Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Mastering Microsoft Intune
Mastering Microsoft Intune

Mastering Microsoft Intune: Deploy Windows 11, Windows 365 via Microsoft Intune, Copilot and advance management via Intune Suite , Second Edition

Arrow left icon
Profile Icon Christiaan Brinkhoff Profile Icon Per Larsen
Arrow right icon
€30.99 €41.99
Full star icon Full star icon Full star icon Full star icon Half star icon 4.6 (26 Ratings)
Paperback Mar 2024 822 pages 2nd Edition
eBook
€22.99 €32.99
Paperback
€30.99 €41.99
Subscription
Free Trial
Renews at €18.99p/m
Arrow left icon
Profile Icon Christiaan Brinkhoff Profile Icon Per Larsen
Arrow right icon
€30.99 €41.99
Full star icon Full star icon Full star icon Full star icon Half star icon 4.6 (26 Ratings)
Paperback Mar 2024 822 pages 2nd Edition
eBook
€22.99 €32.99
Paperback
€30.99 €41.99
Subscription
Free Trial
Renews at €18.99p/m
eBook
€22.99 €32.99
Paperback
€30.99 €41.99
Subscription
Free Trial
Renews at €18.99p/m

What do you get with Print?

Product feature icon Instant access to your digital eBook copy whilst your Print order is Shipped
Product feature icon Paperback book shipped to your preferred address
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
OR
Modal Close icon
Payment Processing...
tick Completed

Shipping Address

Billing Address

Shipping Methods
Table of content icon View table of contents Preview book icon Preview Book

Mastering Microsoft Intune

Understanding Policy Management

In this chapter, you will learn about how policy management from Microsoft Intune is different from Group Policy Objects (GPOs) and the different policy types in Intune that give you various options to customize and secure the Windows Enterprise desktops in your environment. This chapter will be very broad in terms of content, but it will give you the basic information needed to understand how policy management works between Windows and Microsoft Intune.

We have divided policy management into three chapters in this book, and the following one is the first one – Chapter 10, Advanced Policy Management. That chapter deals with advanced policy management with different scenarios. In this chapter, we’ll cover the following topics:

  • Policy management
  • What is a Configuration Service Provider (CSP) policy?
  • Windows Push Notification Service (WNS)
  • Getting started with policy design
  • Policy management within Microsoft Intune
  • Migrating existing policies from Azure Directory (AD) – Group Policy management

Policy management

Using Microsoft Intune to manage your Windows Enterprise desktops is all about standardizing and simplifying the management layer of your environment. As explained in the previous chapter, everything is centered around structuring your configuration sets (and applications) separately from the target Operating System (OS) to remove the need to create custom images that might include these things from the get-go.

Policy management within Microsoft Intune makes it possible to configure the following options from within the Devices menu:

  • Compliance policies
  • Conditional access
  • Configuration profiles
  • Settings catalog
  • ADMX import
  • Scripts
  • Group policy analytics
  • Enrollment restrictions

Group Policy management has been around for more than 20 years and is a way to configure the behavior of a group of users or computers in a domain. This is still possible with an on-premises domain today, but if you want to start modernizing your policy and settings management, you should start looking at Microsoft Intune and the feature set it provides for policy management. There are some disadvantages associated with using GPOs, one of them being that it requires a line of sight to a domain controller. Another is that GPOs are fire-and-forget, but what do we mean by this? GPOs are assigned to a specific group of users and devices, and they are applied when a device connects to a domain controller on a regular basis. There is no reporting back to the domain controller if the device receives and applies the policy correctly, if no domain controller can be contacted, or if no new or changed policies are applied.

Sometimes, due to misconfiguration, a Windows device may try to contact a domain controller far away on the internal network with very slow connectivity, which can result in very long boot and sign-in times. Many of these issues can be avoided with a purely cloud-joined and -managed device.

Microsoft Intune is a perfect match for a new way of working guided by modern management and cloud-native, as it just requires internet connectivity following the initial onboarding into Microsoft Intune.

