www.it-ebooks.info
Microsoft Windows Intune 2.0:
Quickstart Administration
Manage your PCs in the Enterprise through the Cloud
with Microsoft Windows Intune
David Overton
BIRMINGHAM - MUMBAI

www.it-ebooks.info
Microsoft Windows Intune 2.0: Quickstart Administration
Copyright © 2012 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval
system, or transmitted in any form or by any means, without the prior written
permission of the publisher, except in the case of brief quotations embedded in
critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy
of the information presented. However, the information contained in this book is
sold without warranty, either express or implied. Neither the author, nor Packt
Publishing, and its dealers and distributors will be held liable for any damages
caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the
companies and products mentioned in this book by the appropriate use of capitals.
However, Packt Publishing cannot guarantee the accuracy of this information.
First published: January 2012
Production Reference: 2230112
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham B3 2PB, UK.
ISBN 978-1-84968-296-1
www.packtpub.com

Cover Image by Meir Jacob ()
www.it-ebooks.info
Credits
Author
David Overton
Reviewers
Richard Diver
Robert Pearman
Jason Wallace
Andy Trish
Acquisition Editor
Kerry George
Lead Technical Editor
Susmita Panda
Technical Editors
Kedar Bhat
Priyanka Shah
Naheed Shaikh
Project Coordinator
Jovita Pinto
Proofreader
Stephen Swaney
Indexer
Monica Ajmera Mehta
Graphics
Valentina Joseph D'Silva
Manu Joseph
Production Coordinator
Shantanu Zagade
Cover Work

Shantanu Zagade
www.it-ebooks.info
About the Author
David Overton has been in the IT industry for over 25 years and has worked at
Microsoft, in the UK, for more than eleven years. David fell in love with Small and
Medium Business when he was given responsibility for engaging with journalists, at
the time of the launch of Small Business Server 2003, in the UK. He has also written
Small Business Server 2008 Installation, Migration and Confi guration. For the next four
years, David was responsible for improving SBS deliveries by Microsoft partners.
David has since moved on to other roles within Microsoft but still continues work
with a number of small and medium businesses and Microsoft partners.
David's role at Microsoft includes working with organizations that are moving
towards cloud-based computing models. He personally became involved with the
Windows Intune product, as a result. Working with both the UK and US teams, in
his role there, has lead to the writing of this book.
Besides his day job, David is also a writer; he has written for consumer
publications and Windows XP and Windows Vista magazines, and he blogs at
, where he helps readers fi nd solutions to questions
and problems. In 2009, David published his fi rst book on SBS 2008, which was
well received.
When not working or writing, David likes to spend time with his family and also
tries to fi t in sailing, at any time of the year, in any weather.
www.it-ebooks.info
Acknowledgement
I would like to thank all those around me who have inspired me to undertake
another book to help others. My wife and daughters are incredibly generous with
what would be our time together, allowing me to borrow it to write. My father,
who is always asking me why things do and don't work and what can be done to
fi x them. Friends and colleagues have provided feedback, honestly, that has helped
shape the book with their insight and differing opinions, enabling it to answer more

questions and provide more useful insight.
Finally, I want to thank and remember my mum. She taught me to chase my dreams,
no matter how diffi cult they may be. My mum got to see my fi rst book published
and to see this one start, but was not there, in the end, to see this book arrive in its
fi nished form. I hope she looks down at me from wherever she is and is as proud of
me as I am of her. I will miss you, mum, and your support for my projects, such as
this book. For this reason, I dedicate this book to you, for all the love, knowledge,
and strength you have given me.
www.it-ebooks.info
About the Reviewers
Richard Diver is a passionate technologist with over 10 years' experience in
Enterprise level IT systems. Having worked his way up from helpdesk to server
team, and from consultant to architect, Richard has worked on many large-scale
projects and gained a wide breadth of knowledge in technology, people, and process.
During his time at Microsoft, Richard developed technical content and training
courses in Windows Server Performance, Sysinternals Tools, and Personal
Productivity, delivering this to internal audiences and customers. He is currently
working as an Enterprise Architect for Methods Consulting, a London-based
consultancy specializing in the Public Sector.
Richard has recently completed the review of the latest book Windows Sysinternals
Administrator's Reference by Mark Russinovich, and has completed the creation of an
accompanying training course that is now being delivered by Microsoft Engineers
to their Premier customers.
Andy Trish is an ex-military man with two war medals. He came into the IT
world in 1999 and has since gained over 60 Microsoft Certifi ed Professional
qualifi cations in a whole variety of subjects. He has recently written the questions
and answers for some of the new Microsoft exams. He has held the title of Microsoft
Most Valuable Professional (MVP) since 2008 and contributed to developing the
Microsoft Partner Network.
Andy has presented at fi ve Microsoft Worldwide Partner Conferences and a variety

