Presentation is loading. Please wait.

Presentation is loading. Please wait.

Modern Device Management; Myth vs. Reality

Published byCynthia Crawford Modified over 6 years ago

Similar presentations

Presentation on theme: "Modern Device Management; Myth vs. Reality"— Presentation transcript:

1 Modern Device Management; Myth vs. Reality
Steve Jesok Ameriprise Nash Pherson Blog, address, title Company

2 Steve Jesok Nash Pherson @SteveJesok @KidMystic Design Engineer
Microsoft MVP MNSCUG NowMicro Coffee Coffee

3 What is ‘Modern’ Device management

4 What is modern Device management?
More than just a buzz word Starts with Windows 10 Simplifies device management Leverages the mobile device management approach Is really a sum of parts Does not mean you no longer need Configuration Manager.

5 Components of Modern Device Management
Deployment and Provisioning: Delivering a device to a user and providing them what they need. What this means is “management out of the box”. Windows Imaging and Configuration Designer Identity and Authentication Azure AD Join, Conditional Access Configuration & Updating MDM Policies, Windows Update for Business, telemetry data, etc Deployment and Provisioning Windows Imaging and Configuration Designer (ICD). 

6 What is Your Basic Device management Strategy?
What you get OOB, a device with an OS. What do we need to add? Provisioning Authentication Configuration Business Software Telemetry Updates Guidance: modernizing-windows-management/

7 The first baby steps Setup a test Intune tenant
Understand the policy options and what you need. Provisioning packages Windows Updates for Business

8 Provisioning

9 Windows Imaging and Configuration Designer
Can be leveraged for… Simple provisioning: use built in options to create and deploy a configuration. Advanced provisioning: Deploy certificates, classic win32 apps, and Universal Windows Platform (UWP) apps. Mobile device enrollment into management: Enabled admins to apply a standard configuration to a Windows mobile devices by levering a tethered or SD deployment. Configuration Manager and Microsoft Intune hybrid. (certificate enrollment) Airwatch MobileIron

10 Level Set - Configuration Service Providers (CSP)
Now we have Configuration Service Providers (CSP) A client side interface for configuration. Works similarly to the Group Policy client side extensions as it provides a means to get (most) and set settings for a given feature. Provides access to specific settings. Uses SyncML (Synchronization Markup Language). WMI-to-CSP Bridge: Allows script to get/set CSP settings. More Information: service-provider

11 Demo: ICD Sample provisioning package
Basic- Create user account and background Adv: install and app

12 Configuration

13 Group vs mdm policy System admins have historically leveraged Group Policy. Set it and forget. Always works, right? Now we have Configuration Service Providers (CSP’s) A client side interface for configuration. Works similarly to the Group Policy client side extensions as it provides a means to get and set settings for a given feature. Provides access to specific settings. Uses SyncML (Synchronization Markup Language)

14 Group Policy and MDM Side by Side
MDM Policy Every 90 Minutes (random offset of 30) Gpupdate /force Microsoft-Windows- GroupPolicy/Operational Gpresult.exe Every 3 min after enrollment, then every 8 hours. Settings – Access Work or School – Info – Sync Microsoft-Windows-DeviceManagment- Diagnostics-Provider/Admin .\mdmReportGenerator.ps1 MDMDiagReport.xml MDMDiagReport.html

15 Demo: CSP Under the Hood
How the WMI bridge works How to access data

16 Demo: Is GPO really working?

17 Windows 10 MDM Policies Custom policy:
Use the Microsoft Intune custom policy for Windows 10 and Windows 10 Mobile to deploy OMA-URI settings that can be used to control features on devices. General configuration policy: Use this policy type when you want to select settings from the built-in list that's supplied with Microsoft Intune.

18 Demo: Is MDM really working?

19 Application Delivery Depending on your requirements you may have choices… Configuration Manager Intune Windows ICD Windows Store for Business

20 MMAT – What is it? Maps Group Policy settings to MDM policies
Identified the MDM policies which map to your existing GPO settings for a given system

21 Demo: MMAT

22 Updates and the Cadence

23 Rings, biannual updates, and things
Windows 10 update rings Office 365 Pro Plus bi-annual updates ProPlus-update-management-78b cdf-9d2c-08350ef05cca?ui=en-US&rs=en- US&ad=US Windows Update for Business

24 The Cadence Is possibly starting to settle in with the recent changes announced with Office Pro Plus…

25 Windows Store for Business

26 Telemetry Why wouldn't you want free intelligence?
Understand the impact of change, fact based decisioning. Visibility into problems areas Windows Update Readiness Office Telemetry Toolkit Why wouldn't you want free intelligence?

27 Microsoft Graph Api The web service to access cloud resources.
Intune Office 365 AAD PS examples:

28 Demo: MS Graph

29 Remember Modern Device management…
Does not happen over night! Take small steps towards it. Leverage what you already have. Don’t‘ forget the requirements.

