Intune Compliance Policy

The compliance policy in Intune is an important point because it makes it possible to verify that mobile device complies with security constraints. Several parameters can be configured in the compliance policy.

• Using a password to access devices
• Encryption of the device
• Prohibit jailbroken or root device
• Minimum operating system version required
• Maximum allowed version of the operating system
• Require the device to be at or below the level of defense against mobile threats

Lire la suite de

Co-management for Windows 10 devices

Co-management can meet several needs:

• If you have a Microsoft 365 subscription and want to use the included Windows 10 licenses.
• If you want to manage your Windows 10 devices as a mobile device and thus switch from traditional management to modern management.

Lire la suite de

What is the MDM Authority

Before any Microsoft Intune implementation project, a choice should be made between setting up a Microsoft Intune platform in standalone or hybrid mode (with System Center Configuration Manager). It is necessary to know the two solutions, but also the advantages and disadvantages of these solutions. Switching from one mode to another has been simplified from System Center Configuration Manager 1610. It is no longer necessary to contact Microsoft support for this. This is discussed in the next chapter.
Lire la suite de

Cname records for Auto-discovery

If you want add Windows Device (Windows Phone 8.1/10 or Windows PC 8.1/10) on the intune platform, you need add cname records on your Public DNS Server. This operation is needed to operate the auto-discovery with the Windows devices only. There is no problem with IOS and Android Device.
Lire la suite de

Azure AD Connect

Azure Ad Connect is a tool provided by Microsoft that allows to extend the scope of AD accounts for cloud services. Indeed the AD user accounts can be used only in an AD domain. To allow a user to use the login and password in a cloud service (Azure, EMS, Office 365,…) it is necessary to proceed with the synchronization of accounts. Several solutions are possible, using ADFS server, the password synchronization or Azure AD pass-through). The tool can be installed on a domain controller or a member (joined to the domain or workgroup) server.
It is possible to synchronize multiple AD forests for a same nevertheless requirements are to be respected.

Lire la suite de

Enroll Device into Intune

After you configure the platform Microsoft Intune, it is important to add mobile devices (IOS, Windows Phone or Android).
This operation must be performed directly from the equipment. So, this article presents the steps to add an equipment.

Lire la suite de

Enroll Windows 10 Computer

The enrollment of a computer Windows 10 can be done through the Microsoft Intune agent or through the Workplace Join functionality.

This feature allows a Windows 10 equipment of enroller in Microsoft Intune. Unlike the agent who allows to add equipment such as a computer, Workplace Join allows the addition of the computer as a mobile. So some functionality may not be used (anti-virus, firewall management, Microsoft patch management).

Join workplace is native to Windows since Windows 8 operating systems.

Lire la suite de

Office 365 conditionnal access

If you have a subscription intune and office 365, it is possible to configure the conditional access. This feature allows to control access to the boxes mail Office 365. Only devices enrolles in Microsoft Intune and respecting security defined constraints will have access to their mailbox Microsoft Office 365.

Lire la suite de

The different mode of intune

Microsoft Intune can be used with two distinct modes. In stand-alone mode, the platform is present in the Microsoft cloud. No interaction with your information system. The facilities administration and management of the platform. This action takes place from the web portal. The second mode is more « complex » because it contains an intermediary more.
Lire la suite de