of other events, globally.
He was the Founding Director of NCI Technologies, based in Cornwall, that won
the Microsoft OEM Hardware Reseller of the Year, 2011 award and was fi nalist for
Microsoft Midmarket Provider of the Year, 2011. He has grown the company to a
staff of twenty-eight, in just seven years.
Andy also co-authored Thinking of Maximising Your Investment as a Microsoft Partner?
Ask the Smart Questions, with Julie Simpson.
www.it-ebooks.info
www.PacktPub.com
Support fi les, eBooks, discount offers, and more
You might want to visit www.PacktPub.com for support fi les and downloads related to your book.
Did you know that Packt offers eBook versions of every book published, with PDF and ePub fi les
available? You can upgrade to the eBook version at www.PacktPub.com and as a print book
customer, you are entitled to a discount on the eBook copy. Get in touch with us at service@
packtpub.com for more details.
At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range
of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.

Do you need instant solutions to your IT questions? PacktLib is Packt's online digital book library.
Here, you can access, read and search across Packt's entire library of books.
Why Subscribe?
 Fully searchable across every book published by Packt
 Copy and paste, print, and bookmark content
 On demand and accessible via web browser
Free Access for Packt account holders
If you have an account with Packt at www.PacktPub.com, you can use this to access PacktLib
today and view nine entirely free books. Simply use your login credentials for immediate access.
Instant Updates on New Packt Books
Get notifi ed! Find out when new books are published by following @PacktEnterprise on
Twitter, or the Packt Enterprise Facebook page.

www.it-ebooks.info

www.it-ebooks.info
Table of Contents
Preface 1
Chapter 1: Overview of Cloud Computing 7
Centralized solution, management, and upgrades 9
Elastic in scale and power 10
Pricing based on utilization 11
Delivered using Internet protocols 11
Secure and private 12
Service Level Agreement 12
Availability 12
Service hours 13
Recompense 13
Window Intune SLA 14
Multiple client device types 14
Client Software 15
Programmable interfaces 16
Different levels of cloud computing 16
Infrastructure as a Service 17
Platform as a Service 17
Software as a Service 18
Challenges of cloud computing 18
Network requirements 19
Data accesses and synchronization 19
Network bandwidth and latency 19
Security 20
Customization 20
Bringing all this together for Windows Intune 21

Summary 21
www.it-ebooks.info
Table of Contents
[ ii ]
Chapter 2: Introduction to PC Management Concepts 23
Continuous cycle of PC Management 24
Denition of IT management goals 24
Using policies for conguration and deployment 25
Policies that deliver against the business goals 26
Ensuring the security settings on the PC provide an adequate level of protection 26
Tracking the hardware and software assets 28
Policies that help the IT team do their job 29
Deploying Windows 7 for everyone 29
Keeping the PC up-to-date with updates 29
Reactive response to problems 30
Ongoing maintenance tasks 30
Dealing with alerts 31
Working with users' support requests 31
Dealing with major problems 32
Hardware 32
Software 33
Reporting on IT management 33
Summary 34
Chapter 3: Overview of Windows Intune Features 35
Why use Windows Intune 35
Situations when Intune makes sense 36
First management solution for small and medium enterprises 36
Moving to a subscription management solution 37
Managing part of an estate, such as computers that users bring in from home 37
Windows Intune solution architecture 37

