Master Class: Intune Modern Device Management Intensiv Bundle (IMDMB) – Details

Detaillierter Kursinhalt

Tag 1: Foundation & Hybrid Identity

Microsoft 365 Tenant Setup für Desktop Management
  • Microsoft Entra ID Tenant Konfiguration und Lizenzierung
  • Intune Service Setup und DNS-Integration
  • Integration mit bestehenden AD DS Umgebungen
Hybrid Identity mit Entra Connect
  • Password Hash Sync vs. Passthrough Authentication
  • Microsoft Entra Connect Health Monitoring
  • Nahtlose SSO-Konfiguration für Windows und macOS
  • Troubleshooting von Synchronisationsproblemen
Device Identity Strategien
  • Microsoft Entra ID Registration vs. Entra ID Domain Join
  • Hybrid Entra ID Join Implementierung
  • Device-basierte Conditional Access Policies
  • Kerberos-Authentifizierung in hybriden Szenarien

Tag 2: Windows Management Grundlagen

Windows Autopilot Deployment
  • Hardware Hash Import und Device Registration
  • Self-Deploying Mode und User-Driven Deployment
  • Autopilot Reset und Reprovisioning
  • Windows Autopilot device preparation (Autopilot V2)
Windows Configuration Management
  • Settings Catalog für Windows 11 spezifische Einstellungen
  • Security Baselines Implementation
  • Windows Update for Business Integration
  • Custom Configuration Service Provider (CSP) Policies
Application Deployment für Windows
  • MSI, Store und Win32 App Deployment
  • PowerShell Script Deployment mit Intune Management Extension
  • Microsoft Store App Management
  • App Installation Monitoring und Reporting

Tag 3: macOS Management & Cross-Platform Security Features

Apple Business Manager Integration
  • Apple Business Manager Account Setup
  • Apple Push Certificates Management
  • Device Enrollment Program (DEP) Konfiguration
  • Volume Purchase Program (VPP) für App-Lizenzen
macOS Enrollment und Management
  • Automated Device Enrollment (ADE) für macOS
  • User Enrollment vs. Device Enrollment Strategien
  • macOS Configuration Profiles
  • Shell Script Deployment für macOS
Cross-Platform Compliance und Security
  • Unified Compliance Policies für Windows und macOS
  • Conditional Access für beide Plattformen
  • BitLocker und FileVault Management
  • Certificate-based Authentication (SCEP/PKCS)
  • Microsoft Defender für Windows und macOS

Tag 4: iOS Management & Apple Enterprise Integration

iOS/iPadOS Enrollment Strategien
  • Automated Device Enrollment (ADE) Konfiguration
  • User Enrollment vs. Device Enrollment
  • Apple Configurator Enrollment
  • BYOD Scenarios mit Apple Account Integration/Federation
iOS Configuration Management
  • iOS Configuration Profiles
  • Supervised vs. Unsupervised Device Management
  • Restrictions und Compliance Policies für iOS
  • HomeScreen Layout und App Organization
iOS Application Management
  • App Store Apps über VPP
  • Line-of-Business (LOB) Apps für iOS
  • App Protection Policies (MAM) für iOS
  • Per-App VPN Konfiguration für iOS
iOS Security und Compliance
  • iOS Passcode Policies und Touch/Face ID
  • iOS Device Compliance Requirements
  • Conditional Access für iOS Devices
  • iOS Data Loss Prevention (DLP)

Tag 5: Android Enterprise

Android Enterprise Framework
  • Android Enterprise Enrollment Modi (Work Profile, Fully Managed, Dedicated)
  • Google Play Console Integration
  • Managed Google Play Store Setup
  • Android Zero-Touch Enrollment
Android Device Management
  • Android Enterprise Work Profile Management
  • Fully Managed Device Scenarios
  • Android Dedicated Device (Kiosk) Configuration
  • Samsung Knox Integration
Android Application Management
  • Managed Google Play Apps
  • Private Apps im Managed Google Play Store
  • App Protection Policies (MAM) für Android