Managed domains device policy

You can define managed domains that apply to email and the Safari browser. Managed domains help you protect corporate data by controlling which apps can open documents downloaded from domains using Safari.

For iOS 8 and later supervised devices, you specify URLs or subdomains to control how users can open documents, attachments, and downloads from the browser. For iOS 9.3 and later supervised devices, you can specify the URLs from which users can save passwords in Safari.

For the steps on setting an iOS device to supervised mode, seeTo place an iOS device in Supervised mode by using the Apple Configurator.

当用户将电子邮件发送给收件人的区域形成n is not on the managed email domains list, the message is flagged on the user’s device to warn them that they are sending a message to someone outside your corporate domain.

For items such as documents, attachments, or downloads: When a user opens an item by using Safari from a web domain that is on the managed web domains list, the appropriate corporate app opens the item. If the item is not from a web domain on the managed web domains list, the user cannot open the item with a corporate app. They must use a personal, unmanaged app.

For supervised devices, even if you do not specify Safari password autofill domains: If the device is configured as ephemeral multi-user, users can’t save passwords. However, if the device isn’t configured as ephemeral multi-user, users can save all passwords.

To add or configure this policy, go toConfigure > Device Policies. For more information, seeDevice policies.

iOS settings

To specify domains:

Rules:

• Leading “www.” and trailing slashes in URLs are ignored when domains are compared.
• If an entry contains a port number, only addresses that specify that port number are considered managed. Otherwise, only the standard ports are considered managed (port 80 for http and port 443 for https). For example, the pattern*.example.com:8080matcheshttps://site.example.com:8080/page.html, but nothttps://site.example.com/page.html, whereas the pattern*.example.commatcheshttps://site.example.com/page.htmlandhttps://site.example.com/page.html, but nothttps://site.example.com:8080/page.html.
• Safari web域定义cumulati管理ve. Patterns defined by all managed Safari web domain payloads are used to match a URL request.

Settings:

• Managed Domains
  • Unmarked Email Domains:For each email domain you want to include in the list, clickAddand then do the following:
    • Managed Email Domain:Type the email domain.
    • ClickSaveto save the email domain or clickCancelto not save the email domain.
  • Managed Safari Web Domains:For each web domain you want to include in the list, clickAddand then do the following:
    • Managed Web Domain:Type the web domain.
    • ClickSaveto save the web domain or clickCancelto not save the web domain.
  • Safari Password AutoFill Domains:For each autofill domain you want to include in the list, clickAddand then do the following:
    • Safari Password AutoFill Domain:Type the autofill domain.
    • ClickSaveto save the autofill domain or clickCancelto not save the autofill domain.
• Policy settings
  • Remove policy:Choose a method for scheduling policy removal. Available options areSelect dateandDuration until removal (in hours)
    • Select date:Click the calendar to select the specific date for removal.
    • Duration until removal (in hours):Type a number, in hours, until policy removal occurs. Only available for iOS 6.0 and later.