Windows Intune feature set 38
Windows 7 39
Existing Windows 7 Software Assurance customers 40
Microsoft Desktop Optimization Pack 40
Installation 42
Management console 43
Security management 44
Windows system updates 44
Anti-malware 45
Firewall control 46
Auditing 47
Reporting 47
Alerts and Support 49
Alerts 50
Remote Assistance 52
www.it-ebooks.info
Table of Contents
[ iii ]
Software distribution 53
Managing multiple organizations 54
Summary 55
Chapter 4: Signing Up for Windows Intune and
Installing the Client Software 57
Preparing for Windows Intune 57
Licensing of Windows Intune 58
Software and hardware requirements for Windows Intune 58
Hardware requirements 59
Software requirements 60
Skills required to manage with Windows Intune 60
Signing up to Windows Intune 62

Create a Windows Live ID 62
Sign into MOCP and congure contacts 66
Add Windows Intune to your basket and conrm the purchase 67
Activate your purchase 70
Adding MDOP to your purchase 71
Installing Windows Intune onto a client PC 72
Downloading the client software to the device 72
Unzipping and installing 74
Installing via alternative methods 74
Image based deployment 75
Waiting for the update process to complete 76
Conrming installation 76
Enabling others to manage your PC estate with Windows Intune 78
Adding a partner to your subscription 79
Changes a partner sees when managing more than one client 80
Summary 82
Chapter 5: Conguring Windows Intune 83
Adding additional administrators to Windows Intune 83
Adding an additional administrator 84
Changing the Tenant Administrator 85
Conguring computer groups 87
Choosing a group structure 88
Creating the group structure 90
Assigning PCs to groups 92
Conguring Windows Intune alerts 96
Conguring alert activation 96
Changing alert notication 98
www.it-ebooks.info
Table of Contents
[ iv ]

License management 104
Managing your Microsoft Volume License details 104
Managing your other license details 107
Summary 109
Chapter 6: Conguring Management Policy 111
Policy management 111
Windows Firewall Settings 114
Windows Intune Center Settings 119
Windows Intune Agent Settings 121
General section 122
Endpoint Protection section 122
Updates section 128
Network bandwidth 129
Deploy Policy 130
Editing an existing policy 131
Update management 131
Selecting products and classication of updates to manage 132
Update Classication 134
Conguring automatic approval of updates 135
Manually approving updates 138
Summary 142
Chapter 7: Software Deployment 143
Preparing an application for uploading 144
Understand how the application is installed in silent or quiet mode 144
Create a folder for each installation package 144
Place all les needed for installation into one folder 145
Examples 145
Ofce 2010 145
Adobe Reader and Flash 146
Intel chipset software 147

Using App-V packaging for deploying a package 147
Uploading an application 148
Adobe Flash – 64-bit MSI 149
Adobe Flash – 32-bit EXE 152
Adobe Reader – Windows 7 EXE 155
Adobe Reader – XP SP3 EXE 156
Intel drivers 157
Ofce 2010 157
Deploying a package 158
Managing Non-Microsoft Updates 161
www.it-ebooks.info
Table of Contents
[ v ]
Removing a package 167
Uninstalling software from a client PC 167
Removing a software package 168
Summary 169
Chapter 8: Tracking and Reporting 171
Reporting basics 172
Reporting basics in Reports workspace 173
Selection customization 173
Saving and loading customizations 174
Sorting data in the columns 175
Printing a report 175
Exporting data 177
Reporting basics in Alerts workspace 178
Update reports 179
Tracking software usage 180
Software installed on an individual computer 181
Estate-wide software view 182

