Microsoft Intune is a cloud based services that is part of Microsoft Endpoint Manager and it will help you to manage Mobile Device Management (MDM) and Mobile Application Management (MAM) and cloud based devices in your organization.
Prerequisites-
Web browsers support
The following browsers are supported for MEM console.
- Microsoft Edge (latest version)
- Firefox (latest version)
- Safari (latest version, Mac only)
- Chrome (latest version)
Intune supported operating systems.
Intune can manage following operating systems.
Microsoft
Surface Hub
Windows 10 (Home, S, Pro, Education, and Enterprise versions)
Windows 10 Enterprise 2019 LTSC
Windows 10 IoT Enterprise (x86, x64)
Windows Holographic for Business
Windows 10 Teams (Surface Hub)
Windows 10 1709 (RS3) and later, Windows 8.1 RT, PCs running Windows 8.1 (Sustaining mode)
Apple
- Apple iOS 12.0 and later
- Apple iPadOS 13.0 and later
- Mac OS X 10.13 and later
- Android 6.0 and later (including Samsung KNOX Standard 2.4 and higher:)
Samsung Knox Standard devices
Samsung Knox activation will support only if the device part of the Supported Knox devices.
Devices that don’t support Samsung Knox activation enroll as standard Android devices. Enrolling Samsung Knox devices may require you to enable access to Samsung servers.
Microsoft Intune free trial Access-
Navigate to the Intune set up account page to setup your free Intune access. Enter your email id and click on next.
Click on Set up account.
Fill your details and click on Next.
Click on send verification code.
Enter your domain name and click on next.
Enter the user name ( it will used for login ) and password the click on Sign up.
Click on Manage Your Subscriptions to check your license details. Or click on Get Started to open MEM console.
MDM Activation
MDM activation can be done via MEM or Azure Active Directory console.
Login to Azure active Directory and click on Mobility (MDM and MAM)
Click on Microsoft Intune.
You will received highlighted message if MDM is not configured. Click on Yellow highlighted message to activate.
Select the activation type and click on Activate button.
Click on Bell icon to check activation status. Once you received Successfully activated eEnterprise motility then Sign out your Azure console and login again.
In Azure active Directory and click on Mobility (MDM and MAM)
Click on Microsoft Intune. Can see below entries if activation successfully done.
Intune Features and Settings……..
let us walkthrough for Intune features and setting.
Hope Page Overview-
We can see the Home page when we login to the MEM console. Under the Home page can see the your current login account status (Active or Inactive) and the other information like client apps, connector status Device Compliance and Service Health’s.
Dashboard tab will provide the details about Device Enrollment counts Windows, Android iOS//iPadOS and other devices and Device Compliance status and Device Configuration Profile status. We can customize the dashboard according to needs.
Under the Device tab can see all devices status and can view by the Platform as well. Use the Device enroll option to setup the device enrollment.
Under the Policy section can create different type of the policy.
- Compliance Policy
- Conditional Access.
- Configuration Profile.
- Scripts.
- Group Policy Analytics(Preview).
- Windows 10 Update Ring.
- Windows 10 feature updates (Preview).
- Windows 10 quality updates (Preview).
- Update Policy for iOS /iPadOS.
- Enrollment restrictions.
- eSIM cellular profiles (Preview).
- Policy Sets and Other.
Enroll devices features use to enroll the Windows, Apple Android devices. We can create a Enrollment restrictions policy from here to restrict the devices.
Under the Apps sections, Can view all the apps list are available in Intune console and their monitoring and can create policies for App protection policies and others…..
Endpoint security features it called Defender 365 protection as well basically it used to protect endpoints for malware infections. You can follow Microsoft defender link to get more details.
Under the Report section we can get different types of report for Device Management, Endpoint Security and Analytics and others.
User User section for Users to display details about the users that you have included in Intune. You can add users directly to Intune or synchronize users from your on-premises Active Directory. Once added, users can enroll devices and access company resources. You will the all users list under All Users (Preview section) and others
User the Group sections, You can see all existing groups are available in Intune console and can create new groups or Delete based on your requirement. We can get here audit logs and support request.
Select Tenant administration to display details about your Intune tenant. The Tenant admin – Tenant status pane provides tabs for Tenant details, Connector status, and Service health dashboard. If there are any issues with your tenant or Intune itself, you will find details available from this pane.
Under the Tenant administration section can get the details about connectors and tokens status.
Under the Tenant administration section can get the details about All Roles Types are exists in Intune console.
Under the Tenant administration, You can Manager your “Privileged Identity Management”.
Here, Can get the Audit logs details and can do “Customization” for you Company Branding name and logo.
Select “Troubleshooting + support > Troubleshoot” to check status details on a specific user. From the Assignments dropdown list, you can choose to view the targeted assignments of client apps, policies, update rings, and enrollment restrictions. Additionally, this pane provides device details, app protection status, and enrollment failures for a specific user.
All these information taken from Microsoft MEM Walkthrough document.