Intune Architecture | Intune online Training |How does Intune communicate with devices? Joyatres
okay so before i start the next session like do you have any questions um no sir so far good okay so today we are going to discuss about like azure i mean uh bit of azure as well okay uh so how entune data flow and what what exactly the outcome of intune and then i i'll navigate you to different portals like engine portal as your portal or 365 portal i think you already have some knowledge of this button so let's see that and now who wants your activator to replace your own in in tune device management and stuff okay yeah so you're able to see my screen yeah you can see yeah so this is uh overall our picture of in june and the outcome of engine so what could be an outcome how you can manage intune so and how what is the uses of intune how many different things you can you can use it in tune for okay i'll just lock my door income so coming here back so this is i'll just first uh just navigate to a major concept major let's say diagrams are on components and then i'll go in detail okay so this is microsoft basically intune as we know is a product of microsoft and within microsoft you have microsoft azure which is a cloud of technology or a cloud platform in azure you have microsoft intune and also when you buy intune license or when you register first time you will get azure active directory as a inbuilt feature or a pre-loaded future uh to your tenant so basically the the first uh time when you logged in like when you create an account to in june or azure or 365 we call that as a tenant nothing but your your company to be to be exact a tenant is your your portfolio or your company whatever you're comfortable whatever you want to call it as so in microsoft terminology it's called as tenant your tenant includes by default includes azure active directory and that's inbuilt on top of that what license you have it depends on remaining applications so microsoft intune you need to have in tune license as i said yesterday you have v1 e2 with e1 e3 e5 licenses and o365 you have different licensing different licensing models standard enterprise and basic versions of uh so coming to intune so how what is active directory i'll just give a high level uh introduction of so why we need active directory so why this is related to active directory so as we know this is the azure active directory so basic authentication of you know customization grouping of things uh deploying applications managing multiple users one managing multiple devices from in tune you need to have this information first you have multiple devices multiple users multiple well you know groups and information to manage it so where you get it from you get it from active directory so can you use intune without as your active directory next to impossible that's not possible at all okay so that is that place your your your security sorry it's not security your iam like identity and access management that plays a role for your intune so within tune as we already discussed we can manage devices as in we can configure policies install and we can create profiles configuration profiles include configuration policy what are those which go in detail later part of it just high level architecture you can protect data the product data and you can also manage applications these two comes under mdm device management this comes under management of our mobile application management m a m so this section is done right so this again so as you react to directory inbuilt also comes up with o365 it varies from what license you have it so within tune uh by using accuracy authentication you can deploy so sas of apps you know what is sas right yeah that's it software is a service so example sql uh o365 office 365 so database and all these things are sas applications so you can directly deploy sas applications uh we also call as lob apps lob means line of business applications okay you can also deploy custom web apps as in microsoft edge safari browsers also you can deploy it and as i said you can deploy from apple store application and from google play from microsoft store and all those things so you can also manage on-premises if you have what is a line of business the line of business apps is so the inbuilt apps available within microsoft so microsoft approved apps let's say that's better better now yeah okay yeah so so you can you can manage this is a network access enabled between your your cloud this is cloud and this is on brush the bottom of it so how you can access in tune is through a web console so that web control is having a graphic api so which is uh so api model so we used to have when back in back in 2010 to the 1380 era we used to have silverlight based control web console so you know right silverlight is a web web-based uh you know tool which can support uh okay which can support loading of uh back browser background images and stuff so we used to have a silver knight base but silver light microsoft decommission 01 lite so now they used uh apis to display the console and you know load the information into console so this is how you access our con you can do whatever using browsers only so you can you can there are a list of supported browsers for intune i'll go through that later part i mean after this okay so that's that's this is on premises so you can configure the let's say this is a mobile so what you can configure or how you can manage mobile devices it's not only limited to mobile it's also it you can also manage windows 10 operating system windows 11 upgrading to some different versions of windows also you can we can manage it but it's just this in this diagram we are just discussing about mobile so telecom expansion management mobile threat production again same so under this so this is how you configure it so this is for console what is a telecom express experience expenses management so let's say you you want to uh analyze the data let's say uh if it is a corporate owned device example let's say if it is your company piece your