OptiTune Step by Step Guide

Setting Up Windows Intune

Setting Up Windows Intune

To set up your environment for using Windows Intune, begin by registering for either the 30 day trial subscription or a paid subscription to the service. You can do this from the main Windows Intune page on the Springboard Series site on TechNet.
Once you've registered for using Windows Intune, you need to use Windows Live to sign into the Windows Intune Login page. This link will ask you to associate a Windows Live ID with your Windows Intune subscription, and once you've done this you'll be prompted to download and install Microsoft Silverlight on your computer if you don't already have it installed.

Downloading the Client Software

Before you can manage PCs from your Windows Intune web-based admin console, you must deploy the Windows Intune client software to those PCs. The next task in preparing your environment is therefore to download this client software. You can do this in one of three ways:

1. Log onto each PC you want to manage. Open Windows Explorer and log into the Windows Intune web-based admin console. Select the Administration option (bottom icon in the left pane) and click Client Software Download in the list of administration tasks displayed (see Figure 2 below). Follow the instructions on this web page to prepare your PCs and to download and install the client software on them.

2. From your admin workstation on which you are already logged onto Windows Intune, select the Administration option and click Client Software Download in the list of administration tasks displayed (see Figure 2 again). After making sure your PCs are prepared (e.g. by uninstalling any existing antimalware programs on them), download the client software to your admin workstation. Then copy the client software either to a network share accessible from the PCs you want to manage or to a USB flash drive so you can transfer the software directly to these PCs.

3. From your admin workstation, download the client software as option 2 above. Then use Group Policy Software Installation to deploy the client software to the PCs you want to manage. Note that your PCs must belong to an Active Directory domain if you want to follow this approach.

Because we don't want to have to manually "touch" each PC for our test scenario, we're not going to use option 1 above. And because some of our PCs are standalone and not domain-joined, we're not going to use option 3 either. So for this walkthrough we'll use option 2 and copy the client software to a network share and then tell our users to install the software themselves from this share.



To download the client software, click the Download Client Software button in the above screenshot. This displays a dialog box prompting us to open or save the zipped archive containing the client software (Figure 3):


Figure 3: Downloading the client software for deployment to PCs.

Installing the Client Software

Now instruct each user of a PC in your organization to go to the network share where the unzipped client software is located and double-click on the Windows Intune Setup file to install the client software on their PCs. When they do this, they'll be presented with the opening screen of the Windows Intune Setup Wizard as shown in Figure 7 next:

Figure 4: Step 1 of installing the Windows Intune client software on a PC.
A progress bar will indicate the software is being installed :

Figure 5: Step 2 of installing the Windows Intune client software on a PC.

The user is notified if the installation has been successful:

Figure 6: The client software has been successfully installed.

Verifying Client Software Installation

Now on your admin workstation, select the Computers option in the left pane of the Windows Intune web-based admin console. Then in the Computers task list, select All Computers, then Unassigned Computers, then switch from the General tab to the Computers tab in the main window pane. You'll see a list of PCs that have successfully contacted the Windows Intune service. Note that your list may not be complete at this point—some PCs may not yet be displayed, and others may not show anything under the Last Status column (see the third PC in Figure 10 below). That's because after you install the client software, the PC contacts Microsoft Update to download additional agents needed for the Windows Intune service to manage the PC. Some of these agents will be downloaded and installed immediately on the PC. Others, such as agents for malware protection and monitoring, will be downloaded now but scheduled for installation later. The full process of downloading and installing agent software on a PC can take up to 8 hours, and once this process has been completed OC is fully enrolled in the Windows Intune service and ready to be managed.

Windows Intune (Introduction)

Introduction

Cloud computing has been making inroads into small- and mid-sized businesses for a few years now, and in the coming year I think it's primed to take off like a rocket. I know several businesses that have been using Gmail for their email system and Google Apps for creating documents and spreadsheets. I also know businesses that haven't felt ready to make the jump to the cloud yet but are looking seriously at Microsoft Office 365 because of what it has to offer over Google's platform. What's been missing until now however is the management side of the equation. With Gmail/Google Apps or Microsoft Office 365, your users can access their email and work on their documents from anywhere on almost any device. But can you also use the cloud to manage and secure your users' PCs from anywhere? 
Windows Intune lets you do this and provides you with an answer to the missing piece of cloud computing—the PC management side of the equation. Windows Intune is a subscription-based cloud service from Microsoft that lets you manage and secure your company's PCs from anywhere from the web-based console

What is Windows Intune?

