Planning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) and On-Premises Tools (20398B)
This course is intended for IT professionals and consultants who plan, deploy, and manage devices and applications in medium to large organizations. A significant portion of this audience works in on-premises Active Directory Domain Services (AD DS) environments with both domain-joined and non-domain joined devices, for which they need to provide mobile device management and secure data access. Devices in such environments typically run Windows 10, Windows 10 Mobile, iOS, and Android. They plan to extend on-premises AD DS to the cloud and they need to learn how to plan and implement Enterprise Mobility Suite.
In addition to their professional experience, students who attend this training should already have the following technical knowledge:
- TCP/IP networking fundamentals
- Understanding of Domain Name System (DNS)
- Working knowledge of Active Directory principles
- Understanding of the public key infrastructure (PKI) fundamentals
- Understanding of cloud-based service concepts
- Windows Server 2012 R2 fundamentals, including Remote Desktop Services
- Experience with Windows 10
- Familiarity with Windows PowerShell
- Basic knowledge of mobile platforms
After completing this course, students will be able to:
- Use devices in the enterprise environment.
- Implement and administer Microsoft Azure Active Directory (Azure AD).
- Connect AD DS with Azure AD.
- Manage devices in Microsoft Office 365.
- Plan and implement Intune.
- Use Intune to manage devices.
- Plan and implement app support.
- Use Intune to manage applications and Resource Access.
- Plan and implement Microsoft Azure Rights Management (Azure RMS).
- Plan and implement Remote Access.
- Plan and implement Dynamic Access Control and auditing.
- Plan and protect data.
- Recover data and operating systems.
Module 1: Using devices in the enterprise environment
This is an overview module that introduces changes and challenges in today's typical workplace, and the solutions to address them. The intention of this module is to set the stage for later modules, and to introduce the Enterprise Mobility Suite.
Module 2: Implementing and administering Azure AD
In this module students will learn how to manage devices in an on-premises Active Directory environment. They will learn about cloud identity, and the features that Azure AD provides. They also will learn about Azure AD offerings, how to create and manage an Azure AD tenant, and how claims-based authentication works.
Module 3: Connecting AD DS with Azure AD
In this module students will learn how to connect their on-premises AD DS with Azure AD. They will learn about Azure AD Connect, and how either to synchronize entire identities to Azure AD, including password hashes, or to establish federation with Azure AD.
Module 4: Managing devices in Office 365
In this module students will learn about Office 365 and its main features. The focus of this module is on device management by using mobile device management for Office 365.
Module 5: Planning and implementing Microsoft Intune
In this module students will learn how to plan for Microsoft Intune, how to deploy an Intune client, and how to perform basic Intune administration.
Module 6: Managing devices by using Intune
In this module students will learn how to enroll and manage mobile devices with Intune, create, manage and deploy different types of Intune policies, and manage updates and Windows Defender by using Microsoft Intune.
Module 7: Using Microsoft Intune to manage applications and resource access
In this module students will learn how to manage application deployments by using Microsoft Intune. They will also learn how to deploy settings, such as VPN profiles, Wi-Fi profiles and certificates to Intune clients.
Module 8: Planning and implementing Azure RMS
In this module students will learn how to plan and implement Azure Rights Management to protect digital content. They also will learn which applications can integrate with Azure Rights Management, and how to use Azure Rights Management with Office 365 in an on-premises infrastructure.
Module 9: Planning and implementing app support
In this module students will learn how they can mitigate compatibility issues between applications on the same device, and between the application and the operating system. They also will learn about RemoteApp and Azure RemoteApp programs, which enable you to run Windows apps on any device with the Remote Desktop Protocol (RDP) client.
Module 10: Planning and implementing remote access
In this module students will learn how to provide remote access from devices to a company network. They also will learn how to provide access to company infrastructure servers, data in work folders, and data that is stored in the cloud.
Module 11: Planning and implementing Dynamic Access Control and auditing
In this module students will learn how to implement Dynamic Access Control, and how to configure and use advanced auditing.
Module 12: Planning and protecting data
In this module students will learn how to protect data on a device by using encryption or BitLocker. They will also learn about Enterprise Data Protection and how data can be remotely wiped if a device is lost or stolen.
Module 13: Recovering data and operating systems
In this module students will learn how to plan and implement file recovery and device recovery of Windows 10 devices. They also will learn how to update a Windows 10 device, and learn about Windows Branch.