Managing devices in an organization are becoming more complex as more and more devices are introduced. And it becomes essential to look for modern solutions that can effectively manage these modern devices, streamline workflows, and lessen the administrative burden. Automating device management is a key feature of any mobile device
Managing devices in an organization are becoming more complex as more and more devices are introduced. And it becomes essential to look for modern solutions that can effectively manage these modern devices, streamline workflows, and lessen the administrative burden. Automating device management is a key feature of any mobile device management (MDM) solution. Automating device management tasks provides organizations with multiple benefits, including:
Practically, you cannot automate everything in device management as there will be specific workflows or tasks that either cannot be automated or it could be that you would not like to automate them. The most crucial challenge, then, is how to differentiate between jobs that can be automated and those that are best left to MDM admins. To