Tracking hardware 185
Computers workspace view 186
Hardware Inventory Reports 188
License management 189
Purchase report 189
Installation report 189
Alerts reporting 190
Custom reports 192
Reporting on overall PC management achievements 193
Summary 193
Chapter 9: Monitoring and Responding to
Windows Intune Alerts 195
General Windows Intune alerts 196
Monitoring alerts 196
Responding and closing alerts 199
Malware alerts 201
Testing malware checks are working 202
Actions following malware instance 203
Remote Assistance alerts 204
Preparing to deliver support 206
Preparing the client computer for support 206
Preparing the support agent's computer to offer support 207
www.it-ebooks.info
Table of Contents
[ vi ]
Providing Assistance 207
Receiving alert and responding 208
Providing remote support 211
Summary 218
Chapter 10: Resolve Problems Using Microsoft DaRT 219

Downloading MDOP 219
Installing DaRT 222
Building a DaRT CD 226
Using DaRT to resolve issues 231
Locksmith 234
Crash Analyzer 235
Hotx Uninstaller 239
Standalone System Sweeper 240
Summary 242
Chapter 11: Deploying Windows 7 Enterprise Edition 243
Downloading Windows 7 Enterprise Edition 244
Checking pre-requisites for Windows 7 247
Backing up settings for migration 249
Installing Windows 7 Enterprise Edition 253
Restoring user settings and installing applications 260
Updating Windows Intune 265
Removing the computer from Windows Intune 265
Installing the Windows Intune tools 267
Considering tools for scale deployment of Windows 7 268
Microsoft Assessment and Planning (MAP) toolkit 268
Microsoft Deployment toolkit 269
Summary 269
Chapter 12: Integration with Existing Microsoft Products 271
Typical computing scenarios 272
Desktop environment 272
Management tools 273
Services to enable productivity and collaboration 273
Ofce 365 and on-premise SharePoint and Exchange 274
System Center 274
On-premise Windows Server 275

Identity management with Active Directory 276
Group Policy 276
Update management with Windows Software Update Services 277
www.it-ebooks.info
Table of Contents
[ vii ]
Windows Small Business Server 278
Windows Home Server 279
On-premise versus cloud solutions summary 280
Mixing on-premise and cloud solutions 281
Anti-malware products 282
Summary 283
Index 285
www.it-ebooks.info
www.it-ebooks.info
Preface
Microsoft Windows Intune is a cloud service solution that simplies how small and
mid-sized businesses manage and secure PCs using Microsoft cloud services and
Windows 7—so your computers and users can operate at peak performance all
the time.
This step-by-step guide will show you how to plan, set up, and maintain Windows
Intune, showing you how to manage a group of PCs (either one business or several)
from the base operating system, through to the patches, anti-malware solution
and deployed software and policies from a central console, using the Windows
Intune service.
This book takes you through all the steps to plan, set up and maintain Windows
Intune and how to manage a group of PCs. The book starts by providing an
overview of cloud computing and PC management. The book then dives into topics
such as Windows Intune features, signing up for Windows Intune and installing
the client software, conguring Windows Intune, proactive management, and

monitoring and dealing with alerts, including remote assistance among others. As
Windows 7 is part of Windows Intune, the book will also cover the minimum steps
required to move from Windows XP to Windows 7 while keeping user settings
and preferences.
What this book covers
Chapter 1, Overview of Cloud Computing, explores the new cloud computing and
cloud-based services world that we are moving rapidly towards and includes
Windows Intune. Before we can embark on this journey it is important that we
understand the benets and pitfalls that cloud services bring with them and how
they apply to us. One mechanism to help protect us against the uncertainties is the
use of Service Level Agreements, which are explained for Windows Intune.
www.it-ebooks.info
Preface
[ 2 ]
Chapter 2, Introduction to PC Management Concepts, introduces the important concepts
behind PC management, with a focus on ensuring that the needs of the business are
the fundamental driver of the IT policy we implement with Windows Intune. We
then explore how the IT policy decisions are taken to reect these needs and are then
able to demonstrate that they are delivering on them.
Chapter 3, Overview of Windows Intune Features, describes the features within
Windows Intune, ensuring that we can take advantage of all of the benets it has to
offer, including anti-malware software, update management for both the Windows
Operating System, and Windows applications, software distribution, system alerts
and reporting.
Chapter 4, Signing Up for Windows Intune and Installing the Client Software, walks
through the Microsoft Online Services Portal, conguring the service administrators,
and if desired, assigning a partner to assist us. We also download and install the
Windows Intune client software and ensure it is up and running on each computer.
Chapter 5, Conguring Windows Intune, runs through the conguration steps for
Windows Intune. This starts by adding additional administrators to the system

