Difference between revisions of "Intune"
Jump to navigation
Jump to search
(Created page with "__FORCETOC__ =Creating your tenant= ==Trials== Sign up for trials: *Intune (30 Days) - https://docs.microsoft.com/en-us/intune/free-trial-sign-up *EMS (90 Days) - https://ww...") |
|||
| (20 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
__FORCETOC__ | __FORCETOC__ | ||
| + | |||
| + | =What's New/Blogs= | ||
| + | *https://techcommunity.microsoft.com/t5/Intune-Customer-Success/bg-p/IntuneCustomerSuccess | ||
=Creating your tenant= | =Creating your tenant= | ||
| Line 8: | Line 11: | ||
*EMS (90 Days) - https://www.microsoft.com/en-us/cloud-platform/enterprise-mobility-security-trial | *EMS (90 Days) - https://www.microsoft.com/en-us/cloud-platform/enterprise-mobility-security-trial | ||
*O365 E3 - https://products.office.com/en-us/business/office-365-enterprise-e3-business-software | *O365 E3 - https://products.office.com/en-us/business/office-365-enterprise-e3-business-software | ||
| + | |||
| + | ==Network Requirements== | ||
| + | https://docs.microsoft.com/en-us/intune/network-bandwidth-use | ||
=Configuring your tenant= | =Configuring your tenant= | ||
| Line 19: | Line 25: | ||
###Apple enrollment | ###Apple enrollment | ||
| − | ==Mobile Application Management== | + | ==Mobile Application Management (MAM)== |
| + | #Intune | ||
| + | #Mobile Apps | ||
| + | #App Protection Policies | ||
| + | |||
| + | =Enrollment= | ||
| + | ==MFA== | ||
| + | *https://docs.microsoft.com/en-us/intune/multi-factor-authentication | ||
| + | |||
| + | ==iOS== | ||
| + | *https://docs.microsoft.com/en-us/intune/apple-configurator-enroll-ios | ||
| + | *https://techcommunity.microsoft.com/t5/Intune-Customer-Success/How-To-Enroll-any-iOS-11-or-above-device-using-the-Apple-Device/ba-p/280068 | ||
| + | |||
| + | ==Android== | ||
| + | |||
| + | ==Windows== | ||
| + | ===Status=== | ||
| + | AD Join - Corporate | ||
| + | Workplace Join - BYOD | ||
| + | |||
| + | [https://docs.microsoft.com/en-us/windows/client-management/mdm/mdm-enrollment-of-windows-devices#connecting-your-windows-10-based-device-to-work-using-a-deep-link Deeplink] | ||
| + | ms-device-enrollment:?mode={mode_name} | ||
| + | Example = ms-device-enrollment:?mode=mdm | ||
| + | |||
| + | ===AutoPilot=== | ||
| + | #https://docs.microsoft.com/en-us/intune/enrollment-autopilot | ||
| + | #https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows-10-autopilot | ||
| + | #https://www.powershellgallery.com/packages/Get-WindowsAutoPilotInfo/1.2/DisplayScript | ||
| + | |||
| + | *https://docs.microsoft.com/en-us/windows/client-management/mdm/mdm-enrollment-of-windows-devices | ||
| + | |||
| + | ===Troubleshooting=== | ||
| + | *https://blogs.technet.microsoft.com/configmgrdogs/2018/08/09/troubleshooting-windows-10-intune-policy-failures/ | ||
| + | *https://social.technet.microsoft.com/Forums/en-US/130f178f-b067-4979-acd7-dc3a4a22e36c/cannot-enroll-a-device-in-mdm-intune-with-standard-domain-user-account?forum=microsoftintuneprod | ||
| + | *https://support.microsoft.com/en-us/help/4469913/troubleshooting-windows-device-enrollment-problems-in-microsoft-intune | ||
| + | *https://techcommunity.microsoft.com/t5/Intune-Customer-Success/Meeting-Apple-s-New-Requirements-for-Application-Transport/ba-p/279944 | ||
| + | *https://github.com/jchri/ProbeTLSforATS | ||
| + | *https://social.technet.microsoft.com/Forums/en-US/130f178f-b067-4979-acd7-dc3a4a22e36c/cannot-enroll-a-device-in-mdm-intune-with-standard-domain-user-account?forum=microsoftintuneprod | ||
| + | |||
| + | ====Enum Type==== | ||