In this chapter, we will focus on cloud-native devices, that is, Enrtra-joined and Intune-managed Windows devices, but what we learn will also apply to hybrid domain-joined devices that are managed from Microsoft Intune in a co-managed state. One important thing to note here is that GPO and Mobile Device Management (MDM) settings are on the device identity layer, where policies and configurations are either target users or devices, whereas co-management between Microsoft Intune and System Center Configuration Manager (SCCM) is on the management plane.

First, we need to look back at traditional Windows management, where all Windows devices were on-premises in the office, in production, or with end users working at home with VPNs. Modern policy management is still an option on those devices if they are hybrid-joined to Entra ID.

The best option moving forward with new devices is to go purely Entra-joined and onboarded with Windows Autopilot. What we cover in this chapter covers both scenarios. This book is dedicated to cloud management, and certain scenarios do not apply to hybrid-joined devices, which is why you need to make some decisions to go to Entra-joined devices to get the best end-user experience. Start small, start with a Proof of Concept (POC), and showcase the benefits of modern policy management. A best-practice approach is to block on-premises devices in your POC from getting GPOs from the local Active Directory instance; otherwise, you can end up in a situation where you are not 100% sure where the settings are being applied from.

A Configuration Service Provider (CSP) is an interface for reading, setting, modifying, and deleting configuration settings on a device. These settings map to registry keys or files. Some CSPs support WAP format, some support SyncML, and some support both. SyncML is only used over the air for Open Mobile Alliance Device Management (OMA DM). On the other hand, WAP can be used over the air for OMA client provisioning, or it can be included in a phone image as a .provxml file that is installed during boot.

What is a CSP policy?

Some policies can only be configured at the device level, whereas other policies can be configured at the user level. This means that device-level policies will have an effect independent of the user logging in to the device, whereas user-level policies will only have an effect depending on the user logging in to the device. As an example, different users can have different homepages in Microsoft Edge, so it is appropriate to assign a policy with that setting to a user group, whereas security settings that need to be applied at the device level are appropriate to assign to device groups.

User scope is where the policy only applies to the user who logs in to the device, and the policy can vary depending on who is logging in to the device. The following is an example of what the CSP tree looks like when configuring a user policy:

  • ./User/Vendor/MSFT/Policy/Config/AreaName/PolicyName is used to configure the policy.
  • ./User/Vendor/MSFT/Policy/Result/AreaName/PolicyName is used to get the result.

Device scope is where the policy only applies to the device itself, regardless of the user who logs in to the device. The following is an example of what the CSP tree looks like when configuring a device policy:

  • ./Device/Vendor/MSFT/Policy/Config/AreaName/PolicyName is used to configure the policy.
  • ./Device/Vendor/MSFT/Policy/Result/AreaName/PolicyName is used to get the result.

The biggest difference between a GPO and a CSP policy is that a CSP policy has a result channel as well, so every setting that is configured on the device will report back to the MDM system – in this case, Microsoft Intune.

If we take a closer look at the policy structure, it looks like the Windows registry is arranged in a tree structure:

Figure 9.1: CSP policy tree

By using ADMXInstall, you can add ADMX-backed policies for those Win32 or Desktop Bridge apps that have been added between OS releases. ADMX-backed policies are ingested by your device by using the CSP policy URI: ./Vendor/MSFT/Policy/ConfigOperations/ADMXInstall.

The OMA-URI string needs to go into the CSP policy URI:

  • ./Vendor/MSFT/Policy/ConfigOperations/ADMXInstall/Applicationname/Policy/ADMXFileName.
  • ./Vendor/MSFT/Policy/Config/ remains the same for all machine-based policies that you deploy to the device.

Applicationname and ADMXFileName are user-defined. In this case, Applicationname is App1, and you can use the same name as ADMXFileName. Just remember that ADMXFileName needs to be unique, which means you cannot deploy two ADMX files with the same name on a device, as it will fail and any additional ADMX files will not be added to the device.

Here is the content of the ADMX file in my case – this could also have been Google Chrome, Microsoft Office, Internet Explorer, or others:

Figure 9.2: Registry entry for AdmxInstalled

Then, if you take a closer look at the registry, the first place where they are written is HKLM\SOFTWARE\MICROSOFT\PolicyManager\AdmxInstalled.

