Azure Active Directory and Microsoft Intune: A Match Made in a Mobile-First Heaven

Patrick Renzi

Azure Active Directory and Microsoft Intune aren’t exactly spring chickens. Both platforms have been around for the better part of this decade, and are a living embodiment of aging gracefully. Standard and primary features remain, but like most technologies, they have expanded since their inception. Intune began its life as a mobile device management tool, and Azure Active Directory offered single sign on for any of your cloud applications. In the beginning, there wasn’t much to indicate these platforms could be used to manage users and devices. But that was then, and this is now!

So, What’s Changed?

Let’s take a look at Intune first. With Windows 10, Microsoft pushed its signature offering into a more mobile-friendly format. The traditional desktop management with sheltered images, piece-meal patching, and delayed updates are gone. Branch model servicing meant users were getting new features as Microsoft released them—features enabling users to do more when they weren’t tied to their desks. Modern IT departments needed new device management tools that could match this flexibility and mobility. They looked to the Microsoft cloud ecosystem to find a solution. As Windows 10 became more mainstream, Microsoft made sure to enhance Intune alongside their operating system. Today, Intune allows organizations to manage local profiles, app permissions, Bitlocker encryption, and even the versions and features of the Windows 10 operating system. Along with the user management capabilities in Azure Active Directory, traditional GPO boundaries are being replaced by Intune.

Speaking of Azure Active Directory

Azure Active Directory lets you easily domain-join and manage Windows 10 devices. Together with Intune, Active Directory lets you restrict data privileges, and even restrict and monitor network access using a conditional access feature. Additionally, Azure Seamless Single Sign-On automatically signs you on to domain-joined devices with Office 365 services, such as Microsoft Teams, Exchange Online, SharePoint Online, and any SAML 2.0 authenticated applications configured using Azure Active Directory’s App Marketplace. Have a custom-built Web application critical to your business? Consider hosting on Azure IaaS with an Azure Active Directory Application Proxy, and use pass through authentication to further extend this capability to users. Windows Autopilot, another feature of Azure Active Directory and Intune, enables seamless imaging and provisioning of new devices. Not all organizations can rip and replace all Active Directory scenarios into Azure Active Directory. For a number of valid reasons, organizations will look to maintain local management of their assets and systems. Consider a hybrid approach in these scenarios, based around the Azure Active Directory Connect Server and numerous identity management options.

Master Your Productivity

The best strategy is a cloud-first, mobile-first strategy, and organizations are looking for industry leaders, like Microsoft, to help them stay secure and productive anywhere. Turn to Connection and Microsoft to work on your applications on any device, from anywhere in the world. Contact us today to learn more about how the powerful features in Azure Active Directory and Intune can maximize productivity and advance your organization in today’s increasingly mobile world.

Patrick is a Solution Architect for Microsoft Cloud Services at Connection. He specializes in Microsoft Office 365, Intune and Azure Active Directory. In his free time, he enjoys Skiing, Golfing, Gardening and Hiking.