company owned mobile device if you if you're managing so you can also pull information as in how much how much uh usage you have with this uh telecom partner whatever the sim you have it right so those things also you can configure the alerts and metrics too and you can also analyze okay how much is the utilization of it so if it is cop this is only applicable for uh corporate devices not for the personal devices you can't get personal device information uh to your company or to in tune okay so that's about high high level after we'll go in detail about it every step which is involved in it uh we'll go in detail okay so just just high level this ah okay i'll do one thing so i think i already covered this but i'll just cover this and i'll show you the different portals and then we'll go back okay so in tune pre-exercise so what is what is needed uh to to set up in tune basically you need intune license uh if it is a standalone standalone license okay again as i said you have ems license or you can also include with the o365 license microsoft 360 file license as i said standard premium and enterprise edition okay so this you can you can do you can select either of uh uh the licensing model again it depends on your requirement your company requirement you you want to manage only devices and applications go for them ems results you want both 365 applications as in board excel teams onedrive and everything and and you can go with and also you want to manage devices you can go with a microsoft 365 m365 licensing model it depends on you so you can also sign up for a free trial account which is valid for 30 days as of now it was it was one year when they introduced into market now they reduced it to 90 days and then and then that is to 30 days now so and also you can once you once you create an account for microsoft and and once you have logged into your let's say example how how smart microsoft done is let's say you have a microsoft account are you registered account with microsoft by default if you log in with that account uh by default you'll be having intune account or as your active directory or as your portal you by default you'll have that is attached to your account by default and your account is a global administrator account that means your account have a highest priority or highest privileges on that particular tenant so when you create an account so microsoft creates a tenant as it just as of now you you know what is tenant right yeah so micro create a tenant for your account so that is only applicable for your account so you can only authenticate it or authorize with your account and i said it becomes a global administrative account okay so my question is not there my question is uh what is the different uh between uh can you just give me a details idea about 365 model and ems model so as i know you said this is uh included so what is the benefit which one will be beneficial actually for cost purposes for example ems or 365 model so maybe in our environment has office 365 environment it's it's completely if you ask me personally microsoft 365 is the best best licensing model but it's a bit expensive give me a second yeah so so i would my recommendation is for microsoft 365 but why my recommendation microsoft this is d5 because it comes with a lot of things it comes as a package you have you have one uh you have one drive teams outlook word powerpoint all these applications as well as with onedrive you'll get 1tb storage but no i know i know the model yeah another model yeah so so and also you'll get security included which is yes yeah and also device management as an intune so this is a combination it's it's a package of lot of things but if you take only into you can only have mobile device management i mean it's a mobile device management and you can deploy application to those mobile devices mbam and mdm comes in that's it so which one is better which one is better obviously microsdf is better given it is a package but your requirement is to only manage devices you don't want to do every everything and anything you want to do only device management why to go why to pay extra money so it purely depends on what your company wanted but most of the companies as in real-time real-time environment right people uh companies are looking for microsoft 365 license only because you almost every company uses mails email systems and offices mandatory and because of that reason so they will get o365 applications so they can you know how much infrastructure you need to maintain the normal uh the on premises mail mail mailing technology are let's say exchange servers you know how much yeah we're in it too much so managing maintaining only exchange is a big burden and also infrastructure i mean as in physical servers operating system patching of that particular operating system that's too much of a task so once you once you go with microsoft 365 you don't need to do anything you just you just you can just simply use login and use your your office and your outlook and everything simple you don't need to have any headaches microsoft tickets of take care of patching and they'll give you 99.99999 sla also percentage of facility also so that so companies are looking okay i don't need to maintain anything i don't need to have an exchange admin also i'll just o365 is a very if you compare how difficult exchange is and how easy how easy was 4365 or office stage device it's very very easy the navigation administration and everything is very easy compared to exchange exchanges you need to have a cli good understanding of cli you need to have what is up transport what is exchange so so how way the how to how the mailing flow will will happen where it's striked so you need to have all this technology skills and you know it's a big subject but o365 you don't need to worry all those things you just it will be managed it's more of microsoft headline they'll just give you an application you can use it that's it they are doing the hard work they are giving you the result and also then of course they