The policy is always declared under a GUID and with the name you gave the policy in Microsoft Intune when you created the policy.

Then, you will be able to see the naming of the policy category that you are using when creating a policy setting: HKLM\Software\Microsoft\PolicyManager\AdmxDefault

If the policy is a device policy, you will be able to see the direct results that apply to the devices in the following location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\current\device.

In the end, all a policy does on a Windows device is set some registry keys, and it is the same with MDM policies. All the policy settings go here: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\.

MDM policies are applied when a device syncs, either from Microsoft Intune or as part of the 8-hour schedule when a Windows device is running with MDM sync on.

For an IT admin to sync a device from Microsoft Intune, they need to start the Microsoft Intune admin center and follow these steps:

  1. Click Home | Devices | Windows | Windows devices.
  2. Search for the device you want to sync, and then select the device and click Sync. Intune will then try and reach out to the device through Windows Push Notification Service (WNS).
  3. You can read more about WNS in the next section.

Figure 9.3: Device sync

  1. In the same view, where you just selected a single device, you can also leverage Bulk Device Actions:

Figure 9.4: Bulk device actions

  1. Select Windows for OS.
  2. For Device type, select Cloud PCs or Physical devices.
  3. Select Sync as Device action:

Figure 9.5: Bulk device action – Windows

  1. Then, you can select up to 100 devices that Microsoft Intune will reach out to and perform the sync:

Figure 9.6: Bulk device action

When leveraging bulk device actions, Microsoft Intune uses WNS. In the next section, you will learn about how WNS works.

Windows Push Notification Service (WNS)

WNS enables Microsoft Intune to send toast, tile, badge, and raw updates from Microsoft Intune to MDM-enrolled devices. This provides a mechanism to deliver new updates to your users in a power-efficient and dependable way:

  1. Microsoft Intune makes an HTTP POST to the channel URI. This request is made over SSL and contains the necessary headers and the notification payload.
  2. WNS responds to indicate that the notification has been received and will be delivered at the next available opportunity.

    WNS does not provide end-to-end confirmation that your notification has been received by the device or application. Microsoft Intune provides this option by showing the status in the Device actions status view on the Overview blade for a specific device:

    Figure 9.7: WNS workflow

  1. There is also an option for an end user to do this from the client side. On the client side, you can do a sync from Company Portal or the settings app.
  2. In the Start menu, you can search for Company Portal (we recommend that IT admins always push Company Portal to the end user’s Windows device), which will give you the option to sync this device:

Figure 9.8: Company Portal

  1. If Company Portal is pinned to the Start menu, you can right-click and sync this device:
Figure 9.9 – Sync this device

Figure 9.9: Sync this device

  1. In Company Portal, go to settings, and then click Sync:

Figure 9.10: Manually sync your device

  1. In the Windows settings app, you can go to Accounts | Access work or school.
  2. Select the identity from Entra ID, and then click Info.
  3. You are then able to see the policy areas managed by your company.

    On Windows 11, you also have the same option as on Windows 10, but you can perform an export of your management log files directly from the Access work or school page in the Settings app:

    Figure 9.11: Managed by your company

  1. When you click Info, you will get a more detailed page:

Figure 9.12: Managed by your company

  1. If you scroll to the bottom of this Settings page, you will see Device sync status, where you can see Last Attempted Sync and the Sync button:

Figure 9.13: Device sync status

When a user is doing an MDM sync, all new policies will be applied to the device and it will be verified that all existing policies have been applied.

That concludes this section on WNS and MDM synchronization. In the next section, we will cover getting started with policy design in Microsoft Intune.

Getting started with policy design

When designing your strategy for policy management with Microsoft Intune, it is important to take the right approach.

By starting with a security baseline, we get well-tested and secure sets of policies; you can even disable or remove individual settings in the security baseline if they do not suit your organization. When you have deployed the security baseline, you can start adding other policy types that suit your security or configuration needs.

