{"id":164,"date":"2021-10-15T15:41:03","date_gmt":"2021-10-15T15:41:03","guid":{"rendered":"https:\/\/dillonfletcher.co.uk\/?p=164"},"modified":"2021-10-15T15:41:04","modified_gmt":"2021-10-15T15:41:04","slug":"experimenting-with-intune","status":"publish","type":"post","link":"https:\/\/dillonfletcher.co.uk\/?p=164","title":{"rendered":"Experimenting with Intune"},"content":{"rendered":"\n

In this post I will be learning about Intune deployment. I have pre-deployed a fresh Windows 11 test device onto my Hybrid Active Directory domain (Azure AD is synced with On-Prem Domain Controller), in this post I will do a basic intune setup, and then enroll the device into intune, and apply a basic policy.<\/p>\n\n\n\n

\"\"
(Old) Thinkpad T420 test machine <\/figcaption><\/figure>\n\n\n\n

This guide assumes you have the following:<\/p>\n\n\n\n

  1. A Hybrid Azure AD domain<\/li>
  2. Office 365\/Azure AD accounts with the relevant Office licenses (I am using a Enterprise Mobility + Security E5 trial license).<\/li>
  3. A Windows 11 device joined to your domain and logged into a domain account linked with the license mentioned above.<\/li><\/ol>\n\n\n\n

    <\/p>\n\n\n\n

    1. Install Company Portal and enroll the device<\/h2>\n\n\n\n

    To install company portal, you must login to Microsoft Business Store<\/a> in a browser, search for “Company Portal” and install it onto your device as shown below<\/p>\n\n\n\n

    \"\"
    Company Portal on Business Store<\/figcaption><\/figure>\n\n\n\n

    When company portal has installed, open the start menu, open Company Portal, sign in, and enroll your device onto intune as shown:<\/p>\n\n\n\n

    \"\"
    Company Portal after enrollment<\/figcaption><\/figure>\n\n\n\n

    <\/p>\n\n\n\n

    The device is now successfully connected to Intune. You can automate this process through Active Directory, however, since I am using a trial license for learning, I do not want to enroll all of my domains computers into Intune, so I did the above manual process.<\/p>\n\n\n\n

    <\/p>\n\n\n\n

    2. Check out the endpoint manager<\/h2>\n\n\n\n

    Start by logging into endpoint.microsoft.com<\/a>, and clicking devices:<\/p>\n\n\n\n

    \"\"
    Endpoint manager home screen<\/figcaption><\/figure>\n\n\n\n

    Clicking this will bring up all devices enrolled into intune:<\/p>\n\n\n\n

    \"\"
    The Thinkpad listed in devices<\/figcaption><\/figure>\n\n\n\n

    The device is now listed in endpoint manger, this means enrollment definetly was successful! Now, click on the device name:<\/p>\n\n\n\n

    \"\"
    Thinkpad Device Options<\/figcaption><\/figure>\n\n\n\n

    This will show device specific options, you can retire, wipe, reboot, Autopilot Reset (reverts device to an OOBE domain joined state), Fresh start (removes all extra Win32 applications), and anti virus scan. On the menu on the left, you can also find device information, such as compliance info, apps installed on the machine, diagnostics, and bitlocker recovery keys.<\/p>\n\n\n\n

    3. Setup a BitLocker encryption policy<\/h2>\n\n\n\n

    Go back to the home screen and click Endpoint Security, then click Disk Encryption:<\/p>\n\n\n\n

    \"\"<\/figure>\n\n\n\n

    Create a new profile with the following settings:<\/p>\n\n\n\n

    • \"\"<\/figure><\/li>
    • \"\"<\/figure><\/li><\/ul><\/figure>\n\n\n\n

      Now your device should be enrolled into Bitlocker. You can check that all your devices would be compliant by adding a compliance policy. It is a similar process and can be found under “Devices > Compliance Policies”. This is what will trigger the “Compliant” or “Error” under the devices compliant status.<\/p>\n\n\n\n

