Microsoft Endpoint Manager: A Comprehensive Guide to MECM and Intune

Paths

Microsoft Endpoint Manager: A Comprehensive Guide to MECM and Intune

Author: Greg Shields

With the current IT landscape we live in today, managing the endpoints within your organization and keeping them efficient, up to date, and secure is of the utmost importance. In... Read more

What you will learn

  • Explain the purpose and use cases for Microsoft Endpoint Manager solutions and prepare a lab environment
  • Deploy an on-premises MECM site
  • Deploy MECM Clients
  • Manage inventory, queries/collections, and CMPivot with MECM
  • Deploy and use Cloud Management Gateway with MECM
  • Monitor and maintain an on-premises MECM site
  • Co-Manage Intune with Tenant Attach and Client Attach
  • Package software for deployment with MECM and Intune
  • Deploy applications with MECM
  • Deploy applications with Intune
  • Configure devices and endpoint protection with MECM
  • Configure devices and endpoint protection with Intune
  • Configure compliance policies with MECM and Intune
  • Implement Windows updates and servicing with MECM and Intune
  • Deploy operating systems and desktop analytics with MECM
  • Deploy/Integrate Windows Autopilot, Windows 365, and Azure Virtual Desktop with MECM/Intune

Pre-requisites

You should be familiar with Microsoft environments and operating systems.

Microsoft Endpoint Manager: A Comprehensive Guide to MECM and Intune

With the current IT landscape we live in today, managing the endpoints within your organization and keeping them efficient, up to date, and secure is of the utmost importance. In this path, you’ll be taken through Microsoft Endpoint Manager start to finish. As Microsoft’s main solution for managing endpoints both on premises and via the cloud, you’ll learn all you need to know about Microsoft Endpoint Configuration Manager as well as Microsoft Intune. As an added note, the products here are also known in various circles as SCCM, MECM, MEMCM, and ConfigMgr.

The finished course list will be:

  • Microsoft Endpoint Manager: Introduction and Lab Preparation
  • Microsoft Endpoint Manager: Deploy an On-Premises MECM Site
  • Microsoft Endpoint Manager: Deploy MECM Clients
  • Microsoft Endpoint Manager: Inventory, Queries/Collections, and CMPivot with MECM
  • Microsoft Endpoint Manager: Cloud Management Gateway with MECM
  • Microsoft Endpoint Manager: Monitor and Maintain an On-Premises MECM Site
  • Microsoft Endpoint Manager: Intune Co-management with Cloud Attach
  • Microsoft Endpoint Manager: Package Software for Deployment with MECM and Intune
  • Microsoft Endpoint Manager: Deploy Applications with MECM
  • Microsoft Endpoint Manager: Deploy Applications with Intune
  • Microsoft Endpoint Manager: Device Configuration and Endpoint Protection with MECM
  • Microsoft Endpoint Manager: Device Configuration and Endpoint Protection with Intune
  • Microsoft Endpoint Manager: Compliance Policies with MECM and Intune
  • Microsoft Endpoint Manager: Windows Updates and Servicing with MECM and Intune
  • Microsoft Endpoint Manager: Operating Systems Deployment and Desktop Analytics with MECM
  • Microsoft Endpoint Manager: Windows Autopilot, Windows 365, and Azure Virtual Desktop

Microsoft Endpoint Manager: Introduction and Lab Preparation

by Greg Shields

Sep 7, 2021 / 1h 18m

1h 18m

Start Course
Description

Whether you're new to Microsoft Endpoint Manager, or have worked with it's many versions, you're surely aware of how complex any MEM implementation can be. The reach of this solution is so broad, and also so deep, that you almost have to know everything about MEM to truly appreciate anything about it.

Adding to the challenge is the significant overlap in functionality between MECM and Intune. Both solutions can solve very similar problems, but in different ways. This first course of sixteen, Microsoft Endpoint Manager: Introduction and Lab Preparation, gets you started in understanding the high-level architectures for both, with the goal of setting the stage for all the content to follow.

First, you'll start with an introduction to Microsoft Endpoint Manager and it's two major components, Microsoft Endpoint Configuration Manager and Microsoft Intune. Next, you'll explore the architectures of these two similar, but different solutions. Finally, you'll get to know the lab environment, including the Hyper-V virtual machines and Microsoft 365 instance you'll need if you plan on following along. By the end of this course, you will be more familiar with the content in the learning path, explore MEM, MECM, and Intune architectures, and be prepared in your lab environment.