There are several policy types in Microsoft Intune. In the following list, you can see the different policy types and the order in which you should start creating policies:

  1. Configure the security baseline.
  2. Configure the policy from the Endpoint Security blade.
  3. Configure the policy from the Settings catalog.
  4. Configure the administrative template.
  5. Configure the device configuration.
  6. Leverage a custom policy as a last resort.

Just remember that there are no right and wrong approaches, but if you’re undertaking a migration from Active Directory GPOs to MDM settings management, it might be a good time to start afresh and see what you need to configure instead of taking the legacy GPO settings of your on-premises environment with you. Sometimes, organizations do not even know why they implemented a specific policy setting back when they originally created it. Perhaps the person responsible for implementing this policy setting is no longer even with the company and did not leave any documentation on why the setting was configured the way it was in the first place.

As there is no conflict handling in the MDM stack, you might inadvertently create a conflict between two settings coming from two different policies to the same user or device. These could be from the same policy type or different policy types, so it is important to spot and monitor any conflicting policies.

  1. In order to monitor any conflicting policies, head to the Microsoft Intune admin center, and under each device, go to Home | Configuration:

Figure 9.14: Configuration policy status

  1. You can see the policy that has conflicts and the work required to remediate the conflict:

Figure 9.15: Policy conflict

  1. When drilling down into the policy, you can see which settings are in conflict. In this case, I see that there is a conflict between a policy in the Endpoint Security blade and the Antivirus – Windows Defender Antivirus policy type:

Figure 9.16: Profile settings

  1. Going to that policy, you can see in the Per-setting status blade that the top line, CPU usage limit per scan, has conflicts. When you find conflicts, you need to go into the policies with conflicts and change the conflicting settings so they are only configured in one policy:

Figure 9.17: Per-setting status

Let’s now have a look at how to implement different policy types.

Migrating existing policies from AD – Group Policy management

It’s possible to migrate your existing Active Directory-based group policies into Microsoft Intune. This can be done with the Group Policy analytics feature.

Many businesses that are looking at Microsoft Intune management need a good path to the new modern workplace. The translation of existing policy settings to Intune can be tricky. This service will make life much easier for IT admins. Let me explain in more detail what Group Policy analytics does and how you can use it yourself; it can be found on the Devices blade:

Figure 9.18: Group Policy analytics

  1. First, make sure to perform an export of your existing policy settings from within your on-premises Group Policy Management console.
  2. Export the policies by right-clicking and selecting Save Report….
  3. Save the files somewhere centralized, as we need to upload them to Microsoft Intune:

Figure 9.19: Save the policy report

  1. In the Microsoft Intune admin center, select Devices | Group Policy analytics.
  2. Click on Import:

Figure 9.20: Import

  1. Search for the policy report file you exported:

    Figure 9.21: Import the GPO files

    NOTE

    When you have multiple policies, you can upload them all here, too, for further analysis.

  1. After you run the policy analysis, you will see the MDM Support column (which also applies to Windows), showing how many of your settings/policies are also available in Microsoft Intune to migrate from GPOs to Intune settings on a 1:1 basis:

Figure 9.22: MDM Support

  1. You will get the information you need to proceed. The GPOs you imported are now all listed with the following information:
    • Group policy name: The name is automatically generated using the information in the GPO.
    • Active Directory Target: The target is automatically generated using the Organizational Unit (OU) target information in the GPO.
    • MDM Support: This shows the percentage of Group Policy settings in the GPO that have the same setting in Intune.
    • Targeted in AD: Yes means the GPO is linked to an OU in an on-premises Group Policy. No means the GPO isn’t linked to an on-premises OU.
    • Last imported: This shows the date of the last import.
    Figure 9.24 – Default Domain Policy

    Figure 9.23: Default Domain Policy

    With Group Policy analytics, you import your on-premises GPOs. The tool analyzes your imported GPOs and shows the settings that are also available in Microsoft Intune. For the settings that are available, you can create a Settings Catalog policy and then deploy the policy to your managed devices.

  1. After you have imported your GPOs, you can select the GPO that you want to migrate to Intune by clicking the Migrate button.

