We have waited for a long time before that the Microsoft Intune Managed Browser was released for iOS, apparently Apple finally approved the application and it is now available in the iTunes app store. With the Microsoft Intune Managed Browser you are able to manage which websites can be browsed to via the managed browser by setting up a list of websites that are allowed or blocked.
Let’s see how this works.
First of all we need to create a Managed Browser Policy within the Microsoft Intune console.
Next we need to configure a “allow list” or a “block list”. In this example I will create an Allow List with in this case my blog as a secure sources where my documents can be downloaded from. Another use case can be for instance an intranet website.
Next I have created an application that points to the Microsoft Intune Managed Browser in the Itunes store. We need to deploy this application to a group and associate the Managed Browser Policy to the deployment, just like we need to do with the MAM policies.
So after deploying it you will see the following happening;
After starting the Managed Browser you see directly that the browsed is managed by the company.
Because of the MAM policy we need to set a PIN code first before we are able to access the Managed Browser app.
As you see I do not have access to any other site than /* (the wildcard allows everything at the same domain.) If you do not this you see a figure like below.
So my blog needs to be accesible, let’s see what happens if we browse to
First you see a notice that some links are blocked, in this case this are some embedded links to Google Ads…
The rest of my blog is accessible and working as designed 😉
This Managed Browser for Microsoft Intune is really great! Can’t wait until the rest of the new additions are released.
August 19, 2016 @ 19:47
If I do this configuration can I access my intranet pages in Intune ? How Intune make this connection between device and company ? Certificate ?
September 25, 2016 @ 11:23
You need to setup ADFS and WEP to be able to give access, you also can use Azure AD Application Proxy.