in tune inaction
Post on 19-Oct-2014
1.201 views
DESCRIPTION
TRANSCRIPT
InTune InAction
Olav TvedtMVP - Software Packaging, Deployment & Servicing
Twitter: @olavtwitt – Blog: http://olavtvedt.blogspot.com
• Device Control• PC• Mobile Phones• Tablets
• Application Management• Overview• Reporting• Deployment
• Patch Management• Antivirus w/Management
3
THE MISSING PART
Microsoft Deployment Toolkit
• OS Deployment• Refresh• Upgrade• New
• Application Deployment• Can Deploy Using:
• PXE Boot• CD• USB
DEMO:
MDT MEDIA
CLOUD MANAGEMENTVS.
UNIFIED MANAGEMENT
www.windowsazure.com/en-us/solutions/identity
Cloud Management Capabilities
Capability / Platform Windows 8Windows 7,Vista,XP
Windows RT
Windows Phone 8 iOS Android
Application management
Endpoint Protection O O O O
Hardware Inventory
Software Inventory 1
1
1
1
Remote control 3
3
O O O
Reporting
Software updates O O O O
Compliance settings 2
2
2
2
2
2
1 = Managed applications only 2 = Compliance reporting but no remediation automation3 = Via Remote Assistance
Unified Management Capabilities
Capability/PlatformWindows
8Windows
7, Vista,XP
Windows Embedded
Windows To Go
Mac OS
Windows RT
Windows Phone 8 iOS Android
Application management
Endpoint Protection O O O O
Hardware Inventory 1
Software Inventory 2
2
2
2
Remote control O 5
O O O
Reporting
Software updates O 4
O
Compliance settings 3
3
3
3
OS deployment N/A O N/A N/A N/A N/A
Out of band management
N/A N/A O N/A N/A N/A N/A
Power management O O O O O
Software metering O O O O O
1 = Basic information only through Exchange ActiveSync2 = Managed applications only3 = Compliance reporting but no remediation automation4 = Device User has to accept the update5 = Via Remote Assistance
In Short:• More Supported Clients
• Windows Servers• Windows Embedded• Windows To Go• Mac OS• Linux
• OS Deployment• Software Metering• Compliance• Etc.
More Unified Management
• Wally Mead:
• Deploying a System Center 2012 R2 Configuration Manager Environment to Manage Mobile Devices
• Managing Mobile Devices with System Center 2012 R2 Configuration Manager and Windows Intune
PC MANAGEMENT
www.windowsazure.com/en-us/solutions/identity
PC Management
• Inventory
• Software Deployment
• Patch Management
• Antivirus Management
DEMO:
PC Management
IDENTITY MANAGEMENT
www.windowsazure.com/en-us/solutions/identity
Syncing AD Too Intune (& Office365)
• Windows Azure Active Directory Sync Tool
• Windows Server Essentials
• ADFS - SSO
http://technet.microsoft.com/en-us/library/hh852469.aspx
Windows Server Essentials Feature
DC
• Only 1 Domain Controller• Feature Must Run On Domain Controller
Directory Synchronization Tool
DC DirSync
• DirSync Cannot Run On Domain Controller
Single Sign on
ADFSDC ADFS ProxyNLB
DirSync
DEMO:
Essentials Feature
MDM-
Mobile Device Management
Direct Mobile Device Management VS. Exchange ActiveSync
Direct MDM EAS
Implementation Managed directly from the cloud using the native management capabilities in the device
Managed from Exchange Server through the cloud using EAS
Requirements Integrated into Windows Intune Exchange Server 2010
Connector None Exchange Server Connector
Security Layer Operating System Application
Capability (dependent on platform)
• Hardware inventory• Policy Settings Management• Pull Software Distribution• Device Wipe (iOS and Windows Phone)• Compliance Monitoring• iCloud policy control (iOS only)
• Basic settings• Pull software distribution• Device wipe (iOS and Windows Phone)• Mailbox wipe (Windows 8 and Windows RT)
App Distribution Windows 8 Apps Distribution (Self-Service App)Line-of-business application distribution through company portal (iOS)