Windows Intune is a cloud service offered by Microsoft Online Services that lets you manage and secure your company's PCs from anywhere. 

What are the Requirements for Windows Intune?

Once you've subscribed to Windows Intune, you only need to install the Windows Intune client on your PCs, which can be running Windows 7, Windows Vista or even Windows XP. Once you've installed the Windows Intune client on your PCs, you can manage these PCs from anywhere using a web browser that supports Microsoft Silverlight 3.0 (such as Windows Internet Explorer 7 or higher). 
Of course this means that another requirement for using Windows Intune is Internet connectivity. In other words, the PCs you want to manage—and your administrator workstation—must all be connected to the Internet.

What Can I Do With Windows Intune?

You can use Windows Intune perform common administrative tasks with your corporate PCs including:

• Making sure they have the latest software updates applied
• Taking inventory of the software installed on them
• Generate detailed reports of your hardware inventory
• Monitoring them for problems such as missing updates
• Protecting them from malware infections
• Providing Remote Assistance when the user is experiencing difficulties

Who Can Benefit from Windows Intune?

Those who can benefit from using Windows Intune include businesses that:

• Cannot afford to implement and maintain traditional systems management software like Microsoft System Center Configuration Manager (SCCM) or traditional PC security software such as Microsoft Forefront Endpoint Protection Suite, or who don't have the in-house IT expertise to deploy and use such large and complex software, or who are too small in size (too few PCs) to necessitate having such powerful systems management software.
• Have their PCs scattered about in multiple geographical locations (including mobile PCs on the road) making them difficult to manage from a central site using traditional systems management software.
• Have unmanaged (standalone) PCs in addition to managed (domain-based PCs) in their organization.
• Want to minimize up-front investment in systems management operations—with Windows Intune you don't even need a server to manage your PCs.
• Want to have predictable, regular monthly billing of systems management operations for budget planning purposes.
• Want to outsource their PC management operations to another company such as a management solution provider.

What Else Do I Get With Windows Intune?

Your Windows Intune subscription also includes rights to upgrade your PCs to Windows 7 Enterprise. So if you're running Windows XP on your PCs and you subscribe to Windows Intune, you can upgrade your PCs to Windows 7 Enterprise without the need of purchasing any additional licenses. Windows Intune is similar in this way to Microsoft's Software Assurance (SA) program for volume licensed customers. In fact, your Windows Intune subscription also provides you with the option to purchase Microsoft Desktop Optimization Pack (MDOP) which provides additional management and troubleshooting tools your IT staff can use.  

What Don't I Get With Windows Intune?

Large enterprises generally prefer the control they get with traditional systems management software like SCCM and Forefront Endpoint Protection. Mid-sized companies who want control and have the in-house IT expertise can use System Center Essentials together with Forefront Endpoint Protection. Small businesses—and mid-sized companies that don't have the in-house IT expertise—can use Windows Intune to manage and secure their PCs. But there are a few things you can do with System Center and Forefront that you can't do with Windows Intune. For example, you cannot do the following with Windows Intune:

• Deploy operating systems to bare-metal PCs
• Manage PCs using Group Policy
• Manage server operating systems

So if you feel you need these specific capabilities for your organization then Windows Intune may not be for you. 
Note:If you are managing domain-based PCs using Windows Intune and you have Group Policy configured for your domain, and a particular Windows Intune setting conflicts with a Group Policy setting, then the Group Policy setting takes precedence. This type of situation might reside for example with the configuration of Windows Firewall on your PCs, or with Windows Update policy settings for your PCs.

Is Windows Intune Reliable?

Microsoft has been doing the cloud thing for quite awhile now, and they guarantee 99.9% uptime for Windows Intune with a service level agreement (SLA) that is financially backed. They also provide 24-hour support for Windows Intune subscribers in case you have a problem using their service.