Moskowitz - MDM - FUNDAMENTALS, SECURITY AND THE MODERN DESKTOP: using intune, autopilot and azure to ... manage, deploy and secure windows 10

Copyright 2019 by John Wiley & Sons, Inc., Indianapolis, Indiana

Published simultaneously in Canada

ISBN: 978-1-119-56432-4
ISBN: 978-1-119-56434-8 (ebk.)
ISBN: 978-1-119-56427-0 (ebk.)

Manufactured in the United States of America

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.

Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Web site is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Web site may provide or recommendations it may make. Further, readers should be aware that Internet Web sites listed in this work may have changed or disappeared between when this work was written and when it is read.

For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S. at (877) 762-2974, outside the U.S. at (317) 572-3993 or fax (317) 572-4002.

Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.

Library of Congress Control Number: 2019943877

TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. Windows is a registered trademark of Microsoft Corporation. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.

For all the strong women in my life.

I want to start out by thanking Cathy Moya from Microsoft, without whom this book would not be possible. Thank you so much for reaching out to help find the right people to help answer the tough questions and help me believe that this book was necessary and possible. Seriously, this book wouldnt have existed without your help.

My next big thanks goes to Panu Saukko, Enterprise Mobility MVP who did the very un-glamorous job as my Technical Editor and made sure I didnt make stuff up, called me on all my crunchy areas, and added his own deep wisdom on the subject. Youre a strong, wise man, and Im honored to have you by my side as my technical editor on this book. An additional tip of the hat goes to Yinghua (Sandy) Zeng, Enterprise Mobility MVP, who helped double-fact-check various items and help me find the light in the dark on more than a few subjects. I cannot believe how much information and knowledge the two of you have in your heads.

Additional thanks to Stephen Rose for graciously providing the Foreword and reviewing the OneDrive content.

Thanks to full chapter reviewers and question answerers from Microsoft: Michael Neihaus, Mahyar Ghadiali, Ken Revels, Christian Refvik, Craig Marl, Aisha Wang, Dilip Radhakrishnan, Riki June, Peter Kaufman, Chris Hopkins, Jan Ketil, Skanke, Joe Kim, Sreekar Mankala and other friends and reviewers at Microsoft. Just wow. Thank you so, so much for taking time out of your busy workdays to help me and make this book the best it could be.

Thanks to my dream team at Sybex: Elizabeth Campbell, Judy Flynn, Christine OConnor, Kenyon Brown, and Pete Gaughan. You guys are the reason why quality wins out in the end.

Thanks to my wife and family for putting up with me missing some nights and weekends. And thanks to my awesome team at PolicyPak and MDMandGPanswers.com for bringing your A game every single day. I simply adore working with all of you.

Finally, if youre holding this book (or reading it online), I want to thank you for taking a chance on learning something new, stretching to a new place, and putting your trust in me.

Thank you for buying the book, joining me at my live events and at MDMandGPanswers.com, and for using my PolicyPak software.

Meeting you in person is my favorite part of the job, and I look forward to hearing how this book has helped you out.

Since becoming one of the worlds first MCSEs, Jeremy Moskowitz has performed Active Directory, Group Policy, and MDM planning and implementations for some of the nations largest organizations.

He is a 15-Year Microsoft MVP Awardee, first in Group Policy and Desktop Management, and now in Enterprise Mobility with an emphasis in Intune.

Jeremy is the founder of MDMandGPanswers.com and PolicyPak Software. Computerworld magazine ranked MDMandGPanswers.com as one of the 20 most useful Microsoft sites for IT professionals. EnterpriseMobilityExchange.com placed Jeremy (@jeremymoskowitz) on its list of the 7 Endpoint Management Voices on Twitter for IT pros to follow on social media.

His other book from Sybex is Group Policy Fundamentals, Security, and Troubleshooting, Third Edition date, which is on the Desktops of admins everywhere.

Get signed copies of his books, and learn more about Jeremys Group Policy and MDM Master Class training at www.MDMandGPanswers.com. Learn more about how to secure your Desktop and applications, manage all areas of Windows 10, and deploy all Group Policy settings through your MDM service at www.policypak.com.

Shortly after starting with the Windows team in 2009, I met Jeremy at a MVP mixer in Redmond. Within minutes he had me backed into a corner was inundating me with questions on Group Policy settings for the new Windows 7 beta that we just delivered.