are charging the same same amount of money but that's you know take it and use it plug and play kind of things so that is the reason why people are more interested in in our og-65 licensing model compared to ems model did i answer yeah thank you actually and another thing is uh what is the different what is the major difference e3 and effect about uh ems futures so basically the security part is basic what is covered in e3 but security is completely covered in uh microsoft defender i mean to say completely covered uh the integration with power bi integration with graphics the reporting and everything is covered in better we have better options in it e5 comparison and uh any anything different between uh e1 also right you want one e3 it has a limited functionalities as in you can only manage devices so there is let's say a particular user if you are now if you cost also questions cost also only six dollar per device in per month that's correct yeah that's correct again when you want to manage that device right let's say so let's take an example if you have an e1 license for a single user so single user can only log into two devices with e1 if you take e5 unlimited so why so you you may have asked question why why we need to worry about how many how many places he will log in no definitely i need it because exactly the situation in we are in a scenario wherein we need it we need at least three to four devices or login information i mean login rights per user so e1 doesn't cover that okay okay okay any other questions no thank you um so i'll come back to this supported operating system slide later part i'll just show you the few portals of you might already aware of it but it's my responsibility to show you so portal.azure.com so i didn't do anything just see it's out it'll automatically log in see this is one of my test company created account well i'll just know from this i'll switch out to actual account so this is portal.azure.com once you go
there so i'm not sure whether it's working or not so this is a basic portal which you need to have idea about it you should have a you should have the portal.com you should know it so what you can do with this and i'll i'll just show you endpoint.microsoft.com this is the in tune url you want me to ping it or you know it so this is the one and office.com or office365.com yes let's see office start no we can we can go from all or from overseas levels or sorry anywhere from no problem that's it i'm just showing that you're okay okay okay okay fine anywhere anywhere from here to 65 from here to yeah also from here too back anywhere also you can you can go yes i'm just logging in with this first time in this account so that's the reason let's finish it so i'm not going to cover the o360 files it's again another subject of it but i'm just showing you this so i'm just closing this so we are more concerned about this one and this one so portal.com you must have an idea about it what you can do with this so you have magic majorly you have as your active directory you have your devices your virtual machine storage and also a lot of things so what is our concern is as you react okay this is one of one of my project i'm just showing you this instead of the empty one i'm showing you this so that you can see a real time here real time data but when you create your your account you should you should not see this this information use those groups and you might see zero zero effort everything okay a real time uh a small company or small project data which i can show you to somebody also that there's no risk involved this is a testing actually this is a poc environment it's not the production environment okay so i'm in azure active directory so basically my company is unified medical uh okay this is my company information so this is over you so you should have users tab groups roles and administrators but if you if you're already aware of it i can skip this if not i can go through it so basically what we need to want we need to uh validate is like once whether you're you're logged in with your account or not and this is your tenant id you see that uh if i click here this is the directory unified 985f056d3 that's my tenant id you can validate it from here also this is my tiny entirely this is my company name this is my domain name so by default you'll get a microsoft predefined domain name that which is dart on microsoft.com is a sub fqd and you'll get it with a normal account so if you see intune admin that's my account right so basically and at em dot care is what my custom domain stands actually but what is how this is reading by microsoft domain that is in tune this is how a microsoft reads it and actually this is the em dot k dot on microsoft.com this is
how microsoft understand this so but but for us to simplify uh just like we're having on terms of domain and everything so we can see that em dot care is my domain so you can see here primary domain is um.k so you can you can just navigate it but if you want me to again i can go through user settings and azure active editor and everything so you have as your ad connect which is again when you have a co-management enabled when you when you want to integrate your on-premises ad with azure active directory you need this okay so you can see devices here i don't know why it's very slow just go to all devices see there is this is a purely azure ad devices and you can see a device name computer name and the os this is windows windows android and also iphone okay so here you can see different versions of different different company operating systems windows as in microsoft android as in google and iphone app in apple so you can you can also see the versions and so why only these questions are available only you can see you cannot see below 10 of windows 10 because there is a custom policy which i have applied on this device so you can go to device settings if you want to enable any particular setting and and you can you can write the new settings also so so you can this this i'll go through this details