to allow multiple system’s managers. We then congure the computer groups
for the management process. We enable the alerts that Windows Intune will raise
and congure who they are sent to. Finally, we congure the Microsoft and
non-Microsoft software license purchases so Windows Intune can report on
compliance to this.
Chapter 6, Conguring Management Policy, enables us to construct the policies
that Windows Intune uses to congure each computer. This covers rewall,
anti-malware, and operating system and software updates. The Windows updates
section includes conguring which update categories are checked on each computer
to see if they are required and the deployment policy options, either manual or
automatic approval.
Chapter 7, Software Deployment, using Windows Intune can be a complex process
as all software must be installed silently and with all the les in one location. We
explore the process, setting up the command switches and including the right les
for a number of common applications as working examples.
Chapter 8, Tracking and Reporting, is a key activity to demonstrate that we are
delivering a useful service. We explore the activities required to track the hardware
and software managed by Windows Intune and then the reporting options for
software use, alerts, and hardware tracking. Since custom reports are often desired,
we also look at how these could be delivered into a spreadsheet and then enable
greater insight if desired.
www.it-ebooks.info
Preface
[ 3 ]
Chapter 9, Monitoring and Responding to Windows Intune Alerts, requires different
responses depending on the alert and the level. We will examine how to monitor the
computers and deal with the special case of remote assistance alerts that a user can
request and require an almost immediate response due to the fact that someone is
waiting for us.
Chapter 10, Resolve Problems Using Microsoft DaRT, is an optional purchase with

Windows Intune that is delivered as part of the Microsoft Desktop Optimization
Pack. It can be used to resolve deep technical issues that stop a computer booting or
being accessed by a user. We will understand how we can repair a system, change
passwords, and edit the devices congured on a computer. This is a critical for all IT
desktop managers.
Chapter 11, Deploying Windows 7 Enterprise Edition, is something many of us will
have to do and is made easier as Windows Intune includes the license required to
update to the latest version of Windows. We will cover the process of migrating
from Windows XP to Windows 7 Enterprise Edition. This includes moving the user
settings from one system to another and then updating Windows Intune.
Chapter 12, Integration with Existing Microsoft Products, is an area we explore as many
of us will use Windows Intune with other Microsoft technologies. We examine how
Window Intune interacts with other Microsoft products and whether they are a
natural t for use with Windows Intune.
What you need for this book
The requirements for Windows Intune are very simple. We need a group of
Windows-based computers that we want to manage, access to the Internet,
and a web browser that supports Microsoft Silverlight.
Who this book is for
If you are an administrator or partner who wants to plan, set up, and maintain
Windows Intune and manage a group of PCs, then this book is for you. You should
have a basic understanding of Windows administration, however, knowledge of
Windows Intune would not be required.
Conventions
In this book, you will nd a number of styles of text that distinguish between
different kinds of information. Here are some examples of these styles, and an
explanation of their meaning.
www.it-ebooks.info
Preface
[ 4 ]

Code words in text are shown as follows: "Type a group name, such as
Office Licenses."
Any command-line input or output is written as follows:
# cp /usr/src/asterisk-addons/configs/cdr_mysql.conf.sample
/etc/asterisk/cdr_mysql.conf
New terms and important words are shown in bold. Words that you see on the
screen, in menus or dialog boxes for example, appear in the text like this: "If
you want the user to have full permissions, select Full access, otherwise select
Read-only access".
Reader feedback
Feedback from our readers is always welcome. Let us know what you think about
this book—what you liked or may have disliked. Reader feedback is important for us
to develop titles that you really get the most out of.
To send us general feedback, simply send an e-mail to
,
and mention the book title through the subject of your message.
If there is a topic that you have expertise in and you are interested in either writing
or contributing to a book, see our author guide on
www.packtpub.com/authors.
Customer support
Now that you are the proud owner of a Packt book, we have a number of things to
help you to get the most from your purchase.
Errata
Although we have taken every care to ensure the accuracy of our content, mistakes
do happen. If you nd a mistake in one of our books—maybe a mistake in the text or
the code—we would be grateful if you would report this to us. By doing so, you can
save other readers from frustration and help us improve subsequent versions of this
book. If you nd any errata, please report them by visiting ktpub.
com/support
, selecting your book, clicking on the errata submission form link, and

