Project Overview
Homme bound was running on-premises Active Directory domain environment & was using Microsoft 365 for email and Office apps along with synchronized on-premises identities in Office365.
Objective of this project is to automatically join all on-premises domain joined computers / laptops to Azure Active Directory in Hybrid Mode. Also, enroll them to Intune Mobile Device Management (MDM) solution for centralized device management in cloud.
Technical Challenges
Windows device should be connected to the organization’s VPN for successfully implementing group policy. After which automatic joining of devices in Hybrid & Intune enrollment was achieved by creating and implementing group policy settings on users’ devices.
Solution
Joined all Users’ machines to Azure AD Join followed by automatic enrollment of them to MDM (Intune) & setting up Windows Autopilot Profile for devices to get it up in a business ready state for ready to use.
- Joined all User machines (Computers, Laptops and Smartphones) to Azure AD using Azure AD join Method.
- Automatic Setup of One Drive Application for users along with syncing of shared libraries under Windows Explorer.
- Windows Defender antivirus should always be enabled and kept up to date.
- Bit locker enabled on all computers and laptops; keys stored in Azure Ad/Intune
- Windows update policy requiring the latest cumulative patches from Microsoft and critical updates to access company data
- Setup MAM to protect company data (copy-paste to non-approved app is blocked, for example)
Technologies Used
Accomplishment
- The Microsoft Endpoint manager (Intune) deployment was carried out without hampering productivity of the users.
- The existing tenant configurations of users was also not obstructed.