later part but this is very interesting you need to remember also is so e here i mean you you mentioned yesterday remember when there is an interview question you just let me know right this is one of one of a question so users may join devices to azure ready your question will be please by default have access to add your devices to as you ready or to intune how do you control that so basically you see here users may join so when you select by default all is selected i don't have modifier permission for this particular account but because since it's not a global admin so you see this all selected none so if you select none nobody nobody can onboard devices too as you really are in tune if i say selected i need to give which id actually can able to do it if i select all anybody can anybody can just go there put username and password of that particular company email id and password they should be able to register for intuit so all is not recommended all the time because you don't have a control how many people are registering again i'll go through this later part of it okay don't worry okay so this is a basic navigation so you can also create your custom domain names as i said i have bm.k mdmcc.this is testing all testing so you
can also create your custom domains so let's jump to this is a intune console or portal whatever you you prefer to call so you see this there is something newly comes in this is this was not the previous naming convention microsoft endpoint manager admin center this is a unified console you can manage a both when i when we integrate co-management also both secm onboarded devices also in tune devices also you can see it here this is the reason it's called now it's called as microsoft endpoint monitor manager admin center you can see again this is home this is a status report how many devices you have what is account status and everything and this is the dashboard you can control this dashboard you can edit and add and remove something whatever you wanted to device enrollment client application device compliance don't worry like i'm just going fast just through this because i'll come back and explain everything when we are configuring everything so just overlay only okay so devices again these are in tune onboarded devices so the devices which are here as you really defined azure ready are different from intune or it may be same so why it can be same or why it can avoid you can make it as same or you can make it as different also so i'll i'll show you one division i'll explain again i'm saying don't worry about it this is basic basic overview of it so let's let's go for i think i have some windows devices i think i don't have it no i didn't do it i meant we wiped everything okay so you can you can see windows devices ipod mac os android all those devices okay so this is devices this is users all the users you have in this environment and groups this is about security which is again so security baseline and all these things this is again security nothing but your microsoft endpoint defender this is this is a security and these are the basic reports which are available within june so you can have device compliance and configuration and group policy analysis also so if you have a group on-premises group policy you want to you want to export into export from on-premises and you want to imported the group policies you know what is group policy also right yeah i know yeah you can so basic this is a you know and this is the area microsoft has to improve a lot of things you can't export and import every group policy available now on premises but most of them you can you can do it as of now so you can you can upload the existing uh exports from analysis and import it directly into into uh in tune validate whether that that is applicable and available in in in june that it can be also tested i'll show you one of the real time uh one real-time example when we are doing it okay so this is the third administration here this is the uh and one more thing you need to remember so this is a tenant mdm authority which you need to set it so who mdm means mobile device management right authority who should manage your devices this will decide who is the manager of your device i mean which you want to manage by sscm you want to manage by in tune you want to manage by some other thing so that's where you are you will be enabling it this is where you are enabling it so you can see your tenant connection you have everything is synced or not and what is enabled what is not enabled here you can verify also this is service health and message center if you have anything is not working something goes wrong and everything you can come by come in here this is completely your tenant that means you're completely determined so what is happening uh what is service health of your tenant should be available in this section okay and there are a lot of things also so remote help and everything so we'll again we'll go in detail section by section point by point when the time comes okay so this is basic navigation and i know so the uh overview of portals available with our first intune so this is groups we can create groups by default also there is there is there are some some groups you can see some of the groups see if you see group type is security which is created in this script if you see group type group is coming from o365 or microsoft 365 rms m365 this is this group is created in office office 365 login that's how you differentiate that's how you find out where this group is created uh so when when actually you combine everything right it's true confusion like where i'm creating let's say you have you have 465 license example and you have one office 365 administrator one in june administrator one as you really administer so three people creating group example so one one person create a group name a in azure directory group group b in in intune group c in o365 so you can just come here and verify who created what which group and from where they can create it by this group type security group