Welcome to our The Ultimate Microsoft Intune Beginner’s Guide! If you’ve ever felt like managing devices is as confusing as assembling IKEA furniture without the instructions, you’re in the right place!. In this blog post I want to show you, how you can easily setup Microsoft Intune in your environment. But first, we will have a look at the features and possibilities of Microsoft Intune. You will get a lot of Insider Informations and helpful Tipps to become a real Intune Pro! So grab a cup of coffee, kick back, and let’s dive into the wonderful world of Microsoft Intune.
Quick Microsoft Intune Overview
Microsoft Intune is a cloud-based SaaS (Software as a Service) software that helps organizations manage and secure their devices and deploy applications to the users. It’s a cloud-based service which means, you can manage devices from around the world from one dashboard. But what exactly can I do?
Almost impossible to describe all the features here. Just to name some things in a small sentence: With Microsoft Intune you can manage Windows, Mac, Linux, ChromeOS, Android and iOS devices. Manage means, you can deploy different Device Configurations, Security Settings or Applications to the devices. For example can you deploy BitLocker or Adobe Reader automatically to the devices. Of course there are a lot more features Microsoft Intune offers but this should give you a small impression of the features.
The Ultimate Microsoft Intune Beginner’s Guide
This Guide should give you a structure in the Microsoft Intune deployment. Of course it’s not necessary to do every step exactly as described. For example you don’t need to add Applications right away. But it should give you a guide on how all the Microsoft Intune features work.
Before we begin
Before we begin setting up Microsoft Intune in your environment there are some Prerequisites. Because Microsoft Intune is a cloud-based service you will need the right Licenses in your environment. To use the default Microsoft Intune features you will need a base License. I have already created a blog post about Microsoft Intune Licenses where I discussed all the licenses, go check it out.
Here is a list of the Licenses where you will be able to use Microsoft Intune:
- Microsoft 365 E5
- Microsoft 365 E3
- Enterprise Mobility + Security E5
- Enterprise Mobility + Security E3
- Microsoft 365 Business Premium
- Microsoft 365 F1
- Microsoft 365 F3
- Microsoft 365 Government G5
- Microsoft 365 Government G3
- Microsoft Intune for Education
The Administrator does not need a License. So if the end users is assigned a License from above you did everything right.
With the License assigned you can explore the Microsoft Intune Portal. You are right, Microsoft Intune has its own Portal. You can find it on:
From this Portal we will configure in the next step our Microsoft Intune environment. So if you are ready, go ahead to step 1.
Step 1: Setup Microsoft Intune
Let’s start with the first step. In this step we will login to the portal and set the mobile device management authority. Do not panic, I will guide you through the steps.
So first we will login to the Microsoft Intune Portal.
- Go to https://intune.microsoft.com/
On there login with your Administrator Account. Make sure you have the correct permission to access Microsoft Intune.
In the Microsoft Intune Portal you should have a yellow or orange banner on top with the name Mobile Device Management Authority. If your authority is already set you wont see the banner. When that’s the case you can skip this step. Click on the banner. You should end on the authority settings page.
- Click on the yellow banner if present (otherwise you can skip this step)
- On here set the authority to the Intune MDM Authority
Perfect, this will make sure Microsoft Intune is activated and you can start working on the configuration. You can now proceed with the next step.
Step 2: Configure Device Features and Settings
With Microsoft Intune you can deploy Configuration and Settings. In Microsoft Intune it’s called Configuration Profiles. If you are familiar with GPO’s it’s almost exactly the same. You have mostly the exact same settings as in GPO’s. There are a lot, really a lot policies you can deploy. I will show you where you can find the Configuration Profile setting in the Microsoft Intune Portal. Afterwards I will give you some examples of Settings you can deploy. If you want to see my favorite policies in Microsoft Intune you can have a look at The 10 best game changing Microsoft Intune Policies.
You can find the Configuration Profile setting in the Microsoft Intune Portal > Devices > Configuration.
On here you can create new Configurations and deploy them to the users or devices. Here is a short list of Microsoft Intune Configurations you can set with Configuration Profiles. Just check the blog post out and also have a look at The 10 best game changing Microsoft Intune Policies.
Step 3: Deploy Applications
One big big perk about Microsoft Intune is, that you can deploy your needed Applications with Microsoft Intune. This allows an automatic installation on the users side. So you create the application on the Microsoft Intune Portal and in the next moment the application will be installed on the devices. Where do I create applications in Microsoft Intune?
You can find the application section on the Microsoft Intune Portal on Apps > All Apps.
On here you can create application and deploy them to your devices. But what application can you deploy?
The application section in Microsoft Intune is a whole different chapter. For every device Platform for example Windows, Android or iOS the process is different. That’s why, the best thing you can do is just create some application with the help of some Guides. I have here listed some application deployment blog post mainly for Windows applications. Just take one you’re interested in and create it in your environment.
Step 4: Enroll Devices
You have setup some configurations and apps. But no devices yet? We will change this.
In this step we will have a look on how we can deploy devices to Microsoft Intune. Because there are multiple options for every device category available, I will just describe them here and link the detailed documentation for it. What options do I have? Let’s start with Windows devices.
Windows devices
For Windows devices you have the following options:
- Method 1: Add work or school account
- Method 2: Enroll in MDM only (user driven)
- Method 3: Microsoft Entra join (OOBE)
- Method 4: Microsoft Entra join (Autopilot – user-driven deployment mode)
- Method 5: Microsoft Entra join (Autopilot self-deploying mode)
- Method 6: Enroll in MDM only (Device Enrollment Manager)
- Method 7: Configuration Manager co-management
- Method 8: Microsoft Entra join (bulk enrollment)
I have created a blog post where I discussed every method from above. Just have a look How to enroll Windows devices in Microsoft Intune.
A lot of options right? To simplify the whole process I will give you my methods I always use.
If your device is completely new out of the box, you can use the Method 3: Microsoft Entra join (OOBE). On the setup of the device you can just login with a Microsoft Account from your environment. Then the device will be automatically deployed to Microsoft Intune. I used this to play around with my environment. Next step you can have a look at the Microsoft Intune Autopilot feature. With Autopilot you can make your whole deployment way easier. You can setup user driven deployments where a user just has to login and the device will provision by its own, without interaction of a administrator.
Linux devices
Linux is a pretty new device support which Microsoft added to Intune. You can add Linux devices with the help of the Company Portal application. There are some limitations when managing Linux devices, but I have already created a blog post where I give you a step by step instruction on How to enroll Linux device in Microsoft Intune.
Android and IOS devices
For mobile devices it’s pretty easy to join it to Microsoft Intune. There are some different options how you can deploy the devices in Microsoft Intune. But if you want to take it easy, you can just install the Company Portal application on the device. In the app just follow the steps shown. After the setup you will have your device in the Microsoft Intune Portal.
Conclusion
You learned how to do your first Microsoft Intune configurations with the help of The Ultimate Microsoft Intune Beginner’s Guide. We have had a look at the license requirements. In the first step we logged in into the Microsoft Intune Portal and set the Intune MDM Authority. With the Microsoft Intune I have showed you some example configuration settings and some example applications you can deploy. In the last step I have shown you how you can enroll the different devices. We hope this guide has provided you with valuable insights to improve your device management strategy. Did you enjoy this article? Dont forget to follow us and share this article. If you have any questions or need further assistance, feel free to reach out or leave a comment below.
