Managing centralized deployment

Managing centralized deployment

When you have deployed Office 365, what tools are available to manage your centralized deployments?

In this step, you’ll look at the functionality of three tools:

  • Microsoft 365 Apps Admin Center
  • Group Policy
  • Intune

These tools will let you push out settings to multiple users. You can choose which option fits best with your organization’s policies. They all do similar things, and you may choose which option fits best for your needs.

Decorative image: Microsoft 365 admin center

Microsoft 365 Apps Admin Center

The Microsoft 365 Apps Admin Center lets you apply policy settings for Microsoft 365 Apps for Enterprise on a user's device, even if the device isn't domain-joined or otherwise managed. When a user signs-in to Microsoft 365 Apps for Enterprise on a device, the policy settings roam to that device.

Policy settings are available for devices running Windows, macOS, iOS, and Android, although not all policy settings are available for all operating systems. You can also enforce some policy settings for Office for the web, both for users who are signed in and for users who access documents anonymously.

Group Policy

Decorative image: Group Policy object.

Group Policy is another way to configure computer and user settings on computers that are part of your on-premises domain. It allows you to centralize the management of computers on your network without having to physically go to and configure each computer individually.

Note: In order to use Group Policy editor in a domain environment, you must use an administrator account. A standard domain user account is not in the local Administrators group and will not have the proper permissions to configure Group Policies.


Intune process

Figure 1: The Intune process.

Microsoft Intune is a cloud-based service that focuses on mobile device management (MDM) and mobile application management (MAM). Using Intune allows you to create policy settings on how the organisation will use devices with company access. This will include the use of mobile phones, tablets, and laptops.

Intune is part of Microsoft's Enterprise Mobility + Security (EMS) suite. Intune integrates with Azure Active Directory (Azure AD) to control who has access and what they can access.

It also integrates with Azure Information Protection for data protection. It can be used with the Microsoft 365 suite of products. For example, you can deploy Microsoft 365 apps such as Word, Teams, and OneNote to devices.

This feature enables people in your company to be productive on all of their devices while keeping your organization’s information protected with the policies you create.

What's Next?

Now you’re aware of the options available when using a centralized deployment. What if you wanted to gain deep insights and identify any issues with your Office Apps in your organization?

Next up, you’ll learn about Microsoft 365 Apps Inventory.

When you’re ready select Next to continue.


In this course, you’ll look at deploying Microsoft 365 Apps for Enterprise and you will explore the difference between user-driven and centralized deployments.

About the Author
Learning Paths

A world-leading tech and digital skills organization, we help many of the world’s leading companies to build their tech and digital capabilities via our range of world-class training courses, reskilling bootcamps, work-based learning programs, and apprenticeships. We also create bespoke solutions, blending elements to meet specific client needs.