us/mem/intune/developer/app-wrapper-prepare-ios
How do I know why these warning messages occur and how to fix them?
Hi @Jason-wonku-Ji, Based on the warning provided your application requires that the Intune ios wrapper injects a new action extension, so that your application can receive the file types which it supports from other Intune-managed apps.
I am recommending that you use the sample plist that was included In the IntuneMAMPackager/Contents/MacOS folder, and add the list/array of provisioning profiles, this may be considered an easier way to run the wrapping tool. Your second option is continue using cli parameters -x with the correct syntax.
Note: If you are only using a single profile the -x option requires this format:
-x \<array\>\<string\>/Users/myadmin/Documents/My_Share_Extension.mobileprovision\</string\>\</array\>
Hello,
Thank you for checking this.
I have left my question as inline.
Based on the warning provided your application requires that the Intune ios wrapper injects a new action extension, so that your application can receive the file types which it supports from other Intune-managed apps.
=> Do I need to include the necessary settings when creating a provisioning profile in Apple's Developer Portal?
If additional settings or permissions related to Intune are required, we would like to inquire whether it is necessary to specify the required permissions in the project's Entitlements file and create a provisioning profile that reflects them.
I couldn't find anything like the above in the guide below.
https://learn.microsoft.com/en-us/mem/intune/developer/app-wrapper-prepare-ios
And if the provisioning profile is not created this way, will I not be able to share files from other Intune-protected apps as warned?
When I shared a document with Outlook (which receives the Intune protection policy), it was shared normally.
@Jason-wonku-Ji
Yes, its recommended to include the appropriate settings and app group and app identifiers when creating Entitlements and the provisioning profile.
The issue you encountered may occur when the application in question specifies its capability to accept specific document types through the CFBundleDocumentTypes in the Info.plist file. Should this be true, the application wrapper will inject a share extension to enable the reception of these file types from other applications managed by Intune.
.