Time
6 hours 59 minutes
Difficulty
Intermediate
CEU/CPE
7

Video Transcription

00:00
Welcome back submarines to the M s. 3 65 Security Administration. Course.
00:05
I'm your structure, Jim Daniels.
00:08
And in this lesson, we're actually winding up Module three. We're gonna wind it up.
00:12
Is one up or one down?
00:14
We're gonna complete module three. How about that? We're gonna complete industry. 60. Found threat protection
00:19
by finishing out. Let's inform ability.
00:22
Enrolling Indian devices
00:25
the gas from top gear. Wonder it's apple. Made a car would have windows.
00:31
Some of the ponder something. Think about
00:34
anyway. This lesson We're gonna go to enrollment options with Windows 10
00:39
Android, Mac OS and IOS devices.
00:43
Automatic enrollment in the in tune is only for Windows 10 devices.
00:49
There are some other ways you can kind of get around for other devices. You got that? Everything set up in in place. So for Windows 10 devices,
00:57
it can be automatic. There are three methods to enroll
01:00
policy.
01:02
If the device is already joined one frame 80
01:04
you can use a GPS automatically enrolling into intern
01:10
immigration.
01:11
You can configure integration between as Brady and India.
01:15
So we join a Windows 10 device to as Grady, it's Arunachal enrolled into intern
01:22
manually.
01:23
You're gonna roll Windows 10 devices to Indian manually by using a settings app,
01:29
a provisioning package
01:30
or the company portal APP
01:34
Android Devices.
01:36
They could only be enrolled
01:38
in the interim by using the company portal out
01:41
andro enterprise profiles or compatible with insane
01:45
and they include.
01:47
And if it has brought profile,
01:49
that's for personal devices. Grain and permission access. Corporate data.
01:53
Android Enterprise. Dedicated profile That's corporate owned single use device.
02:00
Android Enterprise Full. We managed as corporate own single use device. He's exclusively for work and not personally use.
02:07
So those are the three profiles that you can use
02:12
manually
02:14
with the company portal. App to enroll Android Devices.
02:17
A de automated device enrollment
02:21
that lets you enroll or a number of devices without ever touching them.
02:25
The Apple Depth
02:27
Device enrollment program
02:30
is only available for devices that organization purchases through Apple or authorised resellers.
02:37
Two. Enabled
02:38
automated device enrollment.
02:39
Use both your instant and Apple business manager or Apple school manager portals.
02:46
So recently, apple change from using the Apple device and Roman program depth to Apple automated device. Enrollment
02:53
in tune is still reflecting some of this
02:57
in their portal, so you may see depth
03:00
where you may see a D.
03:01
However,
03:02
that is
03:04
former and 80 is now.
03:07
If your organization purchases Apple devices and they don't use depth,
03:14
you really need to get on that.
03:15
It's fantastic you have your own portal
03:19
within the Apple business bands, or you can actually
03:22
export your indium certain your a p n. Remember, we talked about the A P an apple push notification
03:29
exported from there you imported into in tune time. Together, you can have IOS devices. Do you buy
03:37
all? Go through your awful business manager.
03:39
Push them toward intern
03:43
Apple Businessman's. There needs to be used
03:45
for you to show that you own the device.
03:49
If you don't have them parses through Apple Business Manager,
03:53
they're gonna be some issues
03:54
later. One.
03:55
If you try to get
03:58
1% corporate manage devices,
04:00
remember, without automatic enrollment.
04:03
Windows 10 is the only device that could have automatic enrollment in the winter
04:09
as a lady's integrated
04:12
with intern than any Windows 10 devices. That use is joining as there will be our macro enroll.
04:17
You can roll android and IOS devices by using the company portal.
04:21
You can also configure a security policy and M s 3 65 or conditional access policy and incident,
04:28
so I'll access the company. Resource is only from enrolling devices.
04:31
There's the gotcha.
04:33
So one
04:34
a company policy you may have. Hey, the mobile devices accessing or exchange environment.
04:41
It needs to be enrolled.
04:43
So this would prevent
04:45
anyone from accessing without the device being enrolled.
04:48
There are numerous ways you can trigger it.
04:51
We have one policy for over *** devices.
04:56
So where whenever somebody opens up the other *** device and they trying to access anything that ties back into as a are as radi, that means email SharePoint one. Drop anything
05:10
that it requires their device to be enrolled
05:15
so they actually have to go in and roll the device. Or they can't use it to access
05:18
anything with Anil Corporate network
05:21
device enrollment managers. That's a special user account that can enroll up to 1000 devices in intern.
05:28
Think serviced as maybe you have a
05:30
an employee that has a student. A staging area for mobile devices
05:34
is useful for those devices that were print by service does prior to handing them out.
05:40
Vices they're enrolled by device and rolling manager have differences when compared to devices that enrolled individual about users,
05:46
including that a White Restrictions and Android enterprise restrictions.
05:51
A user must be a global admin or member of the in tune service admin as radi role
05:58
to be able to perform the task that are related to the device enrollment manager
06:02
Um, if we all know is great.
06:04
It's
06:05
what everybody should be using. There are some considerations
06:10
when you have anything a already enable
06:12
or you want to plan it out to your mobile workforce
06:15
in an environment where stronger off indications required
06:19
you need include MF A in the enrollment process.
06:23
In the face secures a sign in and 03 65
06:26
making this one isis policy that could be created that requires in F A.
06:30
So you can say you can't even enroll your device until you have in the faith for your account.
06:35
So that's the signal.
06:38
Is this user's account
06:40
enrolling in this? Say it's not
06:42
from for enrollment.
06:44
If it is okay,
06:46
check that can access the resource
06:50
quiz
06:51
device. Enrollment managers can roll. How many devices in in tune?
06:57
500
06:58
1,005,000, 2000 or 100?
07:06
If you said 1000. You're correct.
07:12
You really went anything but you're correct.
07:15
Birchall STORE.
07:17
So to recap, today's lesson automatic enrollment in the in tune is only for Windows 10 devices.
07:25
Don't let that trick you up.
07:28
One exam
07:29
are three methods to enroll when this in devices,
07:31
good policy
07:33
integration and manual
07:36
android devices can only be enrolled manually to India by using the company portal APP.
07:43
Automated device enrollment lets you roll large numbers of Apple devices without ever touching them.
07:48
The vice and Roma manager is a special user role
07:53
used to enroll up to 1000 devices in interim.
07:57
Thank you for joining me when this lesson about enrolling devices and intern
08:03
I hope to see you for the next model, take care.

Up Next

MS-500: Microsoft 365 Security Administration

The Microsoft 365 Security Administration course is designed to prepare students to take and pass the MS-500 certification exam. The course covers the four domains of the exam, providing students with the knowledge and skills they need to earn their credential.

Instructed By

Instructor Profile Image
Jim Daniels
IT Architect
Instructor