mdm – iOS : Per App Content material Filter deployment via Intune

By
codesanitize
-
0
23
mdm – iOS : Per App Content material Filter deployment via Intune


I’m testing Per App Content material Filter(iOS 16 onwards) characteristic for iOS. Per App Content material Filter entitlements can run on a managed machine solely. Therefore these entitlements have to be pushed via MDM.

Apple documentation on

https://developer.apple.com/documentation/technotes/tn3134-network-extension-provider-deployment?lan...
https://developer.apple.com/documentation/networkextension/content_filter_providers?language=objc

To date analysis on Intune concluded that Intune doesn’t help it prefer it helps per app VPN.
Then I attempted pushing content material filter profile as customized profile and ContentFilterUUID as App configuration coverage by concentrating on it to third celebration app. Content material filter will get pushed to the machine but it surely doesn’t get mapped to third celebration app.So it doesn’t run till mapping is suitable and stay in invalid state.

Can anybody assist me how can I obtain it on Intune? I posted on Intune group Discussion board too however no solutions there.

Facet Be aware: JAMF gives this in-built like per app vpn and I might see payload(from iOS sys logs) is like under

NESMFilterSession[Content Filter 16 May 2024:5F0ABFF4-5414-40D4-AD95-AE207D890720]: dealing with configuration modified: {
    identify = <26-char-str>
    identifier = 5F0ABFF4-5414-40D4-AD95-AE207D890720
    externalIdentifier = <36-char-str>
    software = com.take a look at.ent.app
    grade = 1
    contentFilter = {
        enabled = YES
        supplier = {
            pluginType = com.take a look at.ent.app
            group = <7-char-str>
            filterBrowsers = NO
            filterPackets = NO
            filterSockets = YES
            disableDefaultDrop = NO
            preserveExistingConnections = NO
        }
        filter-grade = 1
        per-app = {
            appRules = (
                {
                    matchSigningIdentifier = org.mozilla.ios.Firefox
                    noDivertDNS = NO
                },
            )
            excludedDomains = ()
        }
    }
    payloadInfo = {
        payloadUUID = FC494E29-90AE-4C56-B57A-2E501A17553A
        payloadOrganization = <13-char-str>
        profileUUID = C2074E3F-39F1-4A48-B979-FE13C0FBC779
        profileIdentifier = <36-char-str>
        isSetAside = NO
        profileIngestionDate = 2024-08-16 21:30:23 +0000
        systemVersion = Model 17.5.1 (Construct 21F90)
        profileSource = mdm
    }
}

LEAVE A REPLY

Please enter your comment!
Please enter your name here