Home » Blog » DeployIntune configuration tool review

DeployIntune configuration tool review

DeployIntune Review
Share this article

In this article, Peter von Oven looks at the DeployIntune tool created by Intune expert Andrew Taylor and gives a step-by-step walkthrough on what you get and how to use it for your first (or next) Microsoft Intune deployment.

Microsoft Intune is a cloud-based unified endpoint management, or UEM solution, enabling businesses to manage the device estate, including Windows and non-Windows devices such as smartphones and tablets.

In this age of the modern workspace, or digital workspace, end users access corporate data and applications from multiple devices, including devices that may not be corporately owned. As a result of their accessing this data regardless of location, controls need to be implemented to manage these devices and what they can and, more importantly, cannot access.

This is where Microsoft Intune comes into play. Intune provides a platform from where devices can be managed (MDM or mobile device management) or application access can be managed (MAM or mobile application management).

Deploying Intune delivers features and capabilities designed to manage multiple device platforms, manage applications, and protect corporate data, but it also forms a key component to delivering a zero-trust strategy when deploying Microsoft cloud environments. It provides this with tight integrations with Azure AD, Windows Autopilot, Microsoft Defender for Endpoint, Microsoft 365, and Windows Autopatch.

Over time, Intune has grown from being a simple MDM tool to a solution that can manage more and more types of devices and services. As such, this has added to the overall complexity of working with Intune, especially for administrators just starting and trying to understand where to start, what policies and rules should be deployed, and what apps should be delivered. The setup process is defined in the following graphic:

Set up and deploy Intune

I’ve had first-hand experience of this, having worked recently with several organisations whereby some have already deployed Intune but are unsure of what configuration and policies are actually in place or being enforced or which apps are being delivered. A lack of documentation has further complicated what has been done already. Rather than spending hours unpicking what already exists, the only option is to start over.

Then there are those I have worked with who are still procrastinating about what to configure and what apps are required. Even to the point of what devices are even being used.

To summarise, Intune is a comprehensive yet complex tool that, to those not experienced in using it, could seem quite daunting to even start using.

Luckily, there’s a solution with the DeployIntune tool.

Getting started with Intune and the DeployIntune tool

We’ve already stated that Intune is a powerful tool for any organisation to take advantage of the features it delivers for managing apps and devices, but with that power comes the complexity of getting it up and running in the first place.

DeployIntune provides a kick-start to deploying Intune in your environment, delivering fast and simple enrolment and then delivering a preconfigured baseline configuration as a starting point using a full Intune/Entra base configuration including the following:

  • Entra Users
  • Entra groups
  • MDM Scopes
  • LAPS configuration
  • Conditional access policies
  • Security policies using best practice
  • Office configuration
  • Windows update configuration
  • Baseline Android and iOS configuration policies
  • M365 applications

In around 20 minutes, it delivers everything you need to get started and can save you hours, if not days, which pays for the tool several times over.

Peter

So how does it work?

First, visit the DeployIntune page on the Algiz website or go directly to DeployIntune.com. Regardless of where you go, you get an introduction to the service, an explanation of how it works and a link to pay securely using Stripe. Once that’s done, you’re presented with the Welcome screen.

Deploy Intune welcome screen

Clicking the “Enrol my tenant” button takes you to a login screen where you can enter your organisation’s username, email address, and password. You’ll need an admin account for your organisation to perform the enrolment process due to the required permissions.

Once you’ve completed this step, you’ll be shown what permissions have been requested so you know precisely what has been configured and the access permissions defined.

Accepting the permissions takes you to the next screen, a second welcome screen, which also provides you with the six steps you’ll work through to get up and running, along with additional information and instructions.

Deploy Intune instructions

Once you’ve read and digested what the tool is going to deliver, you can click to move to the following steps, which is a simple form that asks you to enter your company name, email address and then the URL for the default website that you want to set for the Edge browser. This means you’ll be taken to this website when you log in and launch Edge. This could be your intranet or website.

You also have the option to set the image that will be used for the desktop wallpaper on the enrolled device. For example, this could be your corporate image containing information you want to display to end users, such as helpdesk phone numbers, email addresses, etc.

That’s it for the initial setup phase. It is as simple as that. Your tenant is now all configured and ready to go.

So, what’s next? You’ll receive an email with a link to the documentation page, or “Info and Links”, as it’s called. The documentation page is well worth exploring as it contains links to useful documents you’ll need to help fine-tune your environment. Probably one of the most useful docs is the Tenant Documentation, which is a 157-page guide as to what has been configured as the baseline deployment.

As part of the documentation, you’ll find links to the enrolment guides, which lead nicely to the next step – enrolling devices.

As part of this review, a new Windows 11 virtual machine was built. Once the initial build had been completed, I followed the subsequent instructions, which basically consisted of running four PowerShell scripts. A couple of things that would be useful and help in the future, especially if you’re relatively new to PowerShell, is to provide screenshots in the documentation of the expected output from running these scripts to compare in case of troubleshooting.

Other than that, the enrolment process was as smooth as you’d expect, and the Windows 11 machine was successfully set up and configured with the baseline Intune configuration.

Results of using the tool

With the desktop successfully enrolled, apps deployed (in this example, M365), policies configured, and the background wallpaper uploaded during the welcome form completion added, the desktop is ready for use.

Summary

The DeployIntune tool gives you everything you need to kick-start your Intune deployment. A simple form to complete gets you up and running in around 20 minutes, from the beginning to the desktop being enrolled, customisations being configured, and applications being deployed.

As mentioned earlier, this alone can save you hours, if not days, in getting started and paying for the tool several times over.

But this is just the beginning. DeployIntune deploys a standard baseline configuration, but you’ll need to work through these policies and settings to ensure that they meet the requirements of your organisation and specific use cases you may have that require something different.

For example, I would classify myself as a power/dev type user, and the Intune configuration applied by default blocks the command line. Therefore, when reviewing policies and configurations, start with users and groups to understand who needs what before you stop people working. Think along the lines of AppLocker, which, if you don’t deploy the default rules, you end up making the desktop pretty unusable.

As part of that review, consider the additional apps you’ll likely need to deploy, who needs them, and how to scale out to include other device platforms. Algiz provides a Microsoft Intune Consulting service, so once you’re up and running with DeployIntune, they can give you more help, or you can just let them manage it for you.

Here be gold!

Get expert-led articles to simplify packaging, delivery and virtualisation!

We don’t spam and you can unsubscribe at any time.

By signing up, you acknowledge the data practices in our Privacy Policy.

About the Author(S)

Peter von Oven

Peter von Oven is an experienced technical consultant working closely with customers, partners, and vendors in designing technology solutions, to meet business needs and deliver outcomes. During his career, Peter has presented at key IT events such as VMworld, IP EXPO, and various VMUGs and CCUG events across the UK. He has also worked in senior presales roles and presales management roles for Fujitsu, HP, Citrix, and VMware, and has been awarded VMware vExpert for the last nine years in a row and vExpert EUC for the last three consecutive years. In 2021, Peter added the vExpert Desktop Hypervisor award to his portfolio of awards. In 2016, Peter founded his own company specializing in application delivery. He is also an avid author, having now written 18 books and made videos about VMware end-user computing solutions.

Share this article