Line-of-business application distribution through Web company portal
Direct Mobile Device Management Prerequisites
Windows RT Windows Phone 8 iOS EAS Based Devices (Android)
InfrastructureRequirements
• Domain name for
enrollment
• server address
• Domain name for enrollment
• server address
• Registration with Apple
Developer Program
• Exchange 2010 Server
Deployment Requirements
• Sideloading Key
• Code-signing certificate
(optional)
• Windows Phone Dev Center
Company account
• Enterprise Mobile Code
Signing Certificate
• Apple Push Notification
(APN) certificate
• Apple Developer Enterprise
Program
• Exchange Connector for
ConfigMgr
End user Interface
Company Portal application +
Web-based
Company Portal application +
Web-based
Company Portal application +
Web-based
Company Portal application + Web-
based
Direct Mobile Device Management Prerequisites
Windows RT Windows Phone 8 iOS EAS Based Devices (Android)
InfrastructureRequirements
• Domain name for
enrollment
• server address
• Domain name for enrollment
• server address
• Registration with Apple
Developer Program
• Exchange 2010 Server
Deployment Requirements
• Sideloading Key
• Code-signing certificate
(optional)
• Windows Phone Dev Center
Company account
• Enterprise Mobile Code
Signing Certificate
• Apple Push Notification
(APN) certificate
• Apple Developer Enterprise
Program
• Exchange Connector for
ConfigMgr
• Windows Intune
End user Interface
Company Portal application Company portal application Web-based company portal Depends on platform
Preparing For MDM
Intune Configuration
• Configure Mobile Device Management Authority
• Configure Direct Management For
• Windows RT
• Windows Phone 8
• iOS
• Exchange
Device Configuration
• Company Portal
• App
• Web
• Define Owner
Requirements Windows Phone 8
• Symantec Certificate
• Microsoft Certificate
Requirements iOS
• Apple Certificate• New Users: https://appleid.apple.com
• Apple Push Certificates Portal: https://identity.apple.com/pushcert
Requirements Android
• EAS
Testing Windows Phone 8
• Support Tool for Windows Intune Trial Management of Window Phone 8• http://www.microsoft.com/en-us/download/details.aspx?id=39079
Software
Software Installation
Win 8 Win RT Win 7, Vista, XP
WP 8 iOS Android
Company Portal App
Yes Yes No Yes Yes Yes
Company Portal Web
Visible, Install
via App
Visible, Install via
App
Yes Visible, Install via
App
Yes Yes
File Types Appx / Exe / Msi Appx Exe /Msi Xap Ipa / Plist Apk
Software Installation
Exe & Msi Files
• Push & Pull Deployment
All Others
• Pull Only
Prerequisite For Deploying Software
• Installation Files Must:
• Include a single .exe or msi installation file
• Include any supporting files and subfolders in a single folder structure
• Support silent installation
• No files larger then 3 GB
DEMO:
Software Installation
Web sites
• Intune• Portal.manage.microsoft.com
• Manage.Microsoft.com
• M.manage.Microsoft.com
• Account.manage.microsoft.com
• Office365• Portal.Microsoftonline.com
• M.portal.Microsoftonline.com
• Office365.com
• Azure• manage.windowsazure.com
• www.azure.com
Extending Intune
• Office365
• Windows Server Work Folders
Testing Intune
• Free 30 Day Trial• http://www.microsoft.com/en-us/windows/windowsintune/try.aspx
• Bring Your Own Device (BYOD) Test Lab Guides - Series v1.2• http://www.microsoft.com/en-us/download/details.aspx?id=38778
Please evaluate the sessionbefore you leave
Olav TvedtMVP - Software Packaging, Deployment & Servicing
Twitter: @olavtwitt – Blog: http://olavtvedt.blogspot.com