Table of contents
  1. Course Overview
  2. Introduction
  3. Introduce Microsoft Endpoint Manager
  4. Explore Architectures for MECM and Intune
  5. Build Your Self-hosted Lab Environment

Microsoft Endpoint Manager: Deploy an On-premises MECM Site

by Greg Shields

Sep 7, 2021 / 1h 57m

1h 57m

Start Course
Description

The central core of an MECM hierarchy is the site, and for a lot of environments it's the primary site. That site is the boundary of administration for all the devices, machines, and software that needs configuration control.

But before you can manage those devices, there are some significant setup activities required to get an MECM primary site operational. Digging deeply into those setup activities is the theme for this course.

In this second course out of sixteen, Microsoft Endpoint Manager: Deploy an On-premises MECM Site, you'll begin by understanding the steps in installing an MECM primary site. This installation comes with a significant series of prerequisites that must be considered before starting any setup routine. Next, once installed, you'll configure the highest-level site and site system properties that are the core requirements for any primary site. This configuration will include several of the core site system roles that are needed before clients get distributed. Finally, you'll configure the distribution point role. Of the roles needed at first, the DP role is the most complicated to configure correctly to meet client needs wherever they might be.

Table of contents
  1. Course Overview
  2. Introduction
  3. Install an MECM Primary Site
  4. Configure Site and Site System Properties
  5. Configure the Distribution Point Role

Microsoft Endpoint Manager: Deploy MECM Clients

by Greg Shields

Sep 7, 2021 / 59m

59m

Start Course
Description

With a primary site and site server now installed, this course turns the attention to MECM's clients. While MECM is a great solution for deploying software, there is as you might imagine some client-side bootstrapping that's required to install clients and begin communication. MECM supports at least six different ways to deploy client software, as well as innumerable ways to customize client behaviors once installed.

In this third course out of sixteen, Microsoft Endpoint Manager: Deploy MECM Clients, you'll begin by exploring the preparatory configurations that are required for any MECM primary site before beginning client deployment. Next, you'll first walk through four of the six major client deployment options, including all the steps you'll need to successfully automate your deployments. Finally, once installed, you'll explore the MECM client itself. By the end of this course, you'll understand the user-focused UI, as well as the monitoring solutions in the MECM console for validating client health over time.

Table of contents
  1. Course Overview
  2. Introduction
  3. Prepare for MECM Client Deployment
  4. Install the MECM Client
  5. Explore and Monitor the MECM Client

Microsoft Endpoint Manager: Inventory, Queries/Collections, and CMPivot with MECM

by Greg Shields

Sep 7, 2021 / 2h 13m

2h 13m

Start Course
Description

The previous course finishes most of the foundational configurations to get an MECM primary site operational. But one final preparation involves the settings required to configure and customize hardware and software inventory collection. Enabling this data collection delivers access to an impressive range of machine characteristics. Understanding both the art and the science of then querying that data is arguably the most important and the most difficult part of the job.

In this fourth course out of sixteen, Microsoft Endpoint Manager: Inventory, Queries/Collections, and CMPivot with MECM, you'll begin by walking through the enabling and customization of hardware and software inventory on attached clients. Then, you'll dig deeply into the practices -- and the creativity -- in building useful queries that can be turned into ConfigMgr collections. Next, for those situations when you need absolute real-time client data, you'll see how CMPivot can accomplish the task. Then, you'll explore MECM's reporting engine and how to customize reports. Finally, you'll explore some special use cases for this collected data with Asset Intelligence andf Software Metering. By then end of this course, you'll have a better understanding of the settings required to configure and customize hardware and software inventory collection.

Table of contents
  1. Course Overview
  2. Introduction
  3. Configure MECM Hardware and Software Inventory
  4. Construct MECM Queries and Collections
  5. Explore CMPivot
  6. Explore MECM Reports
  7. Configure Asset Intelligence and Software Metering

Microsoft Endpoint Manager: Cloud Management Gateway with MECM

by Greg Shields

Sep 7, 2021 / 1h 25m

1h 25m

Start Course
Description

Everything you've seen in the learning path thus far has focused on the on-premises use case. These days, though, the endpoint management solution your organization needs is one that can also service internet-based clients. Extending your on-premises MECM infrastructure to manage those clients is the topic for this course. You accomplish it by preparing for and deploying MECM's Cloud Management Gateway into an available Azure subscription.

