Helpful Summary
- Overview: We provide a step-by-step guide for setting up Microsoft Intune, focusing on managing devices and securing data effectively. We also detail how to integrate BlueTally with Intune for seamless asset management.
- Why You Can Trust Us: At BlueTally, we have extensive experience helping businesses manage IT assets. We have integrated Intune to automate asset management, reduce errors, and improve efficiency. Our case studies, like that of IT manager Yohan D., highlight these successful integrations.
- Why It Matters: Setting up Intune improves device management, enhances security, and simplifies administration. Integrating BlueTally further improves asset tracking and accountability.
- Action Points: Follow the nine-step guide to integrate Microsoft Intune with BlueTally to enhance overall IT asset management and data protection.
- Further Research: Explore the BlueTally blog to learn more about asset management and integration for your business.
Whether you run a small, medium, or large business, you need to manage your devices and secure data. Fortunately, there’s Microsoft Intune. This cloud-based solution is taking the burden off many companies and helping them manage their devices effectively.
While Microsoft Intune is a game-changer, setting it up can be a pain in the neck. That’s why in this BlueTally guide, we’ll show you how to set it up in simple steps. Plus you’ll also learn how to integrate BlueTally with Intune for seamless asset management.
Ready to learn how to set it up? Let’s dive in.
Why Listen To Us?
At BlueTally, we have first-hand experience helping many businesses manage their IT assets effectively while easily integrating with Intune. Our integration with Intune automates asset management, reducing manual data entry and errors. Our client, Yohan D., an IT manager, has this to say:
BlueTally’s comprehensive Intune setup guide ensures quick implementation, saving IT teams significant time. Our clients benefit from automated device addition and checkouts, streamlining asset tracking and improving accountability.
What is Microsoft Intune?
Microsoft Intune is a cloud-based solution that helps businesses manage their organizational devices and applications. It protects corporate data and can improve employees’ productivity. Intune also helps set and enforce compliance policies. For a modern, mobile-centric company, Intune is a flexible and scalable solution.
Key Features of Microsoft Intune
Here are the key features of Microsoft Intune.
Mobile Device Management (MDM)
Mobile Device Management (MDM) lets you remotely configure, manage, and monitor your staff’s mobile phones and tablets. This Intune feature allows you to enforce security policies like passwords. As a form of tool tracking, MDM also enables you to wipe an employee’s device in cases of theft or loss. Intune also works perfectly for you even if you’re operating a Bring-Your-Own-Device (BYOD) policy in your company.
Conditional Access
Microsoft Intune’s Conditional Access feature enables you to set specific conditions for who can access the company’s data and apps. This feature also allows you to set and enforce security policies like device compliance and multi-factor authentication. This extra security layer ensures that the company’s sensitive data does not get into the wrong hands.
Benefits of Using Microsoft Intune
- Easy and Robust Device Management: Intune allows you to seamlessly manage a wide range of devices, such as mobile phones, laptops, tablets, and desktops. It also works perfectly on platforms like Android, iOS, Windows, and macOS. Intune ensures compliance with the company’s configurations and policies.
- Improved Security: Microsoft Intune is big on security. It’s one of the best ways to protect corporate data and devices. It helps you set up comprehensive security policies and configurations that keep your sensitive data safe. You also get end-point protection from threats and vulnerabilities for your devices.
- Simplified and Centralized Administration: With Intune, you can easily manage your devices and applications from one central location. Device enrollment and configuration are automated. And with zero-touch deployment methods like Windows Autopilot, you can perform security tasks remotely.
How to Set Up Microsoft Intune
Now, let’s take you through each step you need to take to set up Microsoft Intune.
Step 1: Review the Supported Configurations
To achieve a seamless Intune setup, you’ll firstly need to fulfill the system requirements. First, review the supported operating systems (OS) for your desktop, laptop, tablet, or smartphone. Intune supports devices running on these OS:
- macOS
- Windows
- iOS/iPadOS
- Android
- Linux
- Chrome OS
Next, review the supported web browsers when accessing Intune using the Microsoft Intune admin center.
Finally, know the network bandwidth requirements for installation and updates to ensure your network infrastructure can handle scalability.
Step 2: Sign Up for Intune
Before you sign up for Intune, ensure you have a Microsoft Online Services account, Enterprise Agreement, or volume licensing agreement. Once you’ve ascertained this, sign up or sign in if you already have an account.
If you already have a work or school account, sign in with that account and add Intune to your subscription.
Step 3: Configure a Domain Name for Your Intune Tenant
When you sign up for Intune, you’re allocated an initial domain name. This domain name is hosted in Microsoft Entra ID with this suffix: onmicrosoft.com.
To connect your company’s domain name with Intune, set DNS registration. Customizing your domain name boosts user experience as users will see a familiar domain when connecting with Intune. Note that this step is not necessary if you’re assessing Intune with a free trial.
