Special Notices

Please note: This course is currently under development as such, elements of the syllabus may be subject to change

This 2-day course will introduce the concepts of Modern Desktop and Mobile Device and application Management and then demonstrate the capabilities of Microsoft Intune to deliver these capabilities. This course is designed for companies and individuals that are looking to use Microsoft Intune as a standalone service rather than in a co-existence with System Centre Configuration Manager (SCCM).

Target Audience

The course is designed for individuals that will be responsible for setting up a Microsoft Intune subscription and then configuring the subscription to manage Windows, iOS and Android devices as part of an MDM solution.

The course touches a number of technology areas including Active Directory, Cloud Services (SaaS), Windows, mobile device OSes, Application deployment, networking and Public Key Infrastructure. The course requires attendees to be technically competent with either Windows 10 or Windows Server 2016 and whereas the course does not require any detailed technical requirements it would be an advantage to have skills is some or all of those areas listed above.

Module 1 – Introduction to Mobile Device Management
Learning Objectives: Review the history of Mobile Device Management, including highlighting industry players, examining the feature set of Microsoft Enterprise Mobility Suite (EMS) and then focus on Microsoft Intune including an overview using Intune in co-existence mode. Towards the end of the module high level project plans will be discussed to enable onboarding and administration of Microsoft Intune, including Role Based Administration Control (RBAC) and general MDM services into and organization. Discuss Microsoft support notices for Intune changes and how to raise support tickets with Microsoft. At the end of this module attendees will have deployed a Microsoft Intune subscription and set the MDM Authority. They will also have configured Role based administration based on their deployment plan

Lab activities: Attendees will register for a Microsoft Intune trial subscription and configured the MDM Authority and reviewed the basic user interface components. They will then use their implementation plan to configure some global Intune settings and enable the Microsoft Store for Business for their tenancy.

Module 2 – Preparing for Intune
Learning Objectives: During this module we will look at integrating Intune with exiting user access and controls. We will discuss and highlighting using Intune authentication services with and without integrating Active Directory and the use of Multi Factor Authentication with Azure Active Directory. We will also look at some initial Configuration and implement Enrolment Restrictions.

Lab activities: Having registered for a subscription in Module 1 attendees will now synchronize an on-premise Active Directory to Microsoft Intune as well as create some Intune only users. Having established a user set, RBAC will be configured, licenses will be allocated and a group will be created to enable pilot testing of Microsoft Intune to a test group based on our deployment plan from Module 1. We will also do some initial configuration of enrolment restrictions

Module 3 – Onboarding Mobile Devices: Application Protection (MAM) and Device Enrolment
Learning Objectives: After creating a Microsoft Intune subscription the next step is to onboard some test devices. During this module attendees will be introduced lifecycle management of devices and applications and then onto the different onboarding processes for devices. We will start this module by looking at the features of Application Protection (MAM) without enrolment, for support of Bring-Your -Own-Device (BYOD) and explore the configuration options available. Then we will move on to discuss the enrolment of fully managed corporate devices. We will also introduce the conceptual differences between Mobile Application Management (MAM) and Mobile Device Management (MDM) which will be explored further in Module 4. As part of the onboarding process the compliance policy settings will be review to understand what settings can be used to ensure a device is compliant to the organizations policies for being able to access corporate resources. When managing devices organization will need to consider different devices types and configurations. This module will review purchase programs (e.g. Apple DEP) and management technologies including Android at Work and how these are configures in Intune.

Lab activities: In this lab attendees will configure iOS and Android devices for MAM as BYOD and then configure Enrolment Policies and Enrolment Restrictions. They will then onboard Android, iOS and Windows devices.

Module 4 – Device Management Policies
Learning Objectives: In module 4 delegates will explore Mobile Device Management policies for iOS Android and Windows Devices, including device specific policies such as WiFi, VPN etc. We will also explore the use of Compliance and Conditional access policies.

Lab activities: This lab will demonstrate the creation of device, compliance and conditional access policies and test the effectiveness of those polices. This will include exploring the user experiences on different devices.

Module 5 – Deploying Applications to devices
Learning Objectives: With devices now onboarded and compliance polices in effect the attendee will start to investigate Application deployment. During this module attendees will see how to deploy applications from Vendor stores, as well as In-house applications.

Lab activities: During the lab attendees will enroll applications for deployment in Intune and then deploy the applications to Windows, iOS and Android operating systems.

Module 6 – Additional Planning, Managing and Maintaining Intune
Learning Objectives: During Module 6 the attendee will be present with the best approach from Microsoft of onboarding Intune into an organization developing Rollout and Support plans as well as designing the Intune policies. We will also explore tools such as MMAT for mapping GPO to MDM policies and the Policy CSP for adding some addition GPO support as well as Debug and Diagnostic techniques.

Lab activities: Examining debug logs and troubleshooting Script deployment
The course touches a number of technology areas including Active Directory, Cloud Services (SaaS), Windows, mobile device OSes, Application deployment, networking and Public Key Infrastructure. The course requires attendees to be technically competent with either Windows 10 or Windows Server 2016 and whereas the course does not require any detailed technical requirements it would be an advantage to have skills is some or all of those areas listed above.