home > training > EMS300: Mastering Enterprise Mobility

EMS300: Mastering Enterprise Mobility


  • 3 Days
  • Replay recordings not included due to content licensing

Interested in scheduling a date for this course?
Request A Date
  • This field is for validation purposes and should be left unchanged.

Course Description

In this class we will cover how you can address the Enterprise Mobility challenges using the cloud based Microsoft Intune and Azure AD solutions. You will learn about the new mobile device management features and how to manage Windows 10, iOS, macOS and Android devices via Microsoft Intune.

You will learn how to setup the infrastructure needed, the new features, how to work with identity management, corporate data, conditional access, how to enroll and manage devices and how to use the Microsoft API to automate process around device management.


Introduction to Device Management

  • Why should we care about mobile device management
  • Device Management Vision
  • Planning for BYOD/CYOD and MDM


Preparing the environment for hybrid deployment

  • Requirements for a cloud deployment
  • Planning Active Directory users synchronization
  • Planning for Certificates
  • Planning for Device Support


Identity Management

  • Prepare on-premise Active Directory for Directory Synchronization
  • Work with Azure AD Dynamic groups
  • Protecting the Identity


Application Management

  • Deploying store applications
  • Deploying in-house applications
  • Protect apps with or without enrollment and app based conditional access


Mobile Device Management Security

  • Conditional Access
  • Security Settings
  • Device Settings


Deploying Company Resources

  • Email Profiles
  • Wi-Fi Profiles
  • Certificate Profiles
  • VPN Profiles


Corporate App stores

  • Enable support for Windows Store for Business
  • Enable support for Android for Work
  • Adding Apps from the Business Stores
  • Deploying apps from the Business Stores


Modern Management of Windows 10

  • Prepare Windows 10 AutoPilot
  • Configure Windows 10 profiles
  • Deploy the company portal
  • Test Windows AutoPilot
  • Configure Bitlocker in Intune
  • Perform remote actions
  • Configure Windows Information Protection
  • Configure Software updates


Troubleshooting, reporting and automation

  • Trouble shooting options online and on devices
  • Microsoft Intune Data warehouse
  • Automation via Microsoft Graph API


Protecting Data

  • Protect data with Azure Information Protection


Cloud Apps Security

  • How Cloud App Security need to be configured
  • What Cloud App Security can identity

This course is intended for Enterprise Systems Engineers, Administrators, System Integrators


Before taking this course, it’s recommended that students are:

  • Experience with Windows Server 2012/R2
  • Good understanding of Active Directory
  • Good understanding of Network communication
  • Good understanding of Configuration Manager 2012
What You Will Learn

After completing this hands-on-lab, participants will be able to:

  • Understand BYOD/CYOD and MDM terminology and concept
  • Prepare the environment for hybrid deployment
  • Understand Device Enrollment
  • Deploy Applications to mobile devices
  • Deploy Settings to mobile device
  • Deploy Company Resources
  • Implement and manage Active Directory Federation Services
  • Implement and manage Web Application Proxy
  • Implement Device Registration Service
  • Manage Company Resources for extranet
  • Implement Azure Multifactor Authentication
  • Deploy Azure Remote Applications
  • Implement Work Folders
  • Implement Azure Rights Management