Apple 策略：应用与配置信息

~~This section documents how to configure managed applications and account payloads for~~本部分记录了如何配置 Apple ~~devices.~~设备的托管应用和账户负载。

应用管理

~~The~~ ~~App management~~应用管理 ~~panel contains both general app-related restrictions and a list of managed apps.~~面板包含有关应用的通用限制以及托管应用的列表。

General app restrictions常规应用限制

~~Allow app clips~~允许应用片段
~~Allow app installation~~允许应用安装
~~Allow app removal~~允许卸载应用
~~Allow automatic app downloads~~允许自动应用下载
~~Allow apps to be hidden~~允许隐藏应用
~~Allow apps to be locked~~允许锁定应用
~~Allow In-App Purchases~~允许应用内购买

Managed apps管理应用

~~Use~~使用 ~~Add application~~添加应用 ~~to add an app to the policy. Each managed app is displayed as a card. You can expand the card to edit its settings and remove the app using the delete action.~~以将应用添加到策略。每个管理应用都显示为卡片。您可以展开卡片以编辑其设置并使用删除操作删除应用。

~~App Store~~应用商店 ID: ~~the~~受管应用的 App Store ~~identifier of the managed app.~~标识符。
Bundle ID: ~~the app bundle identifier.~~应用捆绑包标识符。
~~Install behavior~~安装行为: ~~controls whether the app must remain installed or can be installed/removed by the user.~~ 控制应用是否必须保持安装状态，或由用户安装/卸载。
~~Assignment~~分配~~: license assignment type.~~：许可证分配类型。
VPP ~~license~~许可证:：用于通过 App Store 安装的 VPP ~~license type used for installation through the App Store.~~许可证类型。

Accounts账户

The ~~Accounts~~账户 ~~panel~~面板允许您配置应用于托管设备的帐户。 ~~lets you configure accounts that are applied to managed devices. It also includes a restriction toggle for account modification.~~它还包含帐户修改的限制开关。

Restriction限制

~~Allow account modification~~允许帐户修改~~: when disabled, users cannot modify accounts such as Apple Accounts and internet accounts.~~ ：禁用时，用户无法修改Apple帐户和互联网帐户等帐户。

Add accounts添加帐户

~~Use~~使用 ~~Add~~添加 Google ~~account~~帐户 or或 ~~Add~~添加邮件帐户，以将帐户负载添加到策略。 ~~mail account~~ ~~to add account payloads to the policy. Each account appears as a card with its configuration fields.~~ 每个帐户都显示为带有其配置字段的卡片。

Account credentials from users用户帐户凭据

~~Both~~ Google ~~and~~和 Mail ~~account cards provide a~~帐户卡都提供了一个 ~~Account credentials from users~~用户帐户凭据 ~~toggle. When enabled, the system applies account credentials on a per-user basis. When disabled, you enter the account identity in the policy.~~切换开关。启用时，系统将基于每个用户应用帐户凭据。禁用时，您需要在策略中输入帐户身份。

Google account fields帐户字段

~~Visible name~~可见名称: ~~the name shown to the user for the account.~~向用户显示的帐户名称。
Google ~~email address~~邮箱地址: ~~the user email address.~~用户邮箱地址。
~~Full name~~全名: ~~the user’s full name.~~用户的全名。

Mail account fields邮件帐户字段

~~Mail accounts include identity fields plus incoming/outgoing server configuration. Host names are required.~~邮件帐户包含身份字段，以及来信/发信服务器配置。需要主机名。

~~Visible name~~可见名称：向用户显示的邮件帐户名称。
电子邮件地址：用户邮箱地址。
全名: ~~the name shown to the user for the mail account.~~
~~Email address~~~~: the user email address.~~
~~Full name~~~~: the user’s full name.~~用户的全名。

Incoming server接收服务器

~~Server type~~服务器类型: ~~mail protocol (for example~~邮件协议（例如 IMAP or或 ~~POP).~~POP）。
~~Authentication Method~~认证方式: ~~authentication method for the server.~~服务器的认证方式。
~~IMAP path prefix~~IMAP路径前缀: ~~shown only when Server type is IMAP.~~仅当服务器类型为IMAP时显示。
~~Host name~~主机名~~: required.~~：必需。
~~Port~~端口~~: server port (~~：服务器端口（1–~~65535).~~65535）。

Outgoing server出站服务器

~~Authentication Method~~身份验证方式
~~Host name~~主机名~~: required.~~：必需。
~~Port~~端口~~: server port (~~：服务器端口（1–~~65535).~~65535）。

S/MIME options选项

~~For Mail accounts, you can also configure~~对于邮件帐户，您还可以配置 S/MIME ~~encryption and signing behavior.~~加密和签名行为。

Encryption加密

S/MIME ~~encryption~~加密
~~Identity user-overrideable~~可由用户覆盖的身份
~~Per-message switch enabled~~每条消息开关已启用
~~User overrideable~~用户可覆盖

Signing签署

S/MIME ~~Signing~~签名
~~Identity user-overrideable~~可由用户覆盖的身份
~~User overrideable~~用户可覆盖

~~Account and restriction options include tooltips in the dashboard that document prerequisites and supported OS versions.~~帐户和限制选项包含仪表盘提示，其中记录了先决条件和支持的操作系统版本。