| + | *https://docs.microsoft.com/en-us/graph/api/resources/intune-shared-deviceenrollmenttype?view=graph-rest-1.0 | ||
| + | *https://github.com/microsoftgraph/microsoft-graph-docs/blob/master/api-reference/v1.0/resources/intune-devices-deviceenrollmenttype.md | ||
| + | *https://github.com/microsoftgraph/microsoft-graph-docs/blob/master/api-reference/beta/resources/intune-enrollment-enrollmentstate.md | ||
| + | |||
| + | =Device Compliance= | ||
| + | *https://azureinfohub.azurewebsites.net/contentitems/Details/593295 | ||
| + | *https://docs.microsoft.com/en-us/intune/compliance-policy-create-android-for-work#encryption | ||
| + | |||
| + | =Remote Tasks= | ||
| + | *[https://blogs.technet.microsoft.com/matt_hinsons_manageability_blog/2017/07/26/intune-passcode-reset-microsoft-pin-reset-service/ Intune – Passcode Reset and Microsoft PIN Reset Service] | ||
| + | *[https://docs.microsoft.com/en-us/intune/device-windows-pin-reset Reset the passcode on Windows devices using Intune] | ||
| + | |||
| + | =Other= | ||
| + | |||
| + | =Android Enterprise= | ||
| + | |||
| + | ==Work Profile== | ||
| + | https://social.technet.microsoft.com/Forums/en-US/13de10f8-210a-41b3-b49b-d82fbe768faf/android-for-work-contacts-profiles?forum=microsoftintuneprod | ||
| + | |||
| + | ==Logs== | ||
| + | #Event Viewer | ||
| + | #View Menu | ||
| + | #View Analytic and Debug Logs | ||
| + | #Applications and Services Logs | ||
| + | ##Microsoft | ||
| + | ##Windows | ||
| + | ##DeviceManagement-Enterprise-Diagnostics=Provider | ||
| + | ##Debug | ||
| + | #Enable Log and preform actions | ||
| + | |||
| + | ===Audit Logs=== | ||
| + | *https://docs.microsoft.com/en-us/intune/monitor-audit-logs | ||
| + | |||
| + | ==Conditional Access== | ||
| + | *https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/conditions#legacy-authentication | ||
| + | *https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview | ||
| + | *https://docs.microsoft.com/en-us/intune/conditional-access | ||
| + | *https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition#location-condition-configuration | ||
| + | *https://social.technet.microsoft.com/Forums/en-US/c99f5efd-50c5-4a69-b500-261da97011f7/intune-conditional-access-named-locations-trusted-ips-not-working | ||
| + | *https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition | ||
| + | *https://docs.microsoft.com/en-us/intune/app-configuration-managed-browser#conditional-access-for-protected-browsers | ||
| + | |||
| + | ==Email settings== | ||
| + | *https://docs.microsoft.com/en-us/intune/email-settings-ios | ||
| + | *https://docs.microsoft.com/en-us/intune/email-settings-configure | ||
| + | *https://docs.microsoft.com/en-us/sccm/mdm/deploy-use/create-exchange-activesync-profiles | ||
| + | *https://docs.microsoft.com/en-us/intune/exchange-connector-install | ||
| + | *https://blogs.technet.microsoft.com/configmgrdogs/2017/10/31/android-7-nougat-removes-remote-password-reset/ | ||
| + | *https://social.technet.microsoft.com/Forums/en-US/e21f6ae1-8977-486d-8ab5-88cd1c94385b/office-365-email-profile-push-from-intune-to-ios-device-configuration-for-users-with-mfa?forum=microsoftintuneprod | ||
| + | *https://docs.microsoft.com/en-us/intune/exchange-service-connector-configure#set-up-the-service-to-service-connector | ||
| + | |||
| + | ==OMA-URI== | ||
| + | *[https://blogs.technet.microsoft.com/senthilkumar/2018/05/21/intune-deploying-admx-backed-policies-using-microsoft-intune/ Blog - Intune: Deploying ADMX-Backed policies using Microsoft Intune] | ||
| + | |||
| + | ==Mobile Apps== | ||
| + | |||
| + | ===App Protection Exceptions=== | ||
