Administering Microsoft Endpoint Manager Part 2
Вставка
- Опубліковано 7 сер 2024
- Part 2 - Starting life as System Centre Configuration Manager, the tech eventually moved to the cloud as Microsoft Intune. Recently the two products merged to become Microsoft Endpoint Manager. A fantastic set of tools to help deploy, administer and manage devices and applications to Microsoft 365 users. In 2020 the tools have gotten even better and is now regarded as one of the finest mobile management platforms in the industry. In this the second part of my 2 part series, I take a look at not only the security feature but also the tenant settings and of course the reporting & auditing features.
Visit my website: www.Andymalone.org - Наука та технологія
Thank you, thank you, thank you for creating and uploading another detailed but easy-to-understand video!
Thanks Donald I really appreciate your nice comments and great to have you on board.
Thank you Andy for this insightful and detailed video, very great content and very well explained.
Thanks so much I really appreciate it.
Thanks, appreciate helpful video!
Big love thank you for your great video it was very useful👌
Aw thank you I appreciate that😊
Very usesful video although it is full of information we need to practice a lot to understand how it works.
keep it up, thanks again
Of course practice is always a recommendation. Good luck and thanks😀
love these training videos
Glad you like them!
Hello Andy
Regarding the scan network, i would suggest not turning that one on, as if you have some massive network shares / alot of users, suddenly it will get heavy traffic to be scanned again and again.
Very good point I noticed that also.
Good tutorial, very useful, thanks. btw, you were assigning a group to exclude at 5.21, you meant to assign the group to include.
Ah you spotted that😁👍 Well done this a small error 😀
Do you have a video that deals with configuring Endpoint Manager for BYOD?
Good suggestion. Process is the same the only difference is when you do a wipe, it would be a partial wipe. This leaves the users data in tact. Once the company app (portal) installed, Company apps only function within the portal (bubble) itself and as such users cannot cut, copy etc between personal and business apps. But yes this is something I could look at later :-)
@@AndyMaloneMVP We only use byod devices for company email. we are switching from airwatch to intune. Would be nice to see how the process works from the beginning.
So .... for the Bit Locker Disk Encryption (16:00) is that the best place to set that up. Endpoint Security > Disk Encryption
I know there are other paths like
Devices > Compliance Policies
Devices > Windows > Compliance Policies
Endpoint Security > Security baselines > MDM Security Baseline
Or does that make a difference? Seems like it would be nice to have one place (path) to set that up but there are at least 4, seems like an easy way to have conflicting policy's.
Yes I believe this is the best place to set it up especially if you’re using InTune to manage devices. There are other places that you can do this, however you will find that in actual fact a lot of these are just shortcuts into in tune. Thanks again and best of luck
Thank you Andy, but unfortunately i haven't found the solution for a service desk with few offices abroad who have no technicien support in all offices but needs to remaster their owns computers in a remote session, do the cloud can do this ? to get down a windows image in a computer from the cloud to the on premise ? Do we need to boot on a windows PE for that first ? tks in advance.
Microsoft intune would help. You can purchase an add on licence and manage users and devices remotely. Have you looked at my endpoint manager videos?
@@AndyMaloneMVP Tks for your answer !!! you mean the video named "Administering Microsoft Endpoint Manager Part 1" ? can you tell me from what step i should watch the video ? 5:32 ? tks anyway
@@davidbourgie2843 Hi David. You need to learn Endpoint Manager / Intune as I think it can help. I recommend creating a trial E5 subscription which will give you access to the product so you can play with it and learn. Afterwards, you could add on a trial of Intune onto your Microsoft 365 subscription and practice on a couple of machines before rolling it out. If you don’t have the skill set to do this then I highly recommend for contacting a local Microsoft partner who can help you. All the best, Andy
Mate How do i get device id of all the computer connected in the network to enroll in Intune?
This video give a nice demo of how to get it. Check out docs.Microsoft.com as well for more details. ua-cam.com/video/RIvZIpHusu4/v-deo.html
I have azure ad join devices in which all end users are local admin now. i would like to remove the end user from local admin role could you please suggest if you have any idea, when users machine ad to azure ad user is also member of admin in local machine please suggest if you have any idea?
Hi thanks for your question. Unfortunately there is no way to do this on an already provision device. You can do it as part of a new Autopilot deployment. At the moment you can do it via PowerShell but autopilot and InTune are about to be updated soon. In the meantime here’s a useful article I found. All the best, Andy. docs.microsoft.com/en-us/azure/active-directory/devices/assign-local-admin
Can smart card authentication be used with Endpoint manager?
No.Smart cards can only be used in hybrid along with a local ADFS server.
can you tell me what is mean by remediated in the status?
Updated
@@AndyMaloneMVP so its not an error. Right?
This is correct. It could have indicated that the machine fell out of compliance for a short time and was updated.
Music are very loud
Gosh that an old video