Microsoft Cloud Skills Champion

ChallengeRegistration linkChallenge leaderboard
Azure DeveloperRegistration LinkChallenge leaderboard
Azure DevOpsRegistration LinkChallenge leaderboard
Azure DataRegistration LinkChallenge leaderboard
Azure AIRegistration LinkChallenge leaderboard
PowerApps DeveloperRegistration LinkChallenge leaderboard
Extending M365 – DeveloperRegistration LinkChallenge leaderboard
Cloud SecurityRegistration LinkChallenge leaderboard

Sharpen your team’s technical skills with the Cloud Skills Challenge

Receive a voucher code that provides 100% off the cost of a certification exam
(terms and conditions apply).

Posted in Azure, Microsoft, Microsoft 365, Office 365 | Leave a comment

Windows Client Modern Desktop PC Management WorkshopPLUS Activate Hands On Labs v1910 MD365

  • Download Hydration Kit (Provides a fully automated approach to creating Modern Desktop lab environment with minimal configuration required.)

*** DOWNLOAD v1803 (custom Active Directory domain PowerShell Scripted version)

Modern Desktop ECIF Program for Partners

Partners deliver experiential events to drive integrated deployment of Windows 10, Office 365 ProPlus and EMS utilizing the Modern Desktop End Customer Investment Funding (ECIF) Program for Partners. Proof of Concept (PoC) and Production Pilot engagements with enterprise customers are the core of the Modern Desktop ECIF program, and the entry point for delivering larger engagements.

Drive Deployments

Integrated deployment of Windows 10, Office 365 ProPlus and EMS supports efficient, secure delivery of productivity apps throughout the enterprise. Provide your customers with your expertise to ensure the smoothest deployment experience possible. Explore the Microsoft resources available to help you deliver best in class deployment experience.

Tell the Modern IT Security Story

Gain visibility and control over security. Benefit from the flexibility and freedom to easily manage security with built-in controls, plus take advantage of security intelligence and guidance to enhance your security posture and defend against threats.

Execute these engagements on a per-customer basis

Work with your customer on a 1 to 1 basis.

Download Microsoft Content: All partners are eligible to use the Microsoft provided content. Partners will get a choice of technology modules to choose from depending on the customer’s situation.

Eligible Funding: Microsoft provides funds to execute select customer engagements. The funding varies depending on location and which approved module will be delivered. Partner may request funding through their Microsoft representative or through FastTrack.

Modern Desktop Pilot

  • Deploy 500 seats each of Windows 10 Enteprise and Office 365 ProPlus under production environment
  • Click here to nominate customers

(30-75 day)

Modern Desktop PoC

  • Showcase the value of Windows 10 Enterprise and Office 365 ProPlus
  • Hands on experience of deployment
  • Educates customers toward semi-annual channel
  • Click here to nominate customers

(5 day)

Modern IT Enterprise Security PoC

  • Hands on experience of Windows 10, Office 365 ProPlus and EMS Security featres including Windows Defender ATP and Office 365 ATP
  • Drive Microsoft 365 E5

(5 day)

Windows 10 and Office 365 ProPlus Servicing Pilot

  • Establish an end to end process for servicing Windows 10 Enterprise and Office ProPlus at a quicker cadence.
  • Module IP only, ECIF funding not provided

(21 day)

Modern Desktop for Firstline Worker PoC

  • Establish use case and viability for introducing NEW cloud-ready, modern end-point running Windows 10 Enterprise in S mode.
  • Deploy 250 devices using the new end to end servicing process

(5 day)

Posted in LABS, Microsoft 365, windows 10 | Leave a comment


Go to this Sway


Posted in Uncategorized | Leave a comment

Intune EMS Discovery Questionnaire for FastTrack


What would you like to accomplish with Intune?


  • Modern IT Enterprise Security PoC

From <>



      • Modern Desktop Deployment Center

From <>

      • What’s new in Microsoft Intune

From <>



Getting Started: People, Process and Technology Guidance

Discover the benefits of a modern desktop, major changes and considerations versus previous deployments and best practices to ensure a smooth transition to Windows 10 and Office 365 ProPlus.

Step 1: Device and App Readiness

Begin your desktop deployment project with an inventory of your devices and apps, prioritize what you to move forward, test prioritized apps and devices, then remediate what’s needed to get ready for deployment.

