Microsoft NDA Confidential Microsoft NDA Confidential Enabling users
Microsoft NDA Confidential
Microsoft NDA Confidential
Enabling users to be productive, responsibly Finding the right balance Devices &and. Experiences Applications data across Users Want devices, anywhere Controlled access to data with seamless authentication
Devices & Platforms Single admin console
Microsoft NDA Confidential
New Platforms • • Windows RT Windows Phone 8 i. OS (5. x, 6. x) Android (2. 1 and later)* Features fully integrated in to Config. Mgr • • • Over the air device enrollment* Available user targeted applications User and device settings management* Device inventory* Remote device retirement* Remote device wipe* *Android features supported through the Exchange Connector only
Microsoft NDA Confidential
www. Windows. Intune. com account. manage. microsoft. com Microsoft NDA Confidential
Microsoft NDA Confidential
http: //blogs. technet. com/b/hey scriptingguy/archive/2004/12/0 6/how-can-i-assign-a-new-upn -to-all-my-users. aspx Microsoft NDA Confidential
Not required but strongly recommended! http: //technet. microsoft. com/enus/library/jj 151786 http: //technet. microsoft. com/enus/library/jj 151794 Microsoft NDA Confidential
http: //technet. microsoft. com/enus/library/hh 967629. aspx Microsoft NDA Confidential
http: //onlinehelp. microsoft. com/en-us/office 365 -enterprises/hh 125002. aspx Microsoft NDA Confidential
Microsoft NDA Confidential
Platform Windows Phone 8 Certificates or keys Code signing certificate: All sideloaded apps must be codesigned. Sideloading Keys: Windows RT devices have to be provisioned with sideloading keys to enable Windows RT installation of sideloaded apps. All sideloaded apps must be code-signed. i. OS Apple Push Notification service certificate How you obtain Buy a code signing certificate from Symantec http: //www. symantec. com/verisign/code-signing/windows-phone Buy sideloading keys from Microsoft, link below has more details http: //technet. microsoft. com/en-us/library/hh 852635. aspx To enable app management for i. OS, you must follow these steps. 1. Download a Certificate Signing Request from Windows Intune. This certificate signing request lets you apply to Apple’s certification authority for an Apple Push Notification service certificate. 2. Request an Apple Push Notification service certificate from the Apple website. To Download a Certificate Signing Request from Windows Intune • In the Configuration Manager console, click Administration. • In the Hierarchy Configuration, right-click Windows Intune Subscriptions and select Create APNs certificate request. • Select a location and then click Download. • In the Windows Intune sign in page, enter your organizational account and password. • After you sign in, the certificate signing request is downloaded to the location that you specified. To request an Apple Push Notification service certificate • Connect to the Apple Push Certificates Portal. . • Sign in and continue in the wizard Android None
Set up device enrollment for mobile devices • Set up Direct Management for Windows RT Mobile Devices Learn how to set up automatic detection for a Windows Intune enrollment server and obtain and add product activation sideloading keys to enable users to install line-of-business applications on their Windows RT devices. • Set up Direct Management for Windows Phone 8 Mobile Devices Learn how to set up automatic detection for a Windows Intune enrollment server, and how to download and sign the Company Portal app so that you can make it available to users. The Company Portal app enables you to distribute applications and web links to users with Windows Phone 8 devices. Users can access and install the Company Portal app when they enroll their Windows Phone 8 devices. • Set up Direct Management for i. OS Mobile Devices Learn how to download a certificate signing request from Windows Intune so that you can apply to Apple’s certification authority for an Apple Push Notification Service (APNs) certificate. Configuration Manager with Windows Intune uses the APNs to maintain persistent communications with i. OS devices.
Microsoft NDA Confidential
http: //technet. microsoft. com/en-us/library/jj 884158. aspx http: //technet. microsoft. com/en-us/library/jj 733632. aspx Microsoft NDA Confidential
Microsoft NDA Confidential
Microsoft NDA Confidential
People Centric IT Come to Booth 1 in the Expo Hall for your chance to win a Surface RT bundle worth $699 Answer four questions correctly and you’ll be entered in our prize draw. Draw will take place at 4 pm on April 10 2013 NO PURCHASE NECESSARY. See Event Booth #1 for Official Rules
Complete your session evaluations today and enter to win prizes daily. Provide your feedback at a Comm. Net kiosk or log on at www. 2013 mms. com. Upon submission you will receive instant notification if you have won a prize. Prize pickup is at the Information Desk located in Attendee Services in the Mandalay Bay Foyer. Entry details can be found on the MMS website.
1. User identities and SGs are created / modified in AD 2. Dir. Sync delta syncs on-prem userid (no pwd) to MSODS every 3 hours 3. Federation between on-premise AD and Org ID allowing users to use their on prem username and pwd to login 4. All Identities and group memberships flow down to Intune via Sync Daemon Trust Id. P Active Directory Federation Server 2. 0 Admin Portal/ Power. Shell MS Online Directory Sync (Dir. Sync) Provisioning platform AD All Identities and group memberships flow. Exchange Online down to Intune via Sync Daemon Authentication platform Id. P Directory Store Share. Point Online Windows Intune To learn more about ADFS, design and deployment visit Windows Server ADFS homepage and Preparing for Identity Services single sign on. For more details on AD Directory Synchronization visit Directory Synchronization roadmap. details. Infrastructure on attributes Dirsync’d see this KB On. For Premise Microsoft Online Services
The following illustration and corresponding steps provide a description of the client application request process in AD FS using TLS/SSL. 1. The remote employee uses the Web browser to open the application on the AD FS-enabled Web server. 2. The AD FS-enabled Web server refuses the request because there is no AD FS authentication cookie. The AD FS-enabled Web server redirects the client browser to sign-in on the resource federation server. 3. The client browser requests the logon Web page from the resource federation server. 4. The Web page on the resource federation server prompts the user for account partner discovery. 5. The resource federation server redirects the client browser to the logon Web page on the account federation server proxy. 6. The Web browser requests the logon Web page from the account federation server proxy.
Supported Operating Systems Prerequisites • Microsoft Windows Server 2008 R 2 • Microsoft Windows Server 2003 SP 2 • Microsoft. NET Framework 3. 5 (reboot) and Microsoft Windows Power. Shell™ v 1. 0 (no reboot) • Not a domain controller • Domain-joined machine Source Forest Synchronization Single file download Dir. Sync can synchronize from source forests running the following versions of Windows Server: • Microsoft Windows Server 2008 R 2 • Microsoft Windows Server 2008 • Microsoft Windows Server 2003 • Microsoft Windows Server 2000 • Microsoft SQL Server® 2008 R 2 Express • Microsoft Identity Lifecycle Manager 2007 (version created specifically for Microsoft Online) • No customer purchase beyond providing a server To learn more about ADFS, design and deployment visit Windows Server ADFS homepage and Preparing for single sign on. For more details on AD Directory Synchronization visit Directory Synchronization roadmap. For details on attributes Dirsync’d see this KB Microsoft NDA Confidential
- Slides: 76