The document discusses Microsoft Intune and device management capabilities. It provides an overview of Intune's management of PCs, mobile phones and tablets including application management, patch management and antivirus. It also discusses options for mobile device management including direct enrollment of devices and management through Exchange ActiveSync. Requirements and capabilities for managing different device platforms like Windows, iOS and Android are outlined. The document demonstrates Intune's management of PCs, identity management and mobile device management features.
9. Cloud Management Capabilities
Capability / Platform Windows 8
Application management
Endpoint Protection
Hardware Inventory
Software Inventory
Remote control
Reporting
Software updates
Compliance settings
3
2
Windows
7,Vista,XP
2
Windows Windows Phone
RT
8
iOS
O
1
3
O
2
O
1
O
O
2
O
1
O
O
2
Android
O
1
O
O
2
1 = Managed applications only
2 = Compliance reporting but no remediation
automation
3 = Via Remote Assistance
10. Unified Management Capabilities
Capability/Platform
Application
management
Endpoint Protection
Windows Windows
8
7, Vista,XP
Windows
Embedded
Windows To Mac
Go
OS
Windows Windows
RT
Phone 8 iOS Android
Compliance settings
O
O
O
2
5
3
O
2
O
3
O
2
O
4
3
O
1
2
O
O
3
OS deployment
N/A
O
N/A
N/A
N/A
N/A
Out of band
management
N/A
N/A
O
N/A
N/A
N/A
N/A
O
O
O
O
O
O
O
O
O
O
Hardware Inventory
Software Inventory
Remote control
Reporting
Software updates
Power management
Software metering
1 = Basic information only through Exchange ActiveSync
2 = Managed applications only
3 = Compliance reporting but no remediation automation
4 = Device User has to accept the update
5 = Via Remote Assistance
11. In Short:
•
More Supported Clients
•
•
•
•
•
•
•
•
•
Windows Servers
Windows Embedded
Windows To Go
Mac OS
Linux
OS Deployment
Software Metering
Compliance
Etc.
12. More Unified Management
• Wally Mead:
• Deploying a System Center 2012 R2 Configuration
Manager Environment to Manage Mobile Devices
• Managing Mobile Devices with System Center 2012
R2 Configuration Manager and Windows Intune
17. Syncing AD Too Intune (& Office365)
• Windows Azure Active Directory Sync Tool
• Windows Server Essentials
• ADFS - SSO
http://technet.microsoft.com/en-us/library/hh852469.aspx
18. Windows Server Essentials Feature
DC
• Only 1 Domain Controller
• Feature Must Run On Domain Controller
23. Direct Mobile Device Management VS. Exchange ActiveSync
Direct MDM
EAS
Implementation
Managed directly from the cloud using the native
management capabilities in the device
Managed from Exchange Server through the cloud using
EAS
Requirements
Integrated into Windows Intune
Exchange Server 2010
Connector
None
Exchange Server Connector
Security Layer
Operating System
Application
Capability
(dependent on
platform)
•
•
•
•
•
•
App Distribution
Windows 8 Apps Distribution (Self-Service App)
Line-of-business application distribution through
company portal (iOS)
Hardware inventory
Policy Settings Management
Pull Software Distribution
Device Wipe (iOS and Windows Phone)
Compliance Monitoring
iCloud policy control (iOS only)
•
•
•
•
Basic settings
Pull software distribution
Device wipe (iOS and Windows Phone)
Mailbox wipe (Windows 8 and Windows RT)
Line-of-business application distribution through Web
company portal
24. Direct Mobile Device Management Prerequisites
Windows RT
Infrastructure
Requirements
Windows Phone 8
iOS
EAS Based Devices
(Android)
•
Domain name for
enrollment
server address
•
•
Domain name for enrollment
server address
•
Registration with Apple
Developer Program
•
Exchange 2010 Server
Sideloading Key
Code-signing certificate
(optional)
•
Windows Phone Dev Center
Company account
Enterprise Mobile Code
Signing Certificate
•
Apple Push Notification
(APN) certificate
Apple Developer Enterprise
Program
•
Exchange Connector for
ConfigMgr
•
Deployment
Requirements
End user
Interface
•
•
Company Portal application +
Web-based
•
Company Portal application +
Web-based
•
Company Portal application +
Web-based
Company Portal application + Webbased
25. Direct Mobile Device Management Prerequisites
Windows RT
Infrastructure
Requirements
Windows Phone 8
iOS
EAS Based Devices
(Android)
•
Domain name for
enrollment
server address
•
•
Domain name for enrollment
server address
•
Registration with Apple
Developer Program
•
Exchange 2010 Server
Sideloading Key
Code-signing certificate
(optional)
•
Windows Phone Dev Center
Company account
Enterprise Mobile Code
Signing Certificate
•
Apple Push Notification
(APN) certificate
Apple Developer Enterprise
Program
•
Exchange Connector for
ConfigMgr
Windows Intune
•
Deployment
Requirements
End user
Interface
•
•
Company Portal application
•
Company portal application
•
Web-based company portal
•
Depends on platform
26. Preparing For MDM
Intune Configuration
• Configure Mobile Device
Management Authority
•
Configure Direct Management For
•
•
•
•
Windows RT
Windows Phone 8
iOS
Exchange
Device Configuration
• Company Portal
•
•
•
App
Web
Define Owner
30. Testing Windows Phone 8
• Support Tool for Windows Intune Trial
Management of Window Phone 8
•
http://www.microsoft.com/en-us/download/details.aspx?id=39079
34. Prerequisite For Deploying Software
• Installation Files Must:
• Include a single .exe or msi installation file
• Include any supporting files and subfolders in a
single folder structure
• Support silent installation
• No files larger then 3 GB
38. Testing Intune
• Free 30 Day Trial
•
http://www.microsoft.com/en-us/windows/windowsintune/try.aspx
• Bring Your Own Device (BYOD) Test Lab
Guides - Series v1.2
•
http://www.microsoft.com/en-us/download/details.aspx?id=38778
39. Please evaluate the session
before you leave
Olav Tvedt
MVP - Software Packaging, Deployment & Servicing
Twitter: @olavtwitt – Blog: http://olavtvedt.blogspot.com