In this course, I will take you through the features provided by Microsoft 365 that allow you to monitor, protect, and manage devices across an organization.
Learning Objectives
- The differences and benefits of both the Configuration Manager and Microsoft Intune
- What co-management is and what benefits it provides
- The capabilities and differences between the MDM solutions provided within Microsoft 365, which are Basic Mobility and Security and Microsoft Intune
- How other Microsoft tools integrate with MDM solutions to provide better security for organizations
Intended Audience
- Users looking to learn about Managing Devices with Microsoft 365
Prerequisites
- Have a basic understanding of Microsoft 365
Co-management allows administrators to specify how organizations manage their devices using either Intune or the configuration manager. After enabling devices for co-management, Intune will show devices as managed by MDM or the configuration manager rather than just the configuration manager. Once this is verified, IT can modify co-management settings utilizing the configuration manager console. These settings are things like specifying devices for pilot groups and automatic enrollment in Intune.
Once a pilot group of devices has been created, you have three options for deciding on which devices are co-managed and those options are: None; meaning that co-management is not enabled and devices will be managed by the configuration manager. Pilot; indicating that only devices specified in the pilot collection will be co-managed, and All; which as you may have guessed, indicates all device capable of being co-managed will be co-managed. Co-managing devices also allows administration to specify which tools manage which settings. For example, you can choose which solution controls compliance policies, resource access policies, Windows updates policies, and endpoint protection policies.
These options specifically are incredibly helpful for organizations looking to eventually transition to a fully cloud or Intune-based solution. Each of these settings has three separate options which allow organizations to easily swap between device management solutions. Simply put, when deciding which solution manages what setting, you can choose between the configuration manager, Intune or Pilot Intune. If you choose the configuration manager, the workloads of that specific setting will be managed solely by the configuration manager for any co-managed device.
Intune on the other hand, is the exact opposite, where all workloads for that specific setting will be managed by Intune for co-managed devices. And the final option being Pilot Intune is a bit varied as it enables Intune to manage the workload for the settings of co-managed devices in the pilot collection and any device not currently in the pilot collection can continue to be managed by the configuration manager. The Pilot Intune option is specifically helpful for organizations making a transition to Intune as they can slowly make the transition between pilot devices before making full swap over to Intune management.
Lee has spent most of his professional career learning as much as he could about PC hardware and software while working as a PC technician with Microsoft. Once covid hit, he moved into a customer training role with the goal to get as many people prepared for remote work as possible using Microsoft 365. Being both Microsoft 365 certified and a self-proclaimed Microsoft Teams expert, Lee continues to expand his knowledge by working through the wide range of Microsoft certifications.