Figure 9.24: Migrating GPOs to Intune

  1. You need to select the GPO settings that you want to migrate and then click Next:

    Figure 9.25: Migrating GPOs to the cloud

    These are the settings you’ve identified as necessary to your organization as you move to cloud-based policy management. Configure the setting values as per your organization’s requirements. Where possible, we configured the settings values as per the Group Policy:

    Figure 9.26: Migrating GPO settings

  1. You need to give the new settings catalog profile a name:

Figure 9.27: Migrating profile info

  1. Continue with the guide to add scope tags and assignments, and then finally deploy the policy. You can skip the assignment and the policy will be created without an active assignment.

Figure 9.28: New browser policy

You have successfully migrated your browser policy and are ready to test it on Intune-managed devices before you deploy the policy at scale.

This concludes the section on Group Policy analytics, which can help you with your policy migration from on-premises GPOs to Microsoft Intune MDM policies.

Summary

In this chapter, you’ve learned about the basic policies in Microsoft Intune and how they apply to your Windows endpoints. This is knowledge that you can use to better understand what happens on a Windows device when you start to deploy policies to your endpoints from Microsoft Intune.

In the next chapter, we will go into more depth on how to configure different policy types from within Microsoft Intune.

Questions

  1. Do CSP and ADMX policies write to the local registry in the same way?
    1. No
    2. Yes
  2. What is the maximum number of devices for bulk actions in MDM?
    1. 10
    2. 50
    3. 100
    4. 1000
  3. What does WNS stand for?
    1. Windows Name Server
    2. Windows Push Notification Service

Answers

  1. (a)
  2. (c)
  3. (b)

Further reading

If you want to learn more after reading this chapter, please use the following free online resources:

Learn more on Discord

To join the Discord community for this book – where you can share feedback, ask questions to the author, and learn about new releases – follow the QR code below:

https://packt.link/SecNet

Left arrow icon Right arrow icon

Key benefits

  • This new edition covers the latest updates of Microsoft Intune, Windows 365, Intune Suite, Windows Autopatch, Microsoft Defender and Universal Print
  • Get detailed guidance on device enrolment, app deployment, management, data security, and policy configuration
  • Secure data on personal devices with app policies, encryption, and more

Description

The slow adoption of modern Work solutions, which are designed to streamline the management of your environment, can often be attributed to a lack of understanding and familiarity with those solutions. This book will provide you with all the information you need to successfully transition to Microsoft Intune. Mastering Microsoft Intune, Second Edition, explains various concepts in detail to give you the clarity on how to use Microsoft Intune and eliminate any migration challenges. You'll master Cloud Computing services such as Windows 365 Cloud PCs, Intune Suite, Windows Autopatch, Windows Autopilot, profile management, monitoring and analytics, Universal Print, and much more. The book will take you through the latest features and new Microsoft Cloud services to help you to get grips with the fundamentals of Intune and understand which services you can manage. Whether you're interested in physical or cloud endpoints it's all covered. By the end of the book, you'll be able to set up Intune and use it to run Windows and Windows 365 efficiently, using all the latest features of Intune.

Who is this book for?

If you're an IT professional, enterprise mobility administrator, architect, or consultant looking to learn about managing Windows on both physical and cloud endpoints using Microsoft Intune, then this book is for you.

What you will learn

  • Simplify the deployment of Windows in the cloud with Windows 365 Cloud PCs
  • Deliver next-generation security features with Intune Suite
  • Simplify Windows Updates with Windows Autopatch
  • Configure advanced policy management within Intune
  • Discover modern profile management and migration options for physical and Cloud PCs
  • Harden security with baseline settings and other security best practices
  • Find troubleshooting tips and tricks for Intune, Windows 365 Cloud PCs, and more
  • Discover deployment best practices for physical and cloud-managed endpoints
Estimated delivery fee Deliver to Latvia

Premium delivery 7 - 10 business days

€25.95
(Includes tracking information)

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Mar 13, 2024
Length: 822 pages
Edition : 2nd
Language : English
ISBN-13 : 9781835468517
Vendor :
Microsoft
Category :
Concepts :

What do you get with Print?

