laat ons weten wat u vindt van deze sessie! vul de evaluatie...laat ons weten wat u vindt van deze...
TRANSCRIPT
Laat ons weten wat u vindt van deze sessie! Vul de evaluatie
in via www.techdaysapp.nl en maak kans op een van de 20
prijzen*. Prijswinnaars worden bekend gemaakt via Twitter (#TechDaysNL). Gebruik hiervoor de code op uw badge.
Let us know how you feel about this session! Give your
feedback via www.techdaysapp.nl and possibly win one of
the 20 prizes*. Winners will be announced via Twitter
(#TechDaysNL). Use your personal code on your badge.
* Over de uitslag kan niet worden gecorrespondeerd, prijzen zijn voorbeelden – All results are final, prices are examples
Application deployment
across several devices
with ConfigMgr 2012 R2 Kenneth van Surksum & Peter Daalmans
Agenda
• Introduction
•Microsoft’s Cross Plaform Architecture
•Enrollment
•Deployment Types for Mobile Applications
•Settings Management
Introduction
Who we are Kenneth van Surksum Consultant at itgration Microsoft MVP for 3 yrs, vExpert for 2 yrs
Authoring: • Contributor System Center 2012 Configuration Manager Unleashed • Contributor System Center 2012 R2 Configuration Manager Unleashed • Contributor System Center 2012 R2 Service Manager Unleashed • Co-Author Mastering Windows 7 Deployment
Communities: • Co-founder WMUG NL (http://wmug.nl) • Founder and Blogger www.vansurksum.com • Chief Editor at virtualization.info en cloudcomputing.info
Speaker: • Microsoft Techdays • Microsoft Management Summit
Follow me: @kennethvs / www.vansurksum.com
Who we are Peter Daalmans Senior Technical Consultant at IT-Concern 3 year Microsoft MVP: Enterprise Client Management (ConfigMgr and Windows Intune)
Author: • Mastering System Center 2012 Configuration Manager • Mastering System Center 2012 R2 Configuration Manager
Communities: • Co-founder WMUG NL (http://wmug.nl) • Founder and Blogger ConfigMgrBlog.com
Speaker: • Spoke on several events like TechDays Netherlands, ExpertsLive,
User Group meetings, TechEd New Zealand and TechEd Australia.
Follow me: @pdaalmans / ConfigMgrBlog.com / [email protected]
Cross platform
support
Microsoft’s cross-platform management
Microsoft’s cross-platform Architecture
Mac OS X
Windows PCs (x86/64, Intel SoC),
Windows to Go Windows Embedded
Windows RT, Windows Phone 8
iOS, Android
Microsoft Exchange Server 2010 SP3 Microsoft Exchange Server 2013
or Office 365
Windows Intune & ConfigMgr 2012 R2
• Infrastructural requirements: • Windows Intune subscription
• Windows Azure Active Directory Sync tool (DirSync)
• Windows Intune Connector site role
Single Sign On
• Two options: • Via Windows Azure Active Directory Sync tool (DirSync)
• Passwords need to be synced to Azure Active Directory • Authentication is done on Azure Active Directory
• DirSync and Active Directory Federation Services • No passwords are saved in the cloud • Authentication happens on your Active Directory
• Not supported but you can configure DirSync what to synchronize.
How does ADFS work?
AFDS Proxy ADFS / DC
Windows Azure Active Directory Sync tool without password sync
1. User goes to Windows Intune portal.manage.microsoft.com
2. User is redirected to ADFS Proxy
3. User provides AD credentials
4. Credentials are verified
5. User receives security token
6. User presents security token and gets access (or not)
DMZ
Active Directory 1. User goes to Windows Intune portal.manage.microsoft.com
2. User is redirected to ADFS Proxy
3. User provides AD credentials
4. Credentials are verified
5. User receives security token
Setting up Windows Intune
1. Go to http://www.windowsintune.com and sign up for a trial
2. Setup Domain Name in Windows Intune
3. Setup UPN in your Active Directory (if different from domain name in Windows Intune)
4. Setup DirSync
5. Setup ADFS / ADFS Proxy
6. Activate Users in Windows Intune Portal (https://account.manage.microsoft.com/)
7. Install and configure Windows Intune Connector in Configuration Manager 2012 R2 (set MDM Authority)
Demo Windows Intune and ConfigMgr together
How does ConfigMgr keep up
with Windows Intune and the market?
• Updates of Windows Intune are done quarterly
• Via the Extensions for Windows Intune Microsoft is able to add Windows Intune features to Configuration Manager 2012 R2
• Recently added: • Email Profiles Extension (Configure and wipe Exchange
ActiveSync accounts on managed iOS and Windows Phone 8 devices.)
• iOS 7 Security Settings (Adds functionality for iOS 7 security settings such as “Open In” and lock screen settings.)
Demo Extensions for Windows Intune
Mobile Device Enrollment
•Enrollment is done by the users themselves
•Enrollment can be done from the Company Portal for • Android • iPhone / iPad
•Enrollement via build in OMA-DM agent • Windows RT • Windows Phone
Demo Enrollment Android & iPad
End User Experience
Native Windows app package (.appx)
Available in the Windows Store
Windows Phone 8 Company Portal
iOS/Android Company Portal
Native Windows Phone 8 app (.xap)
Needs to be sideloaded
Web based portal Hosted in Windows Intune
Windows RT Company Portal
Deployment Types for Mobile
Applications
Platforms Windows App Windows Phone Apple iOS
Android
Application install (sideloading)
*.appx *.xap *.ipa *.apk
Deep links from store
Windows Store Windows Phone Store
Apple App Store Google Play
Deeplinking Applications
•Deeplinking • Providing direct links to the application in the Application Store
• Windows Store • Windows Phone Store
• Apple Store
• Google Play
Demo Deeplinking Mobile Applications
Sideloading
•Sideloading • In house/company custom developed applications
• Requires development tools/license • Microsoft: Visual Studio
• Apple: Xcode
• Google: Android Developer Tools plugin for Eclipse
Testing Sideloaded Applications
• Testing Applications • Google: Just enable installation on a per device basis
• Apple: UUID of device must be registred to developer (100 max/year) - http://developer.apple.com/programs/ios/enterprise
• Microsoft: Domain Joined Machines via GPO and a Certificate
• Microsoft Phone: Emulator for Windows Phone 8/Windows Intune
Trial Management for Windows Phone 8
Installing Sideloaded Applications
• Microsoft: Domain Joined (GPO/Certificate) or non domain joined
or specific editions (Pro) then sideloading key (per 100)
• Microsoft Windows (Phone): Code signing using Verisign Certificate (http://www.symantec.com/verisign/code-signing/windows-phone)
• Google: Just install
• Apple: Encrypted file must be authorized (uses Apple Fairplay DRM) and Installation must be done via Web Company Portal (http://m.manage.microsoft.com)
Demo Sideloading Mobile Applications
Web Applications
•Deploy a link to a website, just like an application
Settings Management
•Settings Management
•Retire/Wipe devices
Demo Settings Management
Laat ons weten wat u vindt van deze sessie! Vul de evaluatie
in via www.techdaysapp.nl en maak kans op een van de 20
prijzen*. Prijswinnaars worden bekend gemaakt via Twitter (#TechDaysNL). Gebruik hiervoor de code op uw badge.
Let us know how you feel about this session! Give your
feedback via www.techdaysapp.nl and possibly win one of
the 20 prizes*. Winners will be announced via Twitter
(#TechDaysNL). Use your personal code on your badge.
* Over de uitslag kan niet worden gecorrespondeerd, prijzen zijn voorbeelden – All results are final, prices are examples