      <\/p>\n\n\n\n

      Now sync the device from endpoint device options, and ensure that it begins encrypting:<\/p>\n\n\n\n

      \"\"<\/figure>\n\n\n\n

      I received this notification on the Thinkpad, meaning that the policy was successfully pushed. I assume this process would normally start automatically, but since my test machine is so old, it doesnt have a TPM chip to store encryption keys on, and clicking the notification prompted me to turn on the TPM in the BIOS. However, it is a good proof of concept I have successfully learnt the basics of Intune! From here, I can learn to push apps\/app policies and configuration policies.<\/p>\n","protected":false},"excerpt":{"rendered":"

      In this post I will be learning about Intune deployment. I have pre-deployed a fresh Windows 11 test device onto my Hybrid Active Directory domain (Azure AD is synced with On-Prem Domain Controller), in this post I will do a basic intune setup, and then enroll the device into intune, and apply a basic policy. […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-164","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"\nExperimenting with Intune - Dillon Fletcher<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/dillonfletcher.co.uk\/?p=164\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Experimenting with Intune - Dillon Fletcher\" \/>\n<meta property=\"og:description\" content=\"In this post I will be learning about Intune deployment. I have pre-deployed a fresh Windows 11 test device onto my Hybrid Active Directory domain (Azure AD is synced with On-Prem Domain Controller), in this post I will do a basic intune setup, and then enroll the device into intune, and apply a basic policy. […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/dillonfletcher.co.uk\/?p=164\" \/>\n<meta property=\"og:site_name\" content=\"Dillon Fletcher\" \/>\n<meta property=\"article:published_time\" content=\"2021-10-15T15:41:03+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-10-15T15:41:04+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/dillonfletcher.co.uk\/wp-content\/uploads\/2021\/10\/t420.jpg\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/dillonfletcher.co.uk\/?p=164\",\"url\":\"https:\/\/dillonfletcher.co.uk\/?p=164\",\"name\":\"Experimenting with Intune - Dillon Fletcher\",\"isPartOf\":{\"@id\":\"https:\/\/dillonfletcher.co.uk\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/dillonfletcher.co.uk\/?p=164#primaryimage\"},\"image\":{\"@id\":\"https:\/\/dillonfletcher.co.uk\/?p=164#primaryimage\"},\"thumbnailUrl\":\"https:\/\/dillonfletcher.co.uk\/wp-content\/uploads\/2021\/10\/t420.jpg\",\"datePublished\":\"2021-10-15T15:41:03+00:00\",\"dateModified\":\"2021-10-15T15:41:04+00:00\",\"author\":{\"@id\":\"https:\/\/dillonfletcher.co.uk\/#\/schema\/person\/93633b34164a44661bb41e8a436d5535\"},\"breadcrumb\":{\"@id\":\"https:\/\/dillonfletcher.co.uk\/?p=164#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/dillonfletcher.co.uk\/?p=164\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/dillonfletcher.co.uk\/?p=164#primaryimage\",\"url\":\"https:\/\/dillonfletcher.co.uk\/wp-content\/uploads\/2021\/10\/t420.jpg\",\"contentUrl\":\"https:\/\/dillonfletcher.co.uk\/wp-content\/uploads\/2021\/10\/t420.jpg\",\"width\":750,\"height\":1000},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/dillonfletcher.co.uk\/?p=164#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/dillonfletcher.co.uk\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Experimenting with Intune\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/dillonfletcher.co.uk\/#website\",\"url\":\"https:\/\/dillonfletcher.co.uk\/\",\"name\":\"Dillon Fletcher - Personal Site\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/dillonfletcher.co.uk\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/dillonfletcher.co.uk\/#\/schema\/person\/93633b34164a44661bb41e8a436d5535\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/dillonfletcher.co.uk\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/7711d63308d3f4b9ce89cffa22159871b500b5bf670d38c80d828722cf42006a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/7711d63308d3f4b9ce89cffa22159871b500b5bf670d38c80d828722cf42006a?