Download presentation
Presentation is loading. Please wait.
Published byHilary Gilmore Modified over 9 years ago
1
Howard A. Carter III Senior Consultant Microsoft Consulting Services
Enabling Mobile Device Management with System Center & Windows InTune Howard A. Carter III Senior Consultant Microsoft Consulting Services TechGate 2013 – Reston, VA September 21, 2013
2
Agenda What is Windows Intune? Windows Intune Configurations
Windows Intune Capabilities Across Devices Settings Up an Intune Account Integrating with Configuration Manager 2012 Publishing Applications Enrolling Devices
3
Windows Intune Configurations
Cloud-Only Configuration Unified Configuration
4
Cloud Management Capabilities
Capability / Platform Windows 8 Windows 7, Vista, XP Windows RT Windows Phone 8 iOS Android Application management ü Endpoint Protection O Hardware Inventory Software Inventory ü1 Remote control ü3 Reporting Software updates Compliance settings ü2 1 = Managed applications only 2 = Compliance reporting but no remediation automation 3 = Via Remote Assistance
5
Unified Management Capabilities
Capability / Platform Windows 8 Windows 7, Vista, XP Windows Embedded Windows To Go Mac OS Windows RT Windows Phone 8 iOS Android Application management ü Endpoint Protection O Hardware Inventory ü1 Software Inventory ü2 Remote control ü5 Reporting Software updates ü4 Compliance settings ü3 OS deployment N/A Out of band management Power management Software metering 1 = Basic information only through Exchange ActiveSync 2 = Managed applications only 3 = Compliance reporting but no remediation automation 4 = Device User has to accept the update 5 = Via Remote Assistance
6
Windows Intune Cloud Architecture
CorpNet Internet x86 / x64 Windows 8 Windows 7 Windows Vista Windows XP Windows Phone 8 Windows RT Direct Management & App Publishing iOS EAS Policy & Inventory DirSync Android App Publishing Android
7
Windows Intune Unified Architecture
CorpNet Internet x86 / x64 Windows 8 Windows To Go Windows 7 Windows Embedded Windows Vista Windows XP Mac Service Pack 1 x86 / x64 Windows 8 Windows 7 Windows Vista Windows XP EAS Policy & Inventory Windows Phone 8 Windows RT Direct Management & App Distribution iOS DirSync ADFS ADFS Proxy Active Directory Android Android App Distribution
8
Selection Considerations
Scale of Solution Approx. Max of 5000 Users? Approx. Max of 100,000 Users? Current Infrastructure On-premise ConfigMgr? Something else? Required Feature Set Capabilities Supported Platforms
9
Roadmap | Integrating Configuration Manager 2012 with Windows Intune
Sign up for Windows Intune account Synchronize your AD with Windows Azure AD Configure Intune Subscription in ConfigMgr Add Windows Intune Connector Setup MDM Properties Import Apps
10
DEMO TG13Demo.onmicrosoft.com
Sign up for Intune Account (already done) Sync AD with Azure AD (already done) Configure Intune Subscription in ConfigMgr Install Windows Intune Connector Setup MDM Properties Add/Deploy Company Portal App
11
Managing the Mobile Device Lifecycle
Enabling the user Enrolling the device Inventorying the device Installing applications Managing the device Retiring the device
12
Configuration Item Settings
Password Require password on mobile devices Min password length Max password length Number passwords remembered Number failed logons before wipe Idle time before lock Password complexity Send password recovery PIN to Exchange Server management POP and IMAP Max time to keep Allowed message formats Max size for plain text Max size for HTML Max attachment size Calendar synchronization Security Unsigned file installation Unsigned applications SMS and MMS messaging Removable storage Camera Bluetooth Windows RT VPN profile Profile file Profile name Profile for all users Peak Synchronization Specify peak time Start End Days of week Peak synchronization frequency Off-peak synchronization frequency All options enable you to remediate noncompliant settings and some have a reporting option
13
Configuration Item Settings
Roaming Mobile device management while roaming Software download while roaming download while roaming Encryption Storage card encryption File Encryption on mobile device Require signing Require encryption Encryption algorithm Wireless Communication Wireless network connection Network name Network connection Authentication Data encryption Key index 802.1x settings EAP type Certificates Import Certificate File Destination store Role All options have a Remediate noncompliant settings option
14
Inventoried Management Properties
Inventory Class Windows Phone 8 Windows RT iOS EAS Name Device_ComputerSystem.DeviceName Yes Unique Device ID Device_ComputerSystem.DeviceClientID Device_ComputerSystem.UDID Serial Number Not applicable Device_ComputerSystem.SerialNumber No Address Device_ .Owner Address Operating System Type Device_OSInformation.Platform CCM_OperatingSystem .SystemType Operating System Version Device_ComputerSystem.SoftwareVersion Win32_OperatingSystem.Version Device_OSInformation.OSVersion Build Version Win32_OperatingSystem.BuildNumber Service Pack Major Version Win32_OperatingSystem.ServicePackMajorVersion Service Pack Minor Version Win32_OperatingSystem.ServicePackMinorVersion Operating System Language Device_OSInformation.Language Total Storage Space Win32_PhysicalMemory.Capacity Device_Memory.DeviceCapacity Free Storage Space Win32_OperatingSystem.FreePhysicalMemory Device_Memory.AvailableDeviceCapacity IMEI1 Device_ComputerSystem.IMEI MEID2 Device_ComputerSystem.MEID Manufacturer Device_ComputerSystem.DeviceManufacturer Win32_ComputerSystem.Manufacturer Model Device_ComputerSystem.DeviceModel Win32_ComputerSystem.Model ModelName Phone Number Device_ComputerSystem.PhoneNumber Subscriber Carrier Device_ComputerSystem.SubscriberCarrierNetwork Cellular Technology Device_ComputerSystem.CellularTechnology Wi-Fi MAC Win32_NetworkAdapter.MACAddress Device_WLAN.WiFiMAC 1 International Mobile Equipment Identity 2 Mobile Equipment Identifier
15
Demo Remember: Manage.Microsoft.com
Creating a Mobile Configuration Baseline Enrolling a Device
16
Retiring Managed Mobile Devices
Retire Block Delete Wipe Removes the device from Configuration Manager while leaving personal settings and data intact on the device. All data is deleted, sets device back to manufacturer's defaults Blocks the client from communicating with the hierarchy. You can also unblock clients. Deletes the mobile device permanently from the hierarchy so that it will not be further managed. No data from the device is removed. Once deleted, the user would need to unenroll and re-enroll again.
17
Listing Retirement Options by Device
Function Windows Phone 8 Windows RT iOS Android (EAS) Retire Yes Line of business apps are uninstalled including the company portal app. User settings are retained Removes sideloaded keys and sideloaded apps no longer run. Installed apps will still run. installed apps will still run User settings are removed. Block Not available Wipe Exchange ActiveSync mailbox removal only Delete
18
Demo Wiping a Device
19
Additional resources Windows Intune Trial
Support Tool for Intune Trial Management of Window Phone 8 us/download/details.aspx?id=39079# Microsoft Virtual Academy – Windows Intune Jumpstart courses/windows-intune-for-it-professionals-jump-start Microsoft Windows Intune Blog Microsoft System Center ConfigMgr Team Blog
20
QUESTIONS
21
Thank You techgate@hotmail.com
An will be sent to all attendees on Monday, September 23 announcing location of slides received from presenters.
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.