Product feature icon Instant access to your digital eBook copy whilst your Print order is Shipped
Product feature icon Paperback book shipped to your preferred address
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
OR
Modal Close icon
Payment Processing...
tick Completed

Shipping Address

Billing Address

Shipping Methods
Estimated delivery fee Deliver to Latvia

Premium delivery 7 - 10 business days

€25.95
(Includes tracking information)

Product Details

Publication date : Mar 13, 2024
Length: 822 pages
Edition : 2nd
Language : English
ISBN-13 : 9781835468517
Vendor :
Microsoft
Category :
Concepts :

Packt Subscriptions

See our plans and pricing
Modal Close icon
€18.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
€189.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts
€264.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total 87.97 109.97 22.00 saved
Mastering Microsoft Intune
€30.99 €41.99
Microsoft Intune Cookbook
€33.99
Mastering PowerShell Scripting
€22.99 €33.99
Total 87.97 109.97 22.00 saved Stars icon
Banner background image

Table of Contents

24 Chapters
Understanding the Basics Chevron down icon Chevron up icon
Introduction to Microsoft 365 Chevron down icon Chevron up icon
Cloud-Native Endpoints Chevron down icon Chevron up icon
Requirements for Microsoft Intune Chevron down icon Chevron up icon
Windows 365 Chevron down icon Chevron up icon
What Is Windows 365? Chevron down icon Chevron up icon
Deploying Windows 365 Chevron down icon Chevron up icon
Mastering Microsoft Intune Chevron down icon Chevron up icon
Windows Deployment and Management Chevron down icon Chevron up icon
Windows Autopilot Chevron down icon Chevron up icon
Application Management and Delivery Chevron down icon Chevron up icon
Understanding Policy Management Chevron down icon Chevron up icon
Advanced Policy Management Chevron down icon Chevron up icon
Intune Suite Chevron down icon Chevron up icon
Copilot/AI Chevron down icon Chevron up icon
Identity and Security Management Chevron down icon Chevron up icon
Monitoring and Endpoint Analytics Chevron down icon Chevron up icon
Universal Print Chevron down icon Chevron up icon
Troubleshooting and Community Chevron down icon Chevron up icon
Troubleshooting Microsoft Intune Chevron down icon Chevron up icon
Troubleshooting Windows 365 Chevron down icon Chevron up icon
Community Help Chevron down icon Chevron up icon
Other Books You May Enjoy Chevron down icon Chevron up icon
Index Chevron down icon Chevron up icon

Customer reviews

Top Reviews
Rating distribution
Full star icon Full star icon Full star icon Full star icon Half star icon 4.6
(26 Ratings)
5 star 84.6%
4 star 3.8%
3 star 3.8%
2 star 3.8%
1 star 3.8%
Filter icon Filter
Top Reviews