entering the details of your errata. Once your errata are veried, your submission
will be accepted and the errata will be uploaded to our website, or added to any list
of existing errata, under the Errata section of that title.

www.it-ebooks.info
Preface
[ 5 ]
Piracy
Piracy of copyright material on the Internet is an ongoing problem across all media.
At Packt, we take the protection of our copyright and licenses very seriously. If you
come across any illegal copies of our works, in any form, on the Internet, please
provide us with the location address or website name immediately so that we can
pursue a remedy.
Please contact us at
with a link to the suspected
pirated material.
We appreciate your help in protecting our authors, and our ability to bring you
valuable content.
Questions
You can contact us at if you are having a problem with
any aspect of the book, and we will do our best to address it.
www.it-ebooks.info
www.it-ebooks.info
Overview of Cloud
Computing
Welcome to the cloud computing revolution currently sweeping through the IT
landscape. It might be slightly confusing as to why we are starting a book on PC
management with an introduction to cloud computing, however, the management
service you are signing up for is a cloud based solution, with benets and challenges
that need to be addressed and planned for.

Through this chapter we will understand what cloud computing is and how it
compares to the traditional on-premise computing models of today. We will then
discuss what this means to us when relying on the Windows Intune Service and
highlight other cloud computing services that we might want to use, or perhaps
already be using from the cloud.
The one word of warning that I will give here is that every IT company on the
planet appears to have a denition of cloud computing that suits the products they
sell. Here, we will dene the key aspects that are required for something to be a
cloud computing solution.
In this chapter, we will cover the following topics:
• Facets of cloud computing
• Different levels of cloud computing
• Challenges of cloud computing
• Bringing all this together for Windows Intune
www.it-ebooks.info
Overview of Cloud Computing
[ 8 ]
We are going to cheat a little. I'm not going to provide one of those quotable
denitions of cloud computing, but rather explain what I believe are the key facets
of cloud computing and how these benet us and provide us with caution in some
areas. The reason I'm going to do this is because I recently saw a presentation by a
UK government ofcial that stated they had found twenty-two denitions of cloud
computing and none of these denitions tted their needs, so they dened number
twenty-three. No doubt I will upset some in the IT world with my information, but
that is one of the luxuries of being the author, although I think this aligns with most
of the twenty-three denitions to date.
The key facets of a cloud solution are as follows:
• Centralized solution, management, and upgrades
• Elastic in scale and power
• Pricing based on utilization

• Delivered using Internet protocols
• Secure and private
• Service Level Agreement
There are other facets that are often part of a cloud solution, but not required and we
shall also explore these:
• Multiple client device types
• Client software
• Programmable interfaces
What should not be ignored is that all of the these facets could be delivered on
our premises, especially if the delivery is for a large organization. However, the
economies of scale and shared xed costs that trend to zero are limited by our own
ability to scale. Some would call this on-premise solution a private cloud, while
others would call it a well-managed data center with many aspects shared with a
historic well-run mainframes estate. As a side note, my computing life started with
mainframes and it makes me smile that a mainframe expert would see almost all of
the key facets of a cloud solution as those by which mainframe based solutions were
delivered from private data centers.
This is one of the key things to understand here. While Internet scalability enables a
lower cost model and the protocols are becoming more manageable even with our
rewalls that protect our networks as they connect to the Internet, there is very little
here that by itself is new. The uniqueness here is that organizations like Microsoft are
investing billions of dollars to build the data centers and solutions that bring each
facet together into a handful of locations at a game changing price point.
www.it-ebooks.info