Step 4: Add Users to Intune
The Microsoft Entra ID manages user authentication and access to resources. Here, you can add users directly or connect Active Directory to sync with Intune. Unless your devices are “userless” kiosk devices, this step is required.
Before anyone in your company can access Microsoft Intune, they need a user account. To create user accounts, simply add users. After this, you can grant permissions and assign licenses. In the future, you can allocate different policies to users to help and protect them.
Note that to add users to Intune, you must be an admin.
Step 5: Create Groups
Microsoft Entra groups are used to organize and manage devices and users. An Intune admin can set up groups to meet the company’s needs. For example, groups can be used to organize devices or users by department, hardware characteristics or location. Groups can also be created to manage tasks at scale.
To create groups, take the following steps:
- Sign in to the Intune admin center
- Select Groups > New group
- In the Group type, choose either Security or Microsoft 365 (security groups define who can access resources while Microsoft 365 provides collaboration opportunities).
- Fill in the Group name and Group description
- Enter the Membership type. Choose from Assigned, Dynamic user and Dynamic device
- Select Create to add the new group
Step 6: Manage Licenses
You can use Microsoft as a standalone service or with subscriptions. You’ll need to determine the licensed services your company needs before assigning each user an Intune license. It is when this is done that users can enroll their devices in Intune. You can also choose to have unlicensed admins.
Here are steps to assigning licenses to users:
- In the admin center, select Users > All Users > Choose a user > Licenses > Assignments
- Choose the box for Intune > Save. If you want to use the Enterprise Mobility + Security E5 or other license, choose that box instead
Once this is done, the user account is permitted to use the service and enroll devices into management.
Note that you can also assign licenses to users with Microsoft Entra ID.
Step 7: Manage Roles and Grant Admin Permissions
There are admin roles you can assign to users using the admin center. Each role aligns with common business functions, permitting users to perform specific tasks. It is recommended that you create your admin team as soon as you add users to your Intune tenant.
Here’s how to get started with managing roles.
- You have an option of using Role-Based Access Control (RBAC) to manage access
- You can assign roles to users and limit what they can see or change. Here is a step-by-step guide on how to assign roles.
- In the admin center, choose Tenant administration > Roles > All roles
- In the Endpoint Manager roles - All roles page, choose the built-in role you want to assign > Assignments > + Assign
- On the Basics page, enter an Assignment name and optional Assignment description, and then choose Next.
- On the Admin Groups page, select the group that contains the user you want to give the permissions to. Choose Next.
- On the Scope (Groups) page, choose a group containing the users/devices that the member you selected is allowed to manage. You can also choose All users and/or All devices. Choose Next.
- On the Scope (Tags) page, choose tags where this role assignment is applied. Choose Next.
- On the Review + Create page, when you're done, choose Create. The new assignment is displayed in the list of assignments.
- You can either use the built-in roles or create custom roles. To create custom roles, take these steps:
- In the admin center, choose Tenant administration > Roles > All roles > Create.
- On the Basics page, enter a name and description for the new role, then choose Next.
- On the Permissions page, choose the permissions you want to use with this role.
- On the Scope (Tags) page, choose the tags for this role. When this role is assigned to a user, that user can access resources that also have these tags. Choose Next.
- On the Review + Create page, when you're done, choose Create. The new role is displayed in the list on the Intune roles - All roles blade.
- You can use Role-Based Access Control (RBAC) and scope tags to ensure the right admins have the correct access and visibility to the required Intune objects.
Step 8: Set the Mobile Device Management (MDM) Authority
The Intune free trial sets your MDM authority to Intune by default. You must set your own MDM authority before users can enroll devices for management. Here’s how to do it:
- In the admin center, select the orange banner to open the Mobile Device Management Authority setting. The orange banner is only displayed if you haven't yet set the MDM authority.
- Under Mobile Device Management Authority, choose your MDM authority from the following options:some text
- Intune MDM Authority
- None
After doing this, you will get a message saying you have set your MDM authority to Intune.
Step 9: Customize the Intune Company Portal
The Company Portal app, Company Portal website and Intune app for Android are where users can access the company’s data and perform common tasks. These tasks include enrolling devices, installing apps, etc. To customize the Intune Company Portal, follow these steps:
- Sign in as an Intune administrator
- Navigate to the Microsoft Intune admin center
- Select Tenant Administration > Customization where you can either edit the default policy or create up to 10 user group targeted policies. These settings will apply to the Company Portal apps, Company Portal website, and Intune app on Android.
Integrate BlueTally with Intune for Robust Asset Management
While device management is key, overall IT asset tracking and management is even more important. That’s where BlueTally’s asset management software, comes in. And integrating BlueTally with Intune is a breeze.
Sign up for free today and enjoy top-notch asset management and data protection.