Device Management Tasks – Manage identity and compliance

Configure Device Identifiers, Device Management Tasks, Microsoft MD-102 Exam, Monitor device compliance Device Management Tasks – Manage identity and compliance
Lourdes Nunez 06/03/2021 0 Comments

After devices have been registered or joined to Azure AD, they appear in the All Devices section of the Microsoft Entra admin center list. Devices managed by another management authority, such as Microsoft Intune, are also listed. You can search using the device name or device ID to locate a device.

When you have located a device, you can perform additional device management tasks, including:

  • Disable Disables access for all user accounts within your tenant on the disabled device. Once disabled, you can enable a device when necessary.
  • Delete Removes the devices from Azure AD.
  • Manage Enables you to manage some aspects of the selected device(s). Selecting Manage for devices opens the Managed Devices page and displays the All devices page from Intune. From here, you can perform standard Intune device management tasks, including:
    • Retire, wipe, and delete
    • Remote lock and restart
    • Sync
    • Fresh Start or Autopilot Reset
    • BitLocker key rotation
    • Establish a remote assistance session

Note Management Options Vary

The management options available depend on whether the device is enrolled in Intune, which is typical for Azure AD–joined devices. In addition, the operating system of the target device determines available options.

Implement the Intune Connector for Active Directory

Many organizations undertake a gradual migration to the cloud. This means that for a period of time—possibly an extended period of time—an organization’s devices might exist within the on-premises environment and the cloud. More specifically, devices will be joined to both AD DS and Azure AD. When a device is both AD DS– and Azure AD–joined, it is referred to as an Azure AD Hybrid–joined device.

There are two ways to Azure AD Hybrid-join your Windows devices:

  • For existing AD DS devices, configure synchronization with Azure AD using either:
    • Azure AD Connect Sync
    • Azure AD Cloud Sync
  • For new devices, configure an appropriate Windows Autopilot profile that uses the Hybrid Azure AD joined option and use the Intune Connector for Active Directory to create the required on-premises objects.

Leave a Reply

Your email address will not be published. Required fields are marked *