or 365 group okay okay this is not not no need to worry about it kind of stuff you just need to know okay coming back to presentation so intune supported operating systems as i already told you four is four major operating system supports supported by intune which is ios android windows mac so under ios there is the there is a version limit also apple ios 13.0 and later versions i think we i'm not an apple user but i'm not sure uh i think we are at 20 or something right 19 or something i don't know 15.5 15.5 okay okay so so apple ios 13 ago only supported by intune and also mac os 10.5 android 8.0 so it can it is also include samsung knox said zen app right no no linux linux no that is not cnx that is something uh the operating system name is not linux one flavor of linux will be supported uh that is also specific device uh i know about it uh the device also read read it no red hat is the operating system i know i don't really need some i'm not lining sky too oh okay go ahead no problem yeah i'll let you know if i remember it okay so that only specific operating system supports it what one specific flavor of linux you know how many flavors there are a lot of flavor i'll tell you if i remember so so this android 8.0 also and the enterprise android enterprises company owned android devices so in windows 10 our windows operating system which supports windows 10 and also windows 11 so all editions of windows 10 or 11.
example home means home edition s means standard edition pro education and enterprise so these are naming the standard and additions of our versions of windows so home home edition home version standard from professional education and enterprise so it can be managed with any of this operating system you can manage as i said yesterday surface hub so pcs on w365 so you know wp is still you know what is w65 windows on windows so so so now microsoft giving something called as w-a-a-s windows as a service okay yeah so they will just give you an operating system in build operating system they just just go there just configure just basic tenant configuration and use the machine that's it they'll just give a windows also everything basically when you when you have as you uh as your ad and i know as your portal log in as you as your tenant what you need to do you go there you create a virtual machine and you select your operating system and you wait for that mission to be prepared and come back and start the mission and use it that was a normal process but was windows as always just log in and register for was go to go to the portal ws portal and log in create an account and you can use a mission and it is not unlimited also depends on your licensing i'm not very familiar with the client music model of was but it's not even limited when you're when you when you configure like a number of i need 10 000 missions and if it it does not go for 10 i need 10 missions let's say example and your requirement your application using two missions example so it will automatically scale up and uh whatever the scale of the whatever period it is was using the 12 machines instead of 10 so that two mission additional amount would be automatically created or debited from your account so so that's how that's how they're developing okay so and windows 10 enterprise editions so you know ltsc and you know what is the difference between lts and uh the normal edition of the windows lts stands for long term service channel so basically if you take windows as an operating system so microsoft releases windows 10 let's go for windows 10 every four month they will release a version of windows 10 so let's say i'll show you this here windows 10 version 1709 rs3 so revision 3 so 1709 so after 17 000 means 2017.09 so after 1709 there will be 1803 released four months right so 1709 seven so plus four eighteen zero three so four months so 2018 sorry eighteen zero one right nine plus four that's thirteen right so that means eighteen zero one so windows 10 18 0 1 version will be released and then after that windows 10 1805 and then 0 9 and then 19 0 1 it follows like that so that that's called semi automa semi term service channel okay are limited limited term service channel so the actual four month service chart but when you when you take ltsc ltsc is long-term service channel which is released per year the next update for this particular version of windows 10 will be released in a next year let's say if it is a 2019 ltsc so you'll also have the next update of this 2019 ldnc will be available in 2010 sorry 2020 i'm sorry 2020 for 2021 it's local 2022 after one year long term means after long long gap of this so that long term what micro defined is one year so these versions will be supported okay so also in tune supported or you can access in tune uh basically these two portals azure portal and microsoft 365 admin center portal portals you'll be accessing from specific browsers microsoft device define this process only supported so it doesn't mean that other browser you can't access it you can access it but if it's not behaved properly it doesn't display data you have some issues also microsoft says like this is not a recommended browser by microsoft you can you cannot use this you have to use this so these the supported versions are are supported browsers for windows sorry microsoft in tunis microsoft edge safari google chrome firefox all our latest versions so microsoft will be updating their documentation so only here is safari is only applicable for mac you can't use a normal safari browser on windows and say like microsoft intune is not working that's again microsoft says like it's not supported version of web browser so you can only access this intune portal only from using this browsers any questions no so far good good awesome so late next part we'll discuss about device enrollment and mdm cycle and and mem so first we'll discuss about device i think this is miss pleased one minute yeah it should go up actually okay i just covered map this slide is misplaced okay that's fine no problem next we'll discuss