MS 365 Endpoint Administrator

Duration 5 days – 35 hrs

 

Overview

 

The Microsoft 365 Endpoint Administrator (MD-102T00) training course is designed to equip IT professionals with the necessary skills to deploy, configure, protect, manage, and monitor devices and client applications in a Microsoft 365 environment. The course covers modern endpoint management using Microsoft Intune, Microsoft Entra ID, Microsoft Configuration Manager, and other Microsoft 365 services. Participants will learn how to implement device compliance, protect identities, and secure access to corporate resources.

 

Objectives

 

• Understand the modern enterprise desktop management lifecycle and its benefits.
• Explore and evaluate different Windows client editions and their capabilities.
• Configure and manage Microsoft Entra ID and integrate it with on-premises Active Directory.
• Implement role-based access control (RBAC) and manage Microsoft Entra identities.
• Configure and manage device authentication using Microsoft Entra ID.
• Enroll devices using Microsoft Intune and Configuration Manager.
• Implement and monitor device profiles, user profiles, and mobile application management.
• Deploy and manage endpoint applications across multiple devices.
• Protect identities and enforce multi-factor authentication (MFA).
• Enable organizational access using VPNs and Always On VPN.
• Implement device compliance policies and ensure endpoint security.

 

Audience

• IT professionals responsible for managing endpoint devices in a Microsoft 365 environment.
• Desktop administrators and system administrators managing Windows-based devices.
• IT security professionals ensuring compliance and security of enterprise endpoints.
• Support engineers handling endpoint deployment, updates, and troubleshooting.
• Cloud administrators managing Microsoft Entra ID and Microsoft Intune for endpoint security.

 

Pre- requisites 

• Basic understanding of Microsoft 365 workloads.

• Knowledge of networking, operating systems, and cloud fundamentals.

• Experience with Windows client administration and management.

• Familiarity with Active Directory and Microsoft Entra ID.

 

Course Content

 

Explore the Enterprise Desktop

 

• Benefits of Modern Management
• Enterprise Desktop Life-Cycle Model
• Planning and Purchasing
• Desktop Deployment
• Application Deployment Planning
• Upgrades and Retirement Planning

 

Explore Windows Editions

 

• Windows Client Editions and Capabilities
• Selecting the Appropriate Client Edition
• Hardware Requirements

 

Understand Microsoft Entra ID

 

• Overview of Microsoft Entra ID
• Comparison with Active Directory Domain Services
• Microsoft Entra ID as a Directory Service for Cloud Applications
• Microsoft Entra ID P1 and P2 Plans
• Microsoft Entra Domain Services

Manage Microsoft Entra Identities

 

• Role-Based Access Control (RBAC) and User Roles
• Creating and Managing Users and Groups
• Managing Microsoft Entra Objects with Microsoft Graph PowerShell
• Synchronizing Objects from Active Directory Domain Services to Microsoft Entra ID

 

Manage Device Authentication

 

• Microsoft Entra Join
• Prerequisites, Limitations, and Benefits
• Joining Devices to Microsoft Entra ID
• Managing Devices Joined to Microsoft Entra ID

 

Enroll Devices Using Microsoft Configuration Managed

 

• Deploying the Microsoft Configuration Manager Client
• Monitoring and Managing the Client

 

Enroll Devices Using Microsoft Intune

 

• Managing Mobile Devices with Intune
• Enabling Mobile Device Management
• Device Enrollment Considerations
• Managing Corporate Enrollment Policies
• Enrolling Windows, Android, and iOS Devices
• Device Enrollment Manager
• Monitoring Device Enrollment
• Remote Device Management

 

Execute Device Profiles

 

• Intune Device Profiles
• Creating Device Profiles
• Creating Custom Device Profiles

Oversee Device Profiles

 

• Monitoring Device Profiles in Intune
• Managing Device Synchronization
• Managing Devices Using Scripts

 

Maintain User Profiles

 

• User Profile Types
• Minimizing User Profile Size
• Deploying and Configuring Folder Redirection
• Syncing User State with Enterprise State Roaming
• Configuring Enterprise State Roaming in Azure

 

Execute Mobile Application Management

 

• Mobile Application Management Overview
• Considerations for Mobile Application Management
• Preparing Line-of-Business Apps for App Protection Policies
• Implementing and Managing Mobile Application Management Policies in Intune

 

Deploy and Update Applications

 

• Deploying Applications with Intune
• Adding and Managing Apps in Intune
• Managing Win32 Apps with Intune
• Deploying Applications with Configuration Manager
• Deploying Applications with Group Policy
• Assigning and Publishing Software
• Microsoft Store for Business
• Implementing and Updating Microsoft Store Apps with Intune
• Assigning Apps to Company Employees

Administer Endpoint Applications

 

• Managing Apps with Intune
• Managing Apps on Non-Enrolled Devices
• Deploying Microsoft 365 Apps with Intune
• Additional Microsoft 365 Apps Deployment Tools
• Configuring Microsoft Edge Internet Explorer Mode
• App Inventory Review

 

Protect Identities in Microsoft Entra ID

 

• Windows Hello for Business
• Deploying and Managing Windows Hello
• Microsoft Entra ID Protection
• Managing Self-Service Password Reset
• Implementing Multi-Factor Authentication

 

Enable Organizational Access

 

• Enabling Access to Organizational Resources
• VPN Types and Configuration
• Always On VPN
• Deploying Always On VPN

 

Implement Device Compliance

 

• Protecting Access to Resources Using Intune
• Device Compliance Policies
• Deploying Device Compliance Policies