Intune App Protection Status

Intune hands-on: Troubleshooting URL links and the “no available apps” error

Last Updated on October 9, 2018 by Oktay Sari

So now that I have a little spare time during my holiday, I couldn’t help my self but thinking about a problem where employees of a client could not open URL’s to websites on their mobile phones. I know I should think about the azure colored sea and sandy beaches waiting for us, but there was something about those links not opening in any browser, including the Intune Managed Browser. Do you have app protection policies configured and users complaining they receive a “No available apps”error when trying to open a URL? Then I hope this post helps a little. In a previous post I wrote about managing BYOD devices with Intune MAM policies and I suggest you read that if all this is new to you.

Intune App Protection Policies

I started reviewing the policies configured and reading up on the documentation. Please see a screenshot for the configuration I started off with.

  • Navigate to >Azure Portal> Intune> Mobile Apps> App protection policies
  • Open the policy in question
  • Click on Policy settings

Notice the following settings:

  • “Allow app to transfer data to other apps” has been set to “Policy managed apps”
  • “Restrict web content to display in the Managed Browser” has been set to “No”

Intune App Protection Policy

User experience on Mobile without Intune Managed Browser

I’ll get back on the Policy settings but before I continue, I had to see myself so I enrolled a test Android device to MDM and made sure the policies are applied to my device. Then I tried to open any URL to see what would happen.

Intune No available apps Like all affected users I cannot open a URL. Even after installing the Intune Manged Browser I got the same error “No available apps. There are no apps on this device that your organization allows to open this content. Contact your IT administrator for help.”

So this is annoying at the very least. The first thing I did was to set the restrict web content to display in the Managed Browser setting to Yes, sync the policy and try again. Now I can open URL’s with the Intune Managed Browser. (Make sure the Managed Browser is installed)

Why did this work? It’s the Allow app to transfer data to other apps setting. This policy impacts the behavior of web content and when set to policy managed apps, then http links will only be able to open in the Managed Browser.

Since the restrict web content to display in the Managed Browser was set to No there are no other apps that can open URL’s and the users will see this error.

 

You can read the Microsoft documentation about Android app protection policy settings in Microsoft Intune for more info.

Android app protection policy settings

Like most of us the administrator started out and configured the settings to the best of his knowledge. He did read How to create and assign app protection policies but did not read about all the possible settings and the impact some of them have. We now have the settings configured like this:

Intune Managed Browser

Summary

If you do want to configure the Allow app to transfer data to other apps setting, you will have to think about other implications as well. You might for example want to add Data Transfer Excemptions to allow data transfer between apps. In most cases configuring this policy setting to Allow all apps will work but if you are concerned about data leaks you might want a little more restricting setting.

 

 

3 1 vote
Article Rating

Oktay Sari

#Microsoft365 | #Intune |#MEM | #Security | Father | #Diver | #RC Pilot & #Magician in spare time | Microsoft MVP

Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

5 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Mihai
Mihai
5 years ago

Hi, I get the same error but in my case the the Restrict web content to display in the Managed Browser setting is Yes and Allow app to transfer data to other apps is set for Policy Managed Apps. There may be a bug with the chrome experience when chrome is set at default browser https://blogs.technet.microsoft.com/intunesupport/2018/07/11/support-tip-intune-app-android-and-the-managed-browser/
Have you encounter such issues?

Simon Skotheimsvik
Simon Skotheimsvik
5 years ago

Great article. I have a situation with urls pointing to services where the Android OS will start a third party app like Twitter. The URL (https://twitter.com/etc….) can be opened manually by typing it in the managed browser, but it can’t be accessed directly from Outlook, Teams or any other managed application. I would love to find a way of opening these kind of URL’s in the managed browser instead of failing in the launch of the unsecure app.

Matteus
Matteus
3 years ago

Anyone worked out how to manage JPG attachments? There doesn’t seem to be an approved MDM app for this file type (other than use Outlook’s built in viewer).