about so from tomorrow uh with ninja will will do practical as in you already know how to set up this uh windows sorry the tenant and how to create an active directory are how to use an existing access directory and in tune you already know about it or you want me to go through that no i have it already i have already free trial into emsp tile already okay super so you already have this this this uh you know portals in place so we can direct it tomorrow from tomorrow we can we can do a theoretical discussion and practical discussion we can directly do it right yes but uh i have been requesting you so if is it possible to actually um do a migration as for example you have a maybe a demo on premier's uh eddy or not eddie actually so how to set up my priority will be hybrid setup so as for example i'm i joined a company they right now want to do migration from on premises device setup to intune so this is uh actually is it possible to uh for example in or if you said i can do it because i have already virtual box so on on if i just migrated from on premises to intune can you do this can you show me this you need to have azure active directory first on promises it's a lengthy process i'll tell you the theoretical part of it and you tell me whether you want to do it i can i can tell you no that's not a problem i can help you to set up it that's not a problem at all even that doesn't cover in this course that's but that's not a problem okay but the thing is i think basically this is important because uh actually this is uh every company will going for hybrid setup so as because every company has already owned device management like sccam or already have a ccm so if the company is a small company they want to hybrid setup so this is i think it is very important to know how to migrate on migration from on premises to into this will be very good for because i think we will we can cover everything very soon because i understand all the frames also and i'm familiar with them so if you add it if you take time no problem and also i can help you like i have on premises for school on images also i have it actually lab environment so if you are one environment and you also have azure active directory so you want to integrate you know you need to have as you as your ad connect so i already integrated so this is the process right this is the process that's it once you integrate with the azure active directory with your entrance directory basically what happens is i'll tell you the shift though it's it's safe it's not difficult i'll tell you i'll i'll let me simplify you know help you to simplify the process i think what i understand from your explanation is you think it's complicated or it's a big process it's very simple i'll tell you oh uh so just let me ask some questions and i can understand so hold on so i'll first explain the process i mean which you already done it actually in your lab and then you ask your questions okay so basically i'm trying to explain the background process of it not the the actual what you've done okay so so basically what is your so what is your requirement to integrate your own premises with azure so what you want to integrate it you want to you you want why you want to integrate first question because you want to manage this this on-premises devices endpoints from azure also that's your that's your requirement right so you want to manage this so you if you want to manage this what is what you needed you need so if you have on drums devices that's a 10 device you have and you want to manage with azure so how can you manage with azure you need these devices to be replicated are showed up in azure if it is showed in azure you can manage it no problem so you need to bring these devices from on premises to azure that's your requirement once you have it in azure you can manage it no problem right that is your requirement so what is the best way to achieve it how can i get my on promises device so to azure so okay let's go back to on-premises where i have my device information my user information my group's information in my on premises i have it in as you active directory on-premises activated so can i get this active directory information to azure yes you can get it so what is a method to get it so once you have this information i this this computer information user information azure you can manage it simple but to get there what is the process you need to figure out so the process is there is a microsoft provided simplified process it was a very lengthy process previously but they introduced a concept called azure ad connect so basically you're connecting your on-premises ad to azure ad using this ad connect so once you run this tool in your on-premises active directory joined machine are from as you know the on-premises domain controller you can create a separate mission for this add that mission to on-premises ad and then run this tool it will ask a few informations as in what is your id and what is your dns name and where you want to what your destination uh tenant name or the domain name where you want to integrate it for once you've done that so it captured the on-premises schema active directory schema nothing but the information which presents in active directory on-premises will replicate this data to azure ready so as you ready already will have your device information which are part of on promises so once you have the devices you can manage it simple now you ask your questions uh so i know the processor i did already several times so my question is because uh is on premises device uh controlled by ssm not accurately because an on premises setup so how no that the treatment is actually if you are if you ask me technically the statement is not correct okay i'll tell you why it's not correct so accm doesn't manage it basically accm doesn't have this information okay who will give this information decision active directory active directory yes you don't have access you don't have sscm to be asked i mean you have if you have sscm also you don't have the things