Step 2: Directory and Network Readiness

Cloud connected services in Office 365 ProPlus and new deployment options like Windows Autopilot require Azure Active Directory. Your network and connectivity are also important areas to plan when moving Windows images, apps, drivers and related files to your PCs. Learn how new tools and deployment options reduce and streamline network traffic.

Step 3: Office and LOB App Delivery

Ensure your apps are packaged and ready for automated installation. Learn how Click-to-Run packaging with Office 365 ProPlus gives you new options to configure, deliver and keep your Office apps up-to-date.

Step 4: User Files and Settings

When refreshing or replacing PCs, save time by automating user state backup and restore. New options for cloud file sync allow you to enforce per user sync of Desktop, Documents and Pictures folders to OneDrive for seamless file access from new Windows installs.

Step 5: Security and Compliance Considerations

Windows 10 and Office 365 ProPlus provide new ways to protect your data, devices and users and quickly detect and respond to threats. Also, learn how to deal with common problems associated with disk encryption, anti-malware apps and policies when moving to Windows 10.

Step 6: OS Deployment and Feature Updates

Task sequence-based deployment is used to automate large scale, phased deployment for bare metal installs, PC refresh and PC replacement. Upgrade task sequences will also help you stay current with major semi-annual updates. And Windows Autopilot is a recent addition that modernizes the new PC acquisition process.

Step 7: Preparing for Windows and Office as a Service

Both Windows 10 and Office 365 ProPlus continually add new capabilities to keep bringing user experiences and security forward with the latest innovations. Learn how to stay current with semi-annual and monthly updates, how the new servicing model works and the tools and options you have.

Step 8: User Communication and Training

Make sure your users are informed about new experiences and new ways of working as you shift your PCs to Windows 10 and Office 365 ProPlus. Learn how to take advantage of user adoption assistance with Microsoft FastTrack, training materials and communication templates, as well as new ways to monitor user acceptance and usage.

Get your Leadership on Board: Value Discovery and Business Case

If you’ve done your deployment research, assessed app and device readiness, built your deployment plan and started piloting your deployment, but don’t have the support or resources needed from your management team to meet your deployment timelines, the Business Value Programs at Microsoft can help. Learn how to build a business case for a modern desktop and help get everyone on board.

From <>



  • Mobile Device Management (MDM)

Provide a self-service Company Portal for users to enroll their own devices and install corporate applications across the most popular mobile platforms (Requires System Center)

From <>

From <>


Deploy certificates, WiFi, VPN, and email profiles automatically once a device is enrolled, enabling users to access corporate resources with the appropriate security configurations

  • How to configure Wi-Fi settings in Microsoft Intune

From <>


Deliver comprehensive settings management for mobile devices, enabling the execution of remote actions such as passcode reset, device lock, data encryption, and full wipe to protect corporate data on lost or stolen devices

  • Remove devices by using wipe, retire, or manually unenrolling the device

From <>

  • How to wipe only corporate data from Intune-managed apps

From <>



Protect corporate data by restricting access to Exchange email, Outlook email, and OneDrive for Business documents when a user tries to access resources on an unenrolled or non-compliant device based upon policies set by the administrator

  • App-based conditional access with Intune

From <>


Simplify enrollment of corporate devices with bulk enrollment using Apple Configurator or a single service account, enabling IT administrators to set policies and deploy applications on a large scale

  • Enroll iOS devices with Apple Configurator

From <>


Streamline the enrollment of iOS devices purchased directly from Apple or an authorized reseller with the Device Enrollment Program (DEP)

  • Automatically enroll iOS devices with Apple’s Device Enrollment Program

From <>


Enable the enforcement of more strict “lock down” policies for Supervised iOS devices, Android devices using Kiosk Mode, and Windows Phone devices using Assigned Access

Mobile Application Management (MAM)

Enable your workforce to securely access corporate information using the Office mobile apps they know and love while preventing leakage of your company’s data by restricting actions such as copy/cut/paste/save in your managed app ecosystem

Manage Office mobile apps with or without enrolling the device for management to protect corporate information without the risk of intruding on a user’s personal life

  • How to Enable Intune MAM without Enrollment along with Conditional Access

From <>

Apply the same management policies to your existing line-of-business (LOB) applications using the Intune App Wrapping Tool, without requiring code changes in those LOB apps

