MDM: Fundamentals, Security, and the Modern Desktop

MDM: Fundamentals, Security, and the Modern Desktop

by Jeremy Moskowitz
Released July 2019
Publisher(s): Sybex
ISBN: 9781119564324

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

The first major book on MDM written by Group Policy and Enterprise Mobility MVP and renowned expert, Jeremy Moskowitz!

With Windows 10, organizations can create a consistent set of configurations across the modern enterprise desktop—for PCs, tablets, and phones—through the common Mobile Device Management (MDM) layer. MDM gives organizations a way to configure settings that achieve their administrative intent without exposing every possible setting. One benefit of MDM is that it enables organizations to apply broader privacy, security, and application management settings through lighter and more efficient tools. MDM also allows organizations to target Internet-connected devices to manage policies without using Group Policy (GP) that requires on-premises domain-joined devices. This makes MDM the best choice for devices that are constantly on the go.

With Microsoft making this shift to using Mobile Device Management (MDM), a cloud-based policy-management system, IT professionals need to know how to do similar tasks they do with Group Policy, but now using MDM, with its differences and pitfalls.

•    What is MDM (and how is it different than GP)

•    Setup Azure AD and MDM Auto-Enrollment

•    New PC Rollouts and Remote Refreshes: Autopilot and Configuration Designer

•    Enterprise State Roaming and OneDrive Documents Roaming

Renowned expert and Microsoft Group Policy and Enterprise Mobility MVP Jeremy Moskowitz teaches you MDM fundamentals, essential troubleshooting techniques, and how to manage your enterprise desktops.

Table of contents

  1. Cover
  2. Acknowledgments
  3. About the Author
  4. Foreword
  5. Introduction
    1. EMM and MDM Redefined
    2. Terminology
    3. What You’ll Need to Get Started with This Book
    4. What I Won’t Be Covering in This Book
    5. How Do You Know This Book Won’t Be Out-of-Date 80 Seconds after You Buy It?
    6. A Final Note about Group Policy vs. MDM
    7. A Little about Me, This Book, PolicyPak, and Beyond
  6. Chapter 1 Enterprise Mobility and MDM Essentials
    1. Getting Ready to Use This Book
    2. Why the Need for MDM
    3. Group Policy and MDM Compared
    4. MDM: Guts, Protocols, and Moving Parts
    5. Final Thoughts
  7. Chapter 2 Set Up Azure AD and MDM
    1. Comparative Analysis of Different MDM Services
    2. Setting Up Auto-Enrollment and Enrolling Your First Machines
    3. Optional Steps: Custom Domain Names and AD to AAD Synchronization
    4. Final Thoughts
  8. Chapter 3 MDM Profiles, Policies, and Groups
    1. MDM Policies and the Policy CSP
    2. Creating and Using Groups
    3. Final Thoughts
  9. Chapter 4 Co-Management and Co-Policy Management
    1. Co-Management of SCCM and Intune
    2. Co-Policy Management: Group Policy and Your MDM Service
    3. Final Thoughts
  10. Chapter 5 MDM Migration and MDM Troubleshooting
    1. MMAT: Microsoft MDM Migration and Analysis Tool
    2. Troubleshooting MDM
    3. Final Thoughts
  11. Chapter 6 Deploying Software and Scripts
    1. Preparing for the Remainder of the Chapter
    2. Deploying MSI Applications with MDM
    3. Deploying AppX Apps via the Microsoft Store for Business
    4. Deploying MSIX with MDM
    5. Deploying Office 365 ProPlus with MDM
    6. Deploying Win32 Apps with MDM
    7. Deploying Scripts with Your MDM Service
    8. Delivering Other Software and Files with MDM (Using PolicyPak File Delivery Manager)
    9. Final Thoughts
  12. Chapter 7 Enterprise State Roaming and OneDrive for Business
    1. Pregame Setup for This Chapter
    2. Enterprise State Roaming
    3. OneDrive for Business
    4. Final Thoughts
  13. Chapter 8 Rollouts and Refreshes with Configuration Designer and Autopilot
    1. Windows Configuration Designer
    2. Autopilot
    3. Scenario #2: Using a Tool, Like SCCM, to Migrate from Windows 7 to 10, then Triggering Autopilot via Configuration File
  14. Chapter 9 Windows 10 Health and Happiness: Servicing, Readiness, Analytics, and Compliance
    1. Windows, Office, and OneDrive as a Service
    2. Office and Application Readiness
    3. Desktop Analytics
    4. Device Compliance and Health Attestation
    5. Final Thoughts on Windows Health and Happiness
  15. Chapter 10 Security with Baselines, BitLocker, AppLocker, and Conditional Access
    1. Security Baselines
    2. BitLocker: Full Disk Encryption
    3. Application Whitelisting with AppLocker or PolicyPak Least Privilege Manager
    4. Conditional Access
    5. Final Thoughts on Security
  16. Chapter 11 MDM Add-On Tools: Free and Pay
    1. Company Portal App
    2. Microsoft Graph and the Graph Explorer
    3. PolicyPak On-Prem & MDM Edition
    4. Interesting Things I Found on the Internet
    5. Final Thoughts (on This Chapter, and about the Book!)
  17. Index
  18. End User License Agreement

Product information

  • Title: MDM: Fundamentals, Security, and the Modern Desktop
  • Author(s): Jeremy Moskowitz
  • Release date: July 2019
  • Publisher(s): Sybex
  • ISBN: 9781119564324