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"http:\/\/dillonfletcher.co.uk\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Experimenting with Intune - Dillon Fletcher","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/dillonfletcher.co.uk\/?p=164","og_locale":"en_US","og_type":"article","og_title":"Experimenting with Intune - Dillon Fletcher","og_description":"In this post I will be learning about Intune deployment. I have pre-deployed a fresh Windows 11 test device onto my Hybrid Active Directory domain (Azure AD is synced with On-Prem Domain Controller), in this post I will do a basic intune setup, and then enroll the device into intune, and apply a basic policy. […]","og_url":"https:\/\/dillonfletcher.co.uk\/?p=164","og_site_name":"Dillon Fletcher","article_published_time":"2021-10-15T15:41:03+00:00","article_modified_time":"2021-10-15T15:41:04+00:00","og_image":[{"url":"https:\/\/dillonfletcher.co.uk\/wp-content\/uploads\/2021\/10\/t420.jpg","type":"","width":"","height":""}],"author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/dillonfletcher.co.uk\/?p=164","url":"https:\/\/dillonfletcher.co.uk\/?p=164","name":"Experimenting with Intune - Dillon Fletcher","isPartOf":{"@id":"https:\/\/dillonfletcher.co.uk\/#website"},"primaryImageOfPage":{"@id":"https:\/\/dillonfletcher.co.uk\/?p=164#primaryimage"},"image":{"@id":"https:\/\/dillonfletcher.co.uk\/?p=164#primaryimage"},"thumbnailUrl":"https:\/\/dillonfletcher.co.uk\/wp-content\/uploads\/2021\/10\/t420.jpg","datePublished":"2021-10-15T15:41:03+00:00","dateModified":"2021-10-15T15:41:04+00:00","author":{"@id":"https:\/\/dillonfletcher.co.uk\/#\/schema\/person\/93633b34164a44661bb41e8a436d5535"},"breadcrumb":{"@id":"https:\/\/dillonfletcher.co.uk\/?p=164#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/dillonfletcher.co.uk\/?p=164"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/dillonfletcher.co.uk\/?p=164#primaryimage","url":"https:\/\/dillonfletcher.co.uk\/wp-content\/uploads\/2021\/10\/t420.jpg","contentUrl":"https:\/\/dillonfletcher.co.uk\/wp-content\/uploads\/2021\/10\/t420.jpg","width":750,"height":1000},{"@type":"BreadcrumbList","@id":"https:\/\/dillonfletcher.co.uk\/?p=164#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/dillonfletcher.co.uk\/"},{"@type":"ListItem","position":2,"name":"Experimenting with Intune"}]},{"@type":"WebSite","@id":"https:\/\/dillonfletcher.co.uk\/#website","url":"https:\/\/dillonfletcher.co.uk\/","name":"Dillon Fletcher - Personal Site","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/dillonfletcher.co.uk\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/dillonfletcher.co.uk\/#\/schema\/person\/93633b34164a44661bb41e8a436d5535","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/dillonfletcher.co.uk\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/7711d63308d3f4b9ce89cffa22159871b500b5bf670d38c80d828722cf42006a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7711d63308d3f4b9ce89cffa22159871b500b5bf670d38c80d828722cf42006a?s=96&d=mm&r=g","caption":"admin"},"sameAs":["http:\/\/dillonfletcher.co.uk"]}]}},"_links":{"self":[{"href":"https:\/\/dillonfletcher.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/164","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dillonfletcher.co.uk\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dillonfletcher.co.uk\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dillonfletcher.co.uk\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dillonfletcher.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=164"}],"version-history":[{"count":5,"href":"https:\/\/dillonfletcher.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/164\/revisions"}],"predecessor-version":[{"id":181,"href":"https:\/\/dillonfletcher.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/164\/revisions\/181"}],"wp:attachment":[{"href":"https:\/\/dillonfletcher.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=164"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dillonfletcher.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=164"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dillonfletcher.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=164"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}