Allow users to securely view content on devices within your managed app ecosystem using the Managed Browser, PDF Viewer, AV Player, and Image Viewer apps for Intune

  • Manage Internet access using protected browser policies with Microsoft Intune

From <>



Allow administrators and device users to protect corporate information through selective wipe of managed apps and related data when a device is unenrolled, no longer compliant, lost, stolen, or retired from use


  • How to wipe only corporate data from Intune-managed apps

From <>



  • PC Management


Integrate your existing System Center 2012 Configuration Manager infrastructure with Intune, further enhancing your ability to manage PCs, Macs, and Unix/Linux servers, as well as mobile devices from a single management console, while building on existing investments and skills





Provide real-time protection against malware threats on managed computers, keep malware definitions up-to date, and automatically scan computers to help protect against malware infections and other potentially unwanted software


  • Enable Windows Defender ATP with conditional access in Intune

From <>


  • Endpoint protection settings for Windows 10 (and later) in Intune

From <>


  • Help secure Windows PCs with Endpoint Protection for Microsoft Intune

From <>


  • Manage software updates in Intune, Windows Update for Business

From <>




Collect information about hardware configurations and software installed on managed computers, allowing you to generate reports, organize groups of computers, and more effectively target software deployments


  • Use the Intune Data Warehouse

From <>



Simplify administration by deploying software and configuring Windows Firewall settings on computers based upon policies defined by the administrator


  • Help protect Windows PCs using Windows Firewall policies in Microsoft Intune

From <>


Enable administrators to push required apps automatically during enrollment and allow users to easily install corporate apps from the self-service Company Portal


  • Assign apps to groups with Microsoft Intune

From <>


  • How to configure the Microsoft Intune Company Portal app

From <>


  • How to manage apps you purchased from the Microsoft Store for Business with Microsoft Intune

From <>



Provide the ability to deny specific applications or URL addresses from being accessed on mobile devices


  • Manage Internet access using an Microsoft Intune policy-protected browser

From <>



What would you like to accomplish with Azure Active Directory Premium?

User/group management (add/update/delete)/user-based provisioning, device registration


  • Set up enrollment for Windows devices

From <>


  • Azure Active Directory integration with MDM

From <>




Single Sign-On (SSO)


  • Azure Active Directory Seamless Single Sign-On

From <>


Azure AD Pass-through Authentication and Seamless Single Sign-on


Self-service password reset/change/unlock with on-premises write-back


  • Tutorial: Enabling password writeback

From <>




Application proxy


  • How to provide secure remote access to on-premises applications

From <>


Self-Service Group and app Management/Self-Service application additions/ Dynamic Groups


  • Set up Azure Active Directory for self-service group management

From <>


  • How to configure self-service application assignment

From <>


Multi-factor authentication (cloud and on-premises (MFA server))


  • Which version of Azure MFA is right for my organization?

From <>


Cloud app discovery – Allows you to run a discovery on applications that use your corporate email addresses


  • Set up Cloud Discovery

From <>



Connect Health – Includes ADFS, ADDS, and Directory Synchronization Health Monitoring from the cloud


  • Azure Active Directory Connect Health: Monitoring the sync engine

From <>



Azure Conditional Access based on group and location


Best practices for conditional access in Azure Active Directory

From <>


Conditional Access in Enterprise Mobility + Security


Azure Conditional Access based on device state (Allow access from managed devices)


  • How To: Require managed devices for cloud app access with conditional access

From <>



Join a Windows 10 device to Azure AD, Desktop SSO, Microsoft Passport for Azure AD, Administrator Bitlocker recovery


BitLocker Management for Enterprises

From <>



MDM auto-enrollment, Self-service Bitlocker recovery, additional local administrators to Windows 10 devices via Azure AD Join, Enterprise State Roaming


Please describe in some detail what your requirements are for securing your environment.

(Does not need to be elaborate and does not need to pertain to EMS)





  • All the links / resources shared through the chat window”

  • 2. Planning guide

  • 3. Deployment guide

For the GPO to Intune CSP migration. MMAT-MDM Migration Analysis Tool


From <>

Posted in Documents, elearning, Enterprise Mobility Security, Microsoft, Microsoft 365 | Leave a comment

Work Folders vs Offline Files vs OneDrive (comparisons chart)



Posted in Uncategorized | Leave a comment