| + | *[https://docs.microsoft.com/en-us/intune/app-protection-policies-exception How to create exceptions to the Intune Mobile Application Management (MAM) data transfer policy] | ||
| + | *[https://support.microsoft.com/en-us/help/4294074/how-to-find-the-bundle-id-for-an-ios-app How to find the bundle ID for an iOS app] | ||
| + | |||
| + | ===Troubleshooting=== | ||
| + | *https://blogs.technet.microsoft.com/microscott/intune-app-installation-reports-explained/ | ||
| + | *https://techcommunity.microsoft.com/t5/Intune-Customer-Success/Error-Codes-For-Troubleshooting-App-Installation-Issues/ba-p/280113 | ||
| + | *https://techcommunity.microsoft.com/t5/Intune-Customer-Success/Support-Tip-Intune-email-profiles-and-certificates/ba-p/281419 | ||
| + | *https://docs.microsoft.com/en-us/intune/troubleshoot-company-resource-access-problems | ||
| + | |||
| + | =PowerShell= | ||
| + | *https://github.com/microsoftgraph/powershell-intune-samples | ||
| + | |||
| + | Set-ExecutionPolicy Unrestricted | ||
| + | Set-ExecutionPolicy Restricted | ||
| + | |||
| + | *Install-Module AzureAD | ||
| + | *Install-Module WindowsAutoPilotIntune | ||
| + | *Import-Module WindowsAutoPilotIntune | ||
| + | *Connect-AutopilotIntune (Has been deprecated) Use: Connect-MSGraph | ||
| + | *Get-AutoPilotDevice | ||
| + | |||
| + | =GraphAPI= | ||
| + | *https://developer.microsoft.com/en-us/graph/graph-explorer# | ||
| + | |||
| + | =Development= | ||
| + | *https://docs.microsoft.com/en-us/intune/app-sdk-get-started | ||
| + | *https://docs.microsoft.com/en-us/intune/app-wrapper-prepare-android | ||
| + | *https://blogs.technet.microsoft.com/karanrustagi/2017/08/15/how-to-setup-android-emulator-using-android-studio/ | ||
Latest revision as of 23:53, 31 August 2020
What's New/Blogs
Creating your tenant
Trials
Sign up for trials:
- Intune (30 Days) - https://docs.microsoft.com/en-us/intune/free-trial-sign-up
- EMS (90 Days) - https://www.microsoft.com/en-us/cloud-platform/enterprise-mobility-security-trial
- O365 E3 - https://products.office.com/en-us/business/office-365-enterprise-e3-business-software
Network Requirements
https://docs.microsoft.com/en-us/intune/network-bandwidth-use
Configuring your tenant
Obtaining and installing Apple APN
https://docs.microsoft.com/en-us/intune/apple-mdm-push-certificate-get
- Azure Portal
- Intune Blade
- Manage -> Device Enrollment
- Apple enrollment
- Manage -> Device Enrollment
Mobile Application Management (MAM)
- Intune
- Mobile Apps
- App Protection Policies
Enrollment
MFA
iOS
- https://docs.microsoft.com/en-us/intune/apple-configurator-enroll-ios
- https://techcommunity.microsoft.com/t5/Intune-Customer-Success/How-To-Enroll-any-iOS-11-or-above-device-using-the-Apple-Device/ba-p/280068
Android
Windows
Status
AD Join - Corporate Workplace Join - BYOD
ms-device-enrollment:?mode={mode_name}
Example = ms-device-enrollment:?mode=mdm
AutoPilot
- https://docs.microsoft.com/en-us/intune/enrollment-autopilot
- https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows-10-autopilot
- https://www.powershellgallery.com/packages/Get-WindowsAutoPilotInfo/1.2/DisplayScript
Troubleshooting
- https://blogs.technet.microsoft.com/configmgrdogs/2018/08/09/troubleshooting-windows-10-intune-policy-failures/
- https://social.technet.microsoft.com/Forums/en-US/130f178f-b067-4979-acd7-dc3a4a22e36c/cannot-enroll-a-device-in-mdm-intune-with-standard-domain-user-account?forum=microsoftintuneprod
- https://support.microsoft.com/en-us/help/4469913/troubleshooting-windows-device-enrollment-problems-in-microsoft-intune