Filter reviews by




FERNANDO RODRIGO TARIN Jul 22, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
There is not much printed documentation about this product. Microsoft's website is complex, so the existence of these books is appreciated.
Feefo Verified review Feefo
andrew jones Mar 28, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
The second edition of 'Mastering Microsoft Intune' is a must read and a superb addition to the list of Intune published books on offer. As it says on the front of the book this is an 'Expert Insight' into the world of Intune and it does a great job in bringing you up to date with all the latest changes and advancements.The book not only describes all the key technologies that can be deployed and managed through Intune, it also looks at how the world of IT has changed and how to make the right technology decisions.Intune has come a long way very quickly, so for me the two chapters on Copilot and the Intune Suite are great additions which help you understand how they can be best applied using real world examples.As an Enterprise Mobility MVP myself I can definitely say it has helped me build my own knowledge and covers a broad range of topics over the 18 chapters.Congratulations to Christiaan Brinkhoff and Per Larsen in producing such an awesome second edition.
Amazon Verified review Amazon
Jessie Mar 18, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Delving into "Mastering Microsoft Intune - Second Edition" has been enlightening. As an experienced Intune engineer, I appreciate the depth and new insights it offers, enhancing my substantial expertise. Yet, what impresses me most is the book's dual appeal. It skillfully bridges the gap between novices eager to learn and experts seeking to deepen their mastery. Its clear, comprehensive coverage makes complex topics accessible to beginners, while its detailed exploration of advanced features provides valuable knowledge expansion for seasoned professionals like myself. This book is a versatile resource, poised to elevate the skills of anyone in the Intune sphere, regardless of their starting point.
Amazon Verified review Amazon
Shahriar Jul 13, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
“Mastering Microsoft Intune” is an excellent resource for anyone involved in endpoint management. As a Senior Endpoint Engineer, I found this book to be incredibly helpful and informative. The author explains complex topics in a clear and concise manner, making it accessible for both beginners and seasoned professionals.What I appreciated most about this book is its practical approach and real-world examples make it easy to implement the strategies discussed. The sections on device enrollment, configuration, and security policies are particularly well done and thorough.The book is also very current, covering the latest features and updates in Microsoft Intune. This is crucial for staying ahead in the fast-paced field of IT management.
Amazon Verified review Amazon
Andrew M. Apr 23, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Having just finished reading Christian's book I must say that I'm delighted with depth and quality of the content. I've been waiting for this to come out, and I was not disappointed. It's concise and well written with lots of examples. It cover everything from deploying devices to installing apps and much more. It also discusses Windows 365 & AVD integration which was awesome. If you're studying for the MD-102 exam then this is a book you'll definitely need.
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

What is the delivery time and cost of print book? Chevron down icon Chevron up icon

Shipping Details

USA:

'

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

Economy: Can deliver to P. O. Boxes and private residences.
Trackable service with delivery to addresses in Australia only.
Delivery time ranges from 7-9 business days for VIC and 8-10 business days for Interstate metro
Delivery time is up to 15 business days for remote areas of WA, NT & QLD.

Premium: Delivery to addresses in Australia only
Trackable delivery to most P. O. Boxes and private residences in Australia within 4-5 days based on the distance to a destination following dispatch.

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Disclaimer:
All orders received before 5 PM U.K time would start printing from the next business day. So the estimated delivery times start from the next day as well. Orders received after 5 PM U.K time (in our internal systems) on a business day or anytime on the weekend will begin printing the second to next business day. For example, an order placed at 11 AM today will begin printing tomorrow, whereas an order placed at 9 PM tonight will begin printing the day after tomorrow.


Unfortunately, due to several restrictions, we are unable to ship to the following countries:

  1. Afghanistan
  2. American Samoa
  3. Belarus
  4. Brunei Darussalam
  5. Central African Republic
  6. The Democratic Republic of Congo
  7. Eritrea
  8. Guinea-bissau
  9. Iran
  10. Lebanon
  11. Libiya Arab Jamahriya
  12. Somalia
  13. Sudan
  14. Russian Federation
  15. Syrian Arab Republic
  16. Ukraine
  17. Venezuela
What is custom duty/charge? Chevron down icon Chevron up icon

Customs duty are charges levied on goods when they cross international borders. It is a tax that is imposed on imported goods. These duties are charged by special authorities and bodies created by local governments and are meant to protect local industries, economies, and businesses.

Do I have to pay customs charges for the print book order? Chevron down icon Chevron up icon

The orders shipped to the countries that are listed under EU27 will not bear custom charges. They are paid by Packt as part of the order.

List of EU27 countries: www.gov.uk/eu-eea:

A custom duty or localized taxes may be applicable on the shipment and would be charged by the recipient country outside of the EU27 which should be paid by the customer and these duties are not included in the shipping charges been charged on the order.

How do I know my custom duty charges? Chevron down icon Chevron up icon

The amount of duty payable varies greatly depending on the imported goods, the country of origin and several other factors like the total invoice amount or dimensions like weight, and other such criteria applicable in your country.