to manage it okay yeah go ahead oh so if you said like this uh yeah this is good so i i know the process also okay i already did it i have one premium server it is syncing with password authentication with uh of my azure azure uh azure what's called um so yeah i know the process don't worry okay go ahead not worry so okay so so that once you integrated that that is very simple like you can create a group you can add you whatever what is your you what you want to manage is is the next thing to concentrate on so basic see our job is not done by just integrating on drums id to azure reading but you're sure that the replication is happening yeah replication is happening you can see device into azure because yeah because i did not manage i i just managed only user i'm i don't care about the device this is the my question okay because we we we are using just user not device so this was the problem that's right okay so so basically when you integrate it it comes device as well as user device user and also security groups one integration with it as you once you run it a azure ad connect it it comes it not only gives information of users or devices it gives information all of them user devices security groups i mean okay i got it so that's what once you have it you're fine you can just manage it like whatever so example group policies you you want to export it from android which is an important to uh uh in tune and manage from there and deploy applications you want to do it and patching also you want to do it from intune whatever you want to do it and then you can again you need to set the mdm authority and then you're good so yeah so any other questions before we go to let me just so you said you said i can i can do patching also from my uh sorry intune process that's for example it's not simple as simple as sscm so uh so you have to use you know cmz or if it is it will you have on premises if it is only uh only cloud devices there is a there is a process to do it uh but if it is uh on-premises device also there and you won't do it from intune that is you need cmg you need a distribution point cloud distribution point and all those things you needed you need to have a bit of secm knowledge about it but you can do it so if i actually work for device management for a company actually intune administrator into an engineer so i have to do it right yeah you have to do it so definitely we'll cover this for this topic in course right thing of a device from intune standalone we are going right it is not on promises we will stand around we can give we i can explain you uh but definitely please it's just a i think we can uh we no need uh long term for the course but uh can you just edit for me actually or because i need to i i think our in in new york usa most of the small company are actually going to hybrid setup so if i go in interview defeat they will ask me how to actually patched on primitive device also without from it yeah see there is a cmg you need there is a cloud distribution point you need uh so to enable cm you need some certifications things i i'll explain you the process that's not the problem okay okay okay so okay we are disk so i think all the time let me just check we have two minutes left uh but this is a lengthy topic lady no problem we will do later okay yeah but you are not coming tomorrow right you are not available tomorrow right um tomorrow or maybe no not tomorrow is my first day joining with the company so i have to go actually on site and this morning so it's better off tomorrow okay okay we are coming day after tomorrow yeah after tomorrow then okay so we'll start in day after tomorrow this is a complete completely new section like device enrollment we'll talk about how to how what is a device enrollment and how how many devices uh when i want i want again i said right tomorrow we will have first discussion of theoretical and then practical how to enroll using one method i'll show i'll let you know i'll let your device to enroll to you your tenant to i mean i'll make sure that theoretical also practical also cover the next session i mean if it is not if it is a day for tomorrow okay okay yeah thank you let's meet on day after so from here uh i mean from next class everything will be off session theoretical opposition practical most of the questions if it is a theoretical class taking more time i mean it may and also i mean to say i'm saying like we may go at 70 minutes or 75 minutes or 80 minutes also i'm just letting you know no problem no problem go ahead i have no problem you're right so that's right okay so we will go in detail okay okay so any questions no so far so far good yeah so if you have any feedback for me like uh uh like i want to say like it is my way of explanation is good you're able to understand and and the pace is good and uh topics are good are anything you want me to add it or anything you want me to you know so let's say you want me to give more examples or anything so actually you said nothing prerequisite for the course you said right so um if you as for example i have some friend but uh if they cannot uh they they will not they are not able to understand this type of uh actually so see again i will not start the same for the way i started not yeah no that's what's it that's what i said maybe you said yeah you ready connect because i did it already uh just so i yeah but so for them actually you need to add something actually i'm talking about for them but i think i understand because i have some knowledge about this topic i did office 3665 also so i have knowledge in system also that's right i work at ccm something like two months only and i also uh i have experience with office 65 also that's right but uh they have not so let's uh see what happen definitely we'll add something between it and i requested you to just uh give me a real-time scenario most of the time because i want to go market after the course surely yeah no problem that won't be any issue thank you sir thank you so much appreciate it okay have a good day bye you too bye