Intune is the component of Enterprise Mobility + Security (EMS) that manages Windows systems, mobile
devices and apps.
It integrates closely with other EMS components like Microsoft Entra ID for identity and access
control and Azure Information Protection for data protection.
- Microsoft Endpoint Manager
- Intune Overview
- Intune Subscriptions
- Mobile Device Management (MDM)
- Mobile App Management (MAM)
- Microsoft Entra ID
- Role-Based Administrative Control (RBAC)
- LAB: Intune Overview
Intune lets you manage your devices and apps and how they access your company data.
To use mobile device management (MDM), the devices must first be enrolled in the Intune service.
When a device is enrolled, it is issued an MDM certificate. This certificate is used to communicate with the
- Device Enrollment
- Device Management Capabilities
- Enrollment Options
- Windows Enrollment
- Android Enrollment
- iOS Enrollment
- MacOS Enrollment
- Linux Enrollment
- LAB: Device Enrollment
Use device configuration profiles to manage and control a whole range of different features and functionality on
- Configure Device Profiles
- Configure Device Features
- Configure Device Restrictions
- Configure Settings: Email, VPN, Wi-Fi
- Administrative Templates
- Upgrade Editions
- LAB: Device Configuration
As an IT admin, you are responsible for making sure that your end users have access to the apps they need to do
This can be a challenge because there are a wide range of device platforms and app types.
Moreover, you might need to manage apps on both company devices and user's own devices, while ensuring your
network and your data remain secure.
- App Lifecycle
- Add apps to Intune: Store Apps - Office 365 - Web Apps - LOB Apps - Win32 Apps - PowerShell Scripts
- Monitor Apps
- App Configuration Policies
- LAB: App Management
Device and App Protection
Policies can be created to define whether devices are compliant, to configure conditional access or to protect
app and device data.
- Device Compliance Policies
- App Protection Policies
- Windows Information Protection
- Conditional Access
- LAB: Device and App Protection
Endpoint Protection provides real-time protection against malware threats, keeps malware definitions up-to date,
and automatically scans computers.
Endpoint Protection also provides tools that help you to manage and monitor malware attacks.
- Endpoint Protection
- Microsoft Defender for Endpoint
- Integration between Intune and Defender for Endpoint
- Enforce Compliance with Conditional Access
- Remediate Vulnerabilities
- LAB: Endpoint Protection
As an IT admin, you need control over the company devices. With Intune, you can remotely reboot, rename, lock or
wipe a device.
- Lock, Restart or Remove Device
- Locate Lost Device
- Logout or Remove User
- Bypass Activation Lock
- Reset Passcode
- Remote Control Mobile Devices
- Synchronize Device
- LAB: Device Management
Intune can be used to run devices as a kiosk, also known as a dedicated device. A device in kiosk mode can
run one or multiple apps.
You can show and customize a start menu, add different apps, including Win32 apps (for Windows), add a specific
home page to a web browser, and more.
- Windows Kiosk Devices
- Android Kiosk Devices
- iOS Kiosk Devices
- LAB: Kiosk Devices
Windows Autopilot is a collection of technologies used to set up and pre-configure new devices, getting them
ready for production use minutes after you bought them from the vendor.
- Windows Autopilot Overview
- Windows Autopilot Requirements
- Deployment Scenarios
- Administering Windows Autopilot
- LAB: Windows Autopilot
With Microsoft Intune you can manage all devices in your organization: mobile devices (Android, iOS), Windows,
Linux and Mac devices.
Intune helps you to configure and control machines, deploy apps and keep your data secure.
In this course you will learn about all the aspects of the Intune service.
This course is intended for IT Professionals who will be responsible for
managing devices in the cloud. No prior knowledge is required.