Detailed Course Outline
Day 1: Foundation & Hybrid Identity
Microsoft 365 Tenant Setup for Desktop Management
- Microsoft Entra ID Tenant configuration and licensing
- Intune Service Setup and DNS-Integration
- Integration with existing AD DS environments
Hybrid Identity with Entra Connect
- Password Hash Sync vs. Passthrough Authentication
- Microsoft Entra Connect Health Monitoring
- Seamless SSO configuration for Windows and macOS
- Troubleshooting synchronization problems
Device Identity Strategien
- Microsoft Entra ID Registration vs. Entra ID Domain Join
- Hybrid Entra ID Join implementation
- Device-based Conditional Access Policies
- Kerberos authentication in hybrid scenarios
Day 2: Windows Management Basics
Windows Autopilot Deployment
- Hardware Hash Import and Device Registration
- Self-Deploying Mode and User-Driven Deployment
- Autopilot Reset and Reprovisioning
- Windows Autopilot device preparation (Autopilot V2)
Windows Configuration Management
- Settings Catalog for Windows 11 specific settings
- Security Baselines Implementation
- Windows Update for Business Integration
- Custom Configuration Service Provider (CSP) Policies
Application Deployment for Windows
- MSI, Store and Win32 App Deployment
- PowerShell Script Deployment with Intune Management Extension
- Microsoft Store App Management
- App Installation Monitoring and Reporting
Day 3: macOS Management & Cross-Platform Security Features
Apple Business Manager Integration
- Apple Business Manager Account Setup
- Apple Push Certificates Management
- Device Enrollment Program (DEP) Konfiguration
- Volume Purchase Program (VPP) for app licenses
macOS Enrollment and Management
- Automated Device Enrollment (ADE) for macOS
- User Enrollment vs. Device Enrollment Strategien
- macOS Configuration Profiles
- Shell Script Deployment for macOS
Cross-Platform Compliance and Security
- Unified Compliance Policies for Windows und macOS
- Conditional access for both platforms
- BitLocker and FileVault Management
- Certificate-based Authentication (SCEP/PKCS)
- Microsoft Defender for Windows and macOS
Day 4: iOS Management & Apple Enterprise Integration
iOS/iPadOS Enrollment Strategies
- Automated Device Enrollment (ADE) Configuration
- User Enrollment vs. Device Enrollment
- Apple Configurator Enrollment
- BYOD Scenarios with Apple Account Integration/Federation
iOS Configuration Management
- iOS Configuration Profiles
- Supervised vs. Unsupervised Device Management
- Restrictions and Compliance Policies für iOS
- HomeScreen Layout and App Organization
iOS Application Management
- App Store apps via VPP
- Line-of-Business (LOB) apps for iOS
- App Protection Policies (MAM) for iOS
- Per-app VPN configuration for iOS
iOS Security and Compliance
- iOS Passcode Policies and Touch/Face ID
- iOS Device Compliance Requirements
- Conditional Access for iOS Devices
- iOS Data Loss Prevention (DLP)
Day 5: Android Enterprise
Android Enterprise Framework
- Android Enterprise Enrollment Modi (Work Profile, Fully Managed, Dedicated)
- Google Play Console Integration
- Managed Google Play Store Setup
- Android Zero-Touch Enrollment
Android Device Management
- Android Enterprise Work Profile Management
- Fully Managed Device Scenarios
- Android Dedicated Device (Kiosk) Configuration
- Samsung Knox Integration
Android Application Management
- Managed Google Play Apps
- Private Apps n the Managed Google Play Store
- App Protection Policies (MAM) for Android