30

31

32 Links and things Win 10 Rings: deployment-rings-windows-10-updates Office Update Cadence: upcoming-changes-to-Office-365-ProPlus-update-management-78b cdf- 9d2c-08350ef05cca?ui=en-US&rs=en-US&ad=US

33 Section Header This is the next section

34 Title Line1 Bullet Level 1 Bullet Level 2 Bullet Level 3

35 Title Code

36 Text Only with Border Level 1 Level 2 Level 3

37 Text Only (Red) Level 1 Level 2 Level 3

38 Title Text 1 Level 1 Level 2 Level 3 Text 2 Level 1 Level 2 Level 3

39 Title Section 1 Section 2 Text Text Level 1 Level 1 Level 2 Level 2

40 Demo Title

41

42

43

44

45

46

47

48

49

Download ppt "Modern Device Management; Myth vs. Reality"

Similar presentations

 This session details common scenarios for deploying Office 365 services. Office 365 provides a breadth of capability, but often there is a key scenario.

 This session details common scenarios for deploying Office 365 services. Office 365 provides a breadth of capability, but often there is a key scenario.
Mobile Device Management Intune-Configmanager CHANDAN BHARTI PREMIER FIELD ENGINEER-MICROSOFT.

Mobile Device Management Intune-Configmanager CHANDAN BHARTI PREMIER FIELD ENGINEER-MICROSOFT.
Enterprise Mobility Platform Microsoft Differentiation Managed Mobile Productivity Layered Protection Hybrid Solutions Office 365DynamicsWorkday.

Enterprise Mobility Platform Microsoft Differentiation Managed Mobile Productivity Layered Protection Hybrid Solutions Office 365DynamicsWorkday.
Devices and Deployment Management & Security Identity Cloud.

Devices and Deployment Management & Security Identity Cloud.
Desktop virtualization Access & information protection Mobile device & application management Hybrid identity Simplified device enrollment and.

Desktop virtualization Access & information protection Mobile device & application management Hybrid identity Simplified device enrollment and.
Lack of control for mobile devices Different tools for phone & PC Policy conflict Inconsistent user experience… Granular mobile device mgmt Converged.

Lack of control for mobile devices Different tools for phone & PC Policy conflict Inconsistent user experience… Granular mobile device mgmt Converged.
123456789101112…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.

…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.
Michael Niehaus Using the Windows Store for Business: New Capabilities for Managing Apps in the Enterprise WIN335.

Michael Niehaus Using the Windows Store for Business: New Capabilities for Managing Apps in the Enterprise WIN335.
Slavko Kukrika MVP Connect Windows 10 to the Cloud – Cloud Join.

Slavko Kukrika MVP Connect Windows 10 to the Cloud – Cloud Join.
Why EMS? What benefit does EMS provide O365 customers Manage Mobile Productivity Increase IT ProductivitySimplify app delivery and deployment LOB Apps.

Why EMS? What benefit does EMS provide O365 customers Manage Mobile Productivity Increase IT ProductivitySimplify app delivery and deployment LOB Apps.
Enabling the Modern Workstyle with Windows 10 & Azure Active Directory Venkatesh Gopalakrishnan 2016 Redmond Summit | Identity Without Boundaries May 25,

Enabling the Modern Workstyle with Windows 10 & Azure Active Directory Venkatesh Gopalakrishnan 2016 Redmond Summit | Identity Without Boundaries May 25,
EMS in action Hugh Simpson-Wells and Mark Riley 2016 Redmond Summit | Identity Without Boundaries

EMS in action Hugh Simpson-Wells and Mark Riley 2016 Redmond Summit | Identity Without Boundaries
Selecting the Management Platform Cloud-based Management Standalone Windows Intune No existing Configuration Manager deployment Simplified policy.

Selecting the Management Platform Cloud-based Management Standalone Windows Intune No existing Configuration Manager deployment Simplified policy.
Ensure a smooth transition to office 365 proplus

Ensure a smooth transition to office 365 proplus
Microsoft Virtual Academy

Microsoft Virtual Academy
People-Centric Management

People-Centric Management
5/20/2018 5:45 AM BRK3057 Overview: Modern Windows 10 and Office ProPlus management with Enterprise Mobility + Security Ariel Netz Partner Group PM Manager.

5/20/2018 5:45 AM BRK3057 Overview: Modern Windows 10 and Office ProPlus management with Enterprise Mobility + Security Ariel Netz Partner Group PM Manager.
5/21/2018 9:40 PM BRK3021 Learn about modern infrastructure roles in RDS: Next generation Windows desktop & app virtualization Clark Nicholson - Principal.

5/21/2018 9:40 PM BRK3021 Learn about modern infrastructure roles in RDS: Next generation Windows desktop & app virtualization Clark Nicholson - Principal.
Manage Windows devices in the complex hybrid cloud world of today

Manage Windows devices in the complex hybrid cloud world of today
Cloud-First, Modern Windows Management and Security

Cloud-First, Modern Windows Management and Security

Similar presentations

Ads by Google