EWUG.dk

EWUG.dkEVERYTHING WINDOWS USER GROUP DENMARK20 JANUARY 2016

EWUG.dk

Notes from the trenchesHow to get around Windows 10 management in a cloud only world.

Per Larsen, Senior ConsultantBlog: https://osddeployment.wordpress.com/Twitter: @PerLarsen1975LinkedIn: http://dk.linkedin.com/in/perlarsen1975

EWUG.dk

Agenda

How to auto enroll Windows 10 into Microsoft Intune with Azure AD join (Experience with coexistence of MDM authority)

Azure AD join – what is two-step verification/Microsoft Passport Microsoft Intune and MDM joined devices

Limitations Software Deployment What are OMA-URI, policy CSP and how to use OMA-URI for configuration.

Windows Store for Business

How to get around Windows 10 management in a cloud only world.

EWUG.dk

Devices | Windows 10 | Cloud

Why Azure AD Join and MDM enrollment

EWUG.dk

Exchange ActiveSync

Mobile Device Management via OMA-DM

Enterprise Management

Governance

Full Control

Device Desktop

Device Screen

The strategy

EWUG.dk

How to auto enroll Windows 10 into Microsoft Intune with Azure AD join

Requirements Azure AD Premium

Settings in Azure AD AzureAD Maximum number of devices per user = 20 Intune Maximum number of devices per user = 5

Intune - Custom URI settings for Windows 10 devices Experience/AllowManualMDMUnenrollment

How to AzureAD Join a Windows 10 device Demo

Experience with coexistence of MDM authority

EWUG.dkAzure Active Directory Join – Windows 10 only features

Free/basic Premium

Join a device to Azure AD, Desktop SSO, Microsoft Passport for Azure AD, Administrator Bitlocker recovery

MDM auto-enrolment, Self-Service Bitlocker recovery, Additional local administrators to Windows 10 devices via Azure AD Join

EWUG.dk

Azure AD join – what is two-step verification/Microsoft Passport

What is Microsoft Passport Microsoft Passport is set up on the user's device The user sets a gesture, which can be Windows Hello or a PIN

Requirements for Microsoft Passport Initial two-step verification during Microsoft Passport enrollment How to disable or configure Microsoft Passport (Intune)

EWUG.dkMicrosoft Intune and MDM joined devicesLimitations

Intune Client MDM

Software Deployment

Software Update

Endpoint Protection

EWUG.dkMicrosoft Intune and MDM joined devicesLimitations

Intune Client MDM

Inventory

Policy

EWUG.dk

What are OMA-URI, policy CSP and how to use OMA-URI for configuration.Open Mobile Alliance Device Management (OMA DM) and OMA Client Provisioning

Policy CSPhttps://msdn.microsoft.com/en-us/library/windows/hardware/dn904962(v=vs.85).aspx

Custom URI settings for Windows 10 deviceshttps://technet.microsoft.com/en-us/library/mt126215.aspx

EWUG.dk

Demo

InventorySoftware

Deployment

Policy

EWUG.dk

Windows Store for Business

EWUG.dk

Usefull links

Office 365 Portal https://portal.office.com

AzureAD Portal https://manage.windowsazure.com

Intune Admin portal https://manage.microsoft.com

Intune User portal https://portal.manage.microsoft.com

Windows Store for Business https://businessstore.microsoft.com/

EWUG.dk

Thank you