In this fifth course out of sixteen, Microsoft Endpoint Manager: Cloud Management Gateway with MECM, you'll get an introductory look at the Cloud Management Gateway itself. First, you'll get to know the use cases for the CMG, and how and where it fits into the rest of Microsoft Endpoint Manager, including Microsoft Intune. Then, you'll prepare the hierarchy for and then deploy the CMG into an Azure subscription. Once deployed, you'll get a chance to see the user experience for clients who leave your local-area network. Next, you'll explore a few special situations for deploying MECM clients to machines outside your LAN who need to connect to MECM via the CMG. Finally, you'll explore a very different tool for extending not only client access, but also your server infrastructure to your Azure subscription.

Table of contents
  1. Course Overview
  2. Introduction
  3. Introduce Cloud Management Gateway
  4. Deploy Cloud Management Gateway
  5. Deploy MECM Clients with CMG
  6. Extend and Migrate On-premises MECM Site to Azure

Microsoft Endpoint Manager: Monitor and Maintain an On-premises MECM Site

by Greg Shields

Sep 9, 2021 / 1h 20m

1h 20m

Start Course
Description

The daily monitoring and maintenance tasks of any IT service are as fundamental to their operation as is their actual usage. Keeping your MECM primary site healthy involves the same kinds of activities. Exploring the monitoring tools and the regular maintenance activities is the topic of this course.

In this sixth course out of sixteen, Microsoft Endpoint Manager: Monitor and Maintain an On-premises MECM Site, you'll begin by exploring the special configurations required to elevate MECM's security model to support HTTPS for site communication. Then, you'll step through the processes to delegate permissions to fellow IT administrators and help desk personnel. Next, you'll take a look at the monitoring tools included in the MECM console for digging into site system troubleshooting. Then, you'll explore the backup and recovery tasks for a primary site. Finally, you'll review the tasks in updating an MECM site, including all the preparatory work required before installing any of Microsoft's newest versions.

Table of contents
  1. Course Overview
  2. Introduction
  3. Explore Site Configuration for HTTPS
  4. Delegate MECM Permissions
  5. Monitor an MECM Site
  6. Explore MECM Site Backup and Recovery
  7. Update an MECM Site

Microsoft Endpoint Manager: Intune Co-management with Cloud Attach

by Greg Shields

Sep 15, 2021 / 2h 15m

2h 15m

Start Course
Description

Seven courses in, and this learning path finally gets around to the Microsoft Endpoint Manager integration between MECM and Intune. Delaying this topic to nearly the midpoint in the learning path was intentional, as the setup processes for MECM are so complex in nature. What results from their co-management interconnection is the ability to select which workload accomplishes each major category of activities.

In this seventh course out of sixteen, Microsoft Endpoint Manager: Intune Co-management with Cloud Attach, you'll start by diving deeply into the integration steps in configuring Cloud Attach between MECM and Intune, including steps in both the Tenant Attach and Client Attach configurations. Next, once integrated, you'll explore the reports that are surfaced by Endpoint Analytics across a small, but growing set of scenarios. Finally, you'll get to know the variety of ways to enroll devices into Intune, both with and without the MECM client, to expand the reach of your MEM infrastructure to other devices, including to your user's personal devices.

Table of contents
  1. Course Overview
  2. Introduction
  3. Configure Cloud Attach
  4. Explore Endpoint Analytics
  5. Enroll Windows Devices into Intune

Microsoft Endpoint Manager: Package Software for Deployment with MECM and Intune

by Greg Shields

Sep 15, 2021 / 1h 2m

1h 2m

Start Course
Description

At exactly the midpoint of this learning path, we have completed the steps necessary to build both an Intune and MECM environment, including their integration together. The second half of this learning path turns its attentions to actually using this environment. It begins with this course, which explores the tactics and techniques in software packaging -- all of which are needed to be successful in deploying software to devices via either half of Microsoft Endpoint Manager.

In this eighth course out of sixteen, Microsoft Endpoint Manager: Package Software for Deployment with MECM and Intune, you'll begin with an introduction to the art of software packaging. Today's software delivery mechanisms for Microsoft applications recognize a half-dozen major categories of application installations. This course's first module introduces you to the high-level best practices for addressing each. Next and finally, once you understand the high level tactics, you'll dig into the click-by-click steps needed to package and repackage each major category using tools that are freely available.

Table of contents
  1. Course Overview
  2. Introduction
  3. Understand the Art of Software Packaging
  4. Package Software for Deployment

Coming Soon

Microsoft Endpoint Manager: Deploy Applications with MECM

Coming Soon

by Greg Shields