For example:

  • If you live in Mexico, and the declared value of your ordered items is over $ 50, for you to receive a package, you will have to pay additional import tax of 19% which will be $ 9.50 to the courier service.
  • Whereas if you live in Turkey, and the declared value of your ordered items is over € 22, for you to receive a package, you will have to pay additional import tax of 18% which will be € 3.96 to the courier service.
How can I cancel my order? Chevron down icon Chevron up icon

Cancellation Policy for Published Printed Books:

You can cancel any order within 1 hour of placing the order. Simply contact [email protected] with your order details or payment transaction id. If your order has already started the shipment process, we will do our best to stop it. However, if it is already on the way to you then when you receive it, you can contact us at [email protected] using the returns and refund process.

Please understand that Packt Publishing cannot provide refunds or cancel any order except for the cases described in our Return Policy (i.e. Packt Publishing agrees to replace your printed book because it arrives damaged or material defect in book), Packt Publishing will not accept returns.

What is your returns and refunds policy? Chevron down icon Chevron up icon

Return Policy:

We want you to be happy with your purchase from Packtpub.com. We will not hassle you with returning print books to us. If the print book you receive from us is incorrect, damaged, doesn't work or is unacceptably late, please contact Customer Relations Team on [email protected] with the order number and issue details as explained below:

  1. If you ordered (eBook, Video or Print Book) incorrectly or accidentally, please contact Customer Relations Team on [email protected] within one hour of placing the order and we will replace/refund you the item cost.
  2. Sadly, if your eBook or Video file is faulty or a fault occurs during the eBook or Video being made available to you, i.e. during download then you should contact Customer Relations Team within 14 days of purchase on [email protected] who will be able to resolve this issue for you.
  3. You will have a choice of replacement or refund of the problem items.(damaged, defective or incorrect)
  4. Once Customer Care Team confirms that you will be refunded, you should receive the refund within 10 to 12 working days.
  5. If you are only requesting a refund of one book from a multiple order, then we will refund you the appropriate single item.
  6. Where the items were shipped under a free shipping offer, there will be no shipping costs to refund.

On the off chance your printed book arrives damaged, with book material defect, contact our Customer Relation Team on [email protected] within 14 days of receipt of the book with appropriate evidence of damage and we will work with you to secure a replacement copy, if necessary. Please note that each printed book you order from us is individually made by Packt's professional book-printing partner which is on a print-on-demand basis.

What tax is charged? Chevron down icon Chevron up icon

Currently, no tax is charged on the purchase of any print book (subject to change based on the laws and regulations). A localized VAT fee is charged only to our European and UK customers on eBooks, Video and subscriptions that they buy. GST is charged to Indian customers for eBooks and video purchases.

What payment methods can I use? Chevron down icon Chevron up icon

You can pay with the following card types:

  1. Visa Debit
  2. Visa Credit
  3. MasterCard
  4. PayPal
What is the delivery time and cost of print books? Chevron down icon Chevron up icon

Shipping Details

USA:

'

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

Economy: Can deliver to P. O. Boxes and private residences.
Trackable service with delivery to addresses in Australia only.
Delivery time ranges from 7-9 business days for VIC and 8-10 business days for Interstate metro
Delivery time is up to 15 business days for remote areas of WA, NT & QLD.

Premium: Delivery to addresses in Australia only
Trackable delivery to most P. O. Boxes and private residences in Australia within 4-5 days based on the distance to a destination following dispatch.

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Disclaimer:
All orders received before 5 PM U.K time would start printing from the next business day. So the estimated delivery times start from the next day as well. Orders received after 5 PM U.K time (in our internal systems) on a business day or anytime on the weekend will begin printing the second to next business day. For example, an order placed at 11 AM today will begin printing tomorrow, whereas an order placed at 9 PM tonight will begin printing the day after tomorrow.


Unfortunately, due to several restrictions, we are unable to ship to the following countries:

  1. Afghanistan
  2. American Samoa
  3. Belarus
  4. Brunei Darussalam
  5. Central African Republic
  6. The Democratic Republic of Congo
  7. Eritrea
  8. Guinea-bissau
  9. Iran
  10. Lebanon
  11. Libiya Arab Jamahriya
  12. Somalia
  13. Sudan
  14. Russian Federation
  15. Syrian Arab Republic
  16. Ukraine
  17. Venezuela