In this course, students will learn how to plan and implement an operating system deployment strategy using modern deployment methods, as well as how to implement an update strategy. Students will be introduced to key components of modern management and co-management strategies. This course also covers what it takes to incorporate Microsoft Intune into your organization. Students will also learn about methods for deployment and management of apps and browser-based applications. Students will be introduced to the key concepts of security in modern management including authentication, identities, access, and compliance policies. Students will be introduced to technologies such Azure Active Directory, Azure Information Protection and Microsoft Defender for Endpoint, as well as how to leverage them to protect devices and data.
The Modern Desktop Administrator must be familiar with M365 workloads and must have strong skills and experience of deploying, configuring, and maintaining Windows 10 and later, and non-Windows devices. The MDA role focuses on cloud services rather than on-premises management technologies. It is recommended students complete course MD-100, Windows Client, prior to taking this course.
Module 1: Modern Management
This module explains the concepts of supporting the desktop through it’s entire lifecycle. Finally, students will be introduced to the tools and strategies used for desktop deployment. Students well be introduced to the concept of directory in the cloud with Azure AD. Students will learn the similarities and differences between Azure AD and Active Directory DS and how to synchronize between the two. Students will explore identity management in Azure AD and learn about identity protection using Windows Hello for Business, as well as Azure AD Identity Protection and multi-factor authentication.
- The Enterprise Desktop
- Azure AD Overview
- Managing Identities in Azure AD
Module 2: Device Enrollment
This module will also cover Azure AD join and will be introduced to Microsoft Endpoint Manager, as well as learn how to configure policies for enrolling devices to Endpoint Manager and Intune.
- Manage Device Authentication
- Device Enrollment using Microsoft Endpoint Configuration Manager
- Device Enrollment using Microsoft Intune
Module 3: Configuring Profiles
This module dives deeper into Intune device profiles including the types of device profiles and the difference between built-in and custom profiles. The student will learn about assigning profiles to Azure AD groups and monitoring devices and profiles in Intune. You will be introduced to the various user profile types that exist in Windows for on-premises devices. You will learn about the benefits of various profiles and how to switch between types of profiles. You will examine how Folder Redirection works and how to set it up. The lesson will then conclude with an overview of Enterprise State roaming and how to configure it for Azure AD devices.
- Configuring Device Profiles
- Managing User Profiles
Module 4: Application Management
In this module, students learn about application management on-premise and cloud-based solutions. This module will cover how to manage Office 365 ProPlus deployments in Endpoint Manager as well as how to manage apps on non-enrolled devices. The module will also include managing Win32 apps and deployment using the Microsoft Store for Business. This module will conclude with an overview of Microsoft Edge and Enterprise Mode.
- Implement Mobile Application Management (MAM)
- Deploying and updating applications
- Administering applications
Module 5: Managing Authentication in Azure AD
This module covers the various solutions for managing authentication. The student will also learn about the different types of VPNs. This module also covers compliance policies and how to create conditional access policies.
- Protecting Identities in Azure AD
- Enabling Organization Access
- Implement Device Compliance Policies
- Using Reporting
Module 6: Managing Security
In this module, students will learn about data protection. Topics will include Windows & Azure Information Protection, and various encryption technologies supported in Windows. This module also covers key capabilities of Microsoft Defender for Endpoint and how to implement these capabilities on devices in your organization. The module concludes using Microsoft Defender and using functionalities such as antivirus, firewall and Credential Guard.
- Implement device data protection
- Managing Microsoft Defender for Endpoint
- Managing Microsoft Defender in Windows Client
Module 7: Deployment using Microsoft Endpoint Manager – Part 1
In this two-part module, students well be introduced to deployment using Microsoft Endpoint Manager. Part 1 will cover the tools for assessing the infrastructure and planning a deployment, followed by deployment using the Microsoft Deployment Toolkit and Endpoint Configuration Manager.
- Assessing Deployment Readiness
- On-Premise Deployment Tools and Strategies
Module 8: Deployment using Microsoft Endpoint Manager – Part 2
This module continues with deployment using Microsoft Endpoint Manager. In part two, the student will learn about using Windows Autopilot and deployment using Microsoft Intune. This module will also include dynamic OS deployment methods, such as Subscription Activation. The module will conclude learning how Co-Management can be used to transitioning to modern management. Finally, students will be introduced to Azure Virtual Desktops and how to configure and manage cloud PC using Windows 365.
- Deploying New Devices
- Dynamic Deployment Methods
- Planning a Transition to Modern Management
- Managing Virtual Desktops
Module 9: Managing Updates and Using Analytics
This module covers managing updates to Windows. This module introduces the servicing options for Windows clients. Students will learn the different methods for deploying updates and how to configure windows update policies. Finally, students will learn how to ensure and monitor updates using Desktop Analytics.
- Updating Windows Clients
- Windows Update for Business
- Desktop Analytics
- Endpoint Analytics