January User Group: Empowering your People Everywhere with Enterprise Mobility

January Session Wednesday 28th- Empowering your People Everywhere with Enterprise Mobility

Enterprise Mobility is about connecting people with your resources, regardless of where they are, or what computing device they are using. Staff, contractors, suppliers and customers can all securely access the same enterprise mobility framework to gain access to only the information you intend for them.

Come along to learn more about how Enterprise Mobility can boost productivity, streamline processes and automate provisioning of information to your users. Experteq is a Microsoft partner specialising in Enterprise Mobility. Experteq has delivered many Enterprise Mobility solutions to Fortune 100 and Government organisations and utilizing Microsoft technology will demonstrate:

  • Enrolling a new user and managing the user lifecycle:
    • Automate the process of on-boarding and off-boarding Staff, Contractors, Suppliers and Customers
    • Automate the provisioning of services and resources to a user
    • Manage a user’s access privileges throughout their access to organisations
    • Provide self-service tools for users to reduce the load on IT support staff
  • Manage the proliferation of personal computing devices by:
    • Facilitating access to your business systems and data
    • Protecting the corporate information and data being consumed on these devices
    • Allow BYO computing device with little management overhead

Great prizes on offer!

Register Here

Presented by Experteq and Microsoft experteq

Advertisements

Intune Discovery: Kicking the Tires

The Intune cloud-based management service is a solution that helps you to manage your computers and mobile devices and to secure your company’s information.

With the proliferation of BYOD and BYOID’s, I wanted to “kick the tires” so here we go for a discovery.  Cooking time: 1 day.

My Microsoft ID’s had already been synced from On premise AD via AADSync.  See my previous post on this topic here.

I subscribed for a 30 Intune trial here which is for 30 days for 30 test licenses.

Then to utalise the Intune console I had to update my Silverlight version on my Microsoft Surface 3.  I logged in and I was presented with this console.  The Dashboard provides shortcuts to the initial tasks which are required.  I selected Add users.

1

I select several users and applied the Intune license as shown below.

2.1

Then I created a Group with all my licensed users.

6.2

Next we need to create a policy that we wish to push out to the users BYOD (Group).

3

4

I selected Computer Management, Windows Firewall Settings, Create and Deploy a Custom Policy.

38

It prompted me to deploy the policy.

7

Then I applied the Policy to a group

8

Then I downloaded my Client Software and attempted to apply it to my MSDN Windows 10 running in Azure.

9

13

It appeared to install but unfortunately Intune is not compatible with Windows 10 yet.  I received an error in the console and the agent was not running on the OS.  See this compatibility list here.

14

15

After I successfully loaded the agent on a Windows 8.1 machine in Azure, I loaded my firewall to see my Policy changes had applied.

fw

Then I decided to scan using the Intune Endpoint Protection.  All of the definitions are defined within my Intune portal.

27

Next I wanted to remotely push some software.  I downloaded and run the Intune Software Publisher plugin.

16

Then I ran the wizard.

17

I selected SpotifySetup.exe and also selected a Spotify Icon.

18

19

I left everything else as default.

20

21

Then I selected upload.

22

I then applied the Software All Users.

31

Here is a summary of all my deployed software.

34

Back on the Windows 8.1 machine I opened the Intune Center tool from the right hand corner near the clock.

23 - Copy

Then I selected Get Applications from the Company Portal.  Here I had to authenicate (only the first time).  It even allowed me to reset my expired password.  Here you can see my Azure Active Directory Premium portal customisations have loaded.

2829

I selected YES to the primary user of this computer.

30

Here you can see that Spotify was advertised on the main portal page.

39

If I select All Apps, Spotify is also advertised inside here and ready to install.

40

I selected Spotify and Install.

41

It now displays as installing.

42

Next I wanted to apply a minimum in Microsoft patches to my non domain devices.  This would be useful for a company that wants to ensure that a minimum level of patches are running on all machines that access their corporate data.  I approved all patches to All Devices back in the Intune console under groups.

46

Then back on the Windows 8.1 machine I  immediately prompted to install the newly approved patches.

Then I decided that I wanted to manage BYO mobile devices as well.  So i went to admin within the console, I selected Set Mobile Device Management Authority.

47

48

Then I Added a Device Enrollment Manager.

49

This is where I stopped.  I did not have a spare mobile device that I wished to wipe.

The Administrators Console dashboard has great visibility into the fleet’s health.  You can see the 1 error, this is my failed Windows 10 installation.  Clicking on each alert takes you straight to the reported area.

50

So as you can see there are a lot of great management features within Intune.  It has certainly come a long way in the last few years.  There are many features and perhaps your company will find this tool suitable for only 1 or 2 specific tasks, rather than using every feature that is available.  This is a very feature rich tool which does everything except refill your coffee cup.

profile picAaron Whittaker @AaronW2003