Helpfull informations about Microsoft Intune
Entra ID configuration before starting with Intune
Tenant
Possible licenses for Microsoft 365/Intune/Azure tenant
- Microsoft 365 E3
- Microsoft 365 E5
- Microsoft 365 F1
- Microsoft 365 F3
- Microsoft 365 A3 (Education only)
- Microsoft 365 A5 (Education only)
- Microsoft Business Premium
Entra ID roles
- Intune Administrator
- Microsoft Entra Joined Device Local Administrator
Add a new user and assign this both roles to new user.
Entra ID device settings
- Entra admin center -> Devices -> Device settings -> Users may join devices to Microsoft Entra -> All
- Require Multifactor Authentication -> No (should be used with Conditinal Access)
- Maximum number of devices per user -> default value 50
Entra ID Enterprise State Roaming (ESR)
Tool to backup certain user settings for moving between different Windows devices. do not know how it should work with macOS…
Entra ID static groups
- Entra admin center -> Groups -> New group -> Membership type -> Assigned
Entra ID dynamic groups
- Entra admin center -> Groups -> New group -> Membership type -> Dynamic User -> Add dynamic query -> Configure Rules
- Entra admin center -> Groups -> New group -> Membership type -> Dynamic Device -> Add dynamic query -> Configure Rules
Entra ID MDM/MAM scopes
- Entra admin center -> Mobility -> Microsoft Intune -> MDM user scope -> All
- Entra admin center -> Mobility -> Microsoft Intune -> Windows Information Ptorection (WIP) user scope -> All