Difference between revisions of "Intune Notes"

From Max's Wiki
Jump to navigation Jump to search
Line 118: Line 118:
 
*All Users
 
*All Users
 
*All Devices
 
*All Devices
 +
 +
==Setting MDM Authority==
 +
*Setting the MDM Authority
 +
*Installing an Apple APN certificate
 +
*Configuring DNS for Windows devices
 +
*Configuring the company portal
 +
*Miscellaneous settings

Revision as of 22:35, 21 December 2017

Azure

  • Intune - Cloud Based -> EMM (Enterprise Mobility Management) Space
    • Mobile Devices & Apps
    • Protects Company Info
    • Ensures Devices & Apps are compliant

In a nutshell:

  1. Protect your on-premises email and data so that it can be accessed by mobile devices
  2. Protect your Office 365 mail and data so that it can be safely accessed by mobile devices
  3. Issue corporate-owned phones to your workforce
  4. Offer a bring-your-own-device (BYOD) or personal device program to all employees
  5. Enable your employees to securely access Office 365 from an unmanaged public kiosk
  6. Issue limited-use shared tablets to your task workers

How does it work?

Map here: https://docs.microsoft.com/en-us/intune/media/intunearchitecture.svg

  • Intune = component of EMS (Enterprise Mobility & Security) that manages mobile devices and apps. Integrates with Azure AD. With O365, you can enable users to be productive on any device, and keeping the organization's information protected.

Intune device management explained

  • Enrolling devices into management so your IT department has an inventory of devices that are accessing corporate services
  • Configuring devices to ensure they meet company security and health standards
  • Providing certificates and Wi-Fi/VPN profiles to access corporate services
  • Reporting on and measuring device compliance to corporate standards
  • Removing corporate data from managed devices

Intune app management explained

  • Assigning mobile apps to employees
  • Configuring apps with standard settings that are used when the app runs
  • Controlling how corporate data is used and shared in mobile apps
  • Removing corporate data from mobile apps
  • Updating apps
  • Reporting on mobile app inventory
  • Tracking mobile app usage

Managing Mobile Apps Explained Map = https://docs.microsoft.com/en-us/intune/media/managing-mobile-apps.png

Managing PCs and Devices with Microsoft Intune

  • MDM & PC management features
  • Intune
  • Enrollment & the company portal
  • Manage mobile devices and PCs

Portal Overview 12/21/17

Main

  • Overview
    • A look over device statuses, device assignments errors, app installation failures, and Quick tasks
  • Quick Start
    • A top level overview of commonly used tasks/details

Manage

  • Device enrollment
    • Enroll devices
  • Device compliance
    • N/A at this time (Not loading)
  • Device configuration
    • N/A at this time (Not loading)
  • Devices
    • Device overview, manage, monitor, and connect with TeamViewer
  • Mobile Apps
    • Manage, Setup, and Monitor apps
  • eBooks
    • Manage, Monitor, and setup eBooks
  • Conditional Access
    • The ability to enforce access requirements when specific conditions occur (Poolcies, Exchange ActiveSync, and Logs)
  • On-premises access
    • Manage, monitor, and setup Exchange the ActiveSync connector
  • Users and Groups
    • Manage, and monitor users, and user groups
  • Intune roles
    • View and manager user roles
  • Software updates
    • Manage and monitor updates for devices

Help and Support

  • Help and Support
    • Troubleshoot a user/device and Get help and support

Three Management Pillars

  • MAM = Mobile Application Management and security
  • MDM = Mobile Device Management and security
  • PC Management = Windows desktops, laptops, tablets and other devices

The Life of a Managed Device:

Enrollment, Configuration, Protection, and Retirement

Managing users for Intune

  • O365 Portal
  • Intune Admin Portal
  • Azure AD Portal
  • Powershell

User Deletion

How to troubleshoot deleted user accounts in Office 365, Azure, and Intune

Object deletions aren't synchronized to Azure AD when using the Azure Active Directory Sync tool

User Roles

Role-based administration control (RBAC) with Intune

Creating Groups for Intune

Parent Groups

  • All groups have a parent
  • Cannot change the parent
  • Deleting the parent deletes the children
  • Parent membership restricts child membership
  • New member added to child group is also added to parent group
  • Unless there's explicit exclusion defined on the parent

Membership types:

  • Assigned to create group with manually assigned members.
  • Dynamic User to create a user group defined with a Dynamic query.
  • Dynamic Device to create a device group defined with a Dynamic query.

Built-In Groups:

  • All Users
  • All Devices

Setting MDM Authority

  • Setting the MDM Authority
  • Installing an Apple APN certificate
  • Configuring DNS for Windows devices
  • Configuring the company portal
  • Miscellaneous settings
Retrieved from "http://manaiakalani.info/wiki/index.php?title=Intune_Notes&oldid=10019"