- https://techcommunity.microsoft.com/t5/Intune-Customer-Success/Meeting-Apple-s-New-Requirements-for-Application-Transport/ba-p/279944
- https://github.com/jchri/ProbeTLSforATS
- https://social.technet.microsoft.com/Forums/en-US/130f178f-b067-4979-acd7-dc3a4a22e36c/cannot-enroll-a-device-in-mdm-intune-with-standard-domain-user-account?forum=microsoftintuneprod
Enum Type
- https://docs.microsoft.com/en-us/graph/api/resources/intune-shared-deviceenrollmenttype?view=graph-rest-1.0
- https://github.com/microsoftgraph/microsoft-graph-docs/blob/master/api-reference/v1.0/resources/intune-devices-deviceenrollmenttype.md
- https://github.com/microsoftgraph/microsoft-graph-docs/blob/master/api-reference/beta/resources/intune-enrollment-enrollmentstate.md
Device Compliance
- https://azureinfohub.azurewebsites.net/contentitems/Details/593295
- https://docs.microsoft.com/en-us/intune/compliance-policy-create-android-for-work#encryption
Remote Tasks
- Intune – Passcode Reset and Microsoft PIN Reset Service
- Reset the passcode on Windows devices using Intune
Other
Android Enterprise
Work Profile
Logs
- Event Viewer
- View Menu
- View Analytic and Debug Logs
- Applications and Services Logs
- Microsoft
- Windows
- DeviceManagement-Enterprise-Diagnostics=Provider
- Debug
- Enable Log and preform actions
Audit Logs
Conditional Access
- https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/conditions#legacy-authentication
- https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview
- https://docs.microsoft.com/en-us/intune/conditional-access
- https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition#location-condition-configuration
- https://social.technet.microsoft.com/Forums/en-US/c99f5efd-50c5-4a69-b500-261da97011f7/intune-conditional-access-named-locations-trusted-ips-not-working
- https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition
- https://docs.microsoft.com/en-us/intune/app-configuration-managed-browser#conditional-access-for-protected-browsers
Email settings
- https://docs.microsoft.com/en-us/intune/email-settings-ios
- https://docs.microsoft.com/en-us/intune/email-settings-configure
- https://docs.microsoft.com/en-us/sccm/mdm/deploy-use/create-exchange-activesync-profiles
- https://docs.microsoft.com/en-us/intune/exchange-connector-install
- https://blogs.technet.microsoft.com/configmgrdogs/2017/10/31/android-7-nougat-removes-remote-password-reset/
- https://social.technet.microsoft.com/Forums/en-US/e21f6ae1-8977-486d-8ab5-88cd1c94385b/office-365-email-profile-push-from-intune-to-ios-device-configuration-for-users-with-mfa?forum=microsoftintuneprod
- https://docs.microsoft.com/en-us/intune/exchange-service-connector-configure#set-up-the-service-to-service-connector
OMA-URI
Mobile Apps
App Protection Exceptions
- How to create exceptions to the Intune Mobile Application Management (MAM) data transfer policy
- How to find the bundle ID for an iOS app
Troubleshooting
- https://blogs.technet.microsoft.com/microscott/intune-app-installation-reports-explained/
- https://techcommunity.microsoft.com/t5/Intune-Customer-Success/Error-Codes-For-Troubleshooting-App-Installation-Issues/ba-p/280113
- https://techcommunity.microsoft.com/t5/Intune-Customer-Success/Support-Tip-Intune-email-profiles-and-certificates/ba-p/281419
- https://docs.microsoft.com/en-us/intune/troubleshoot-company-resource-access-problems
PowerShell
Set-ExecutionPolicy Unrestricted Set-ExecutionPolicy Restricted
- Install-Module AzureAD
- Install-Module WindowsAutoPilotIntune
- Import-Module WindowsAutoPilotIntune
- Connect-AutopilotIntune (Has been deprecated) Use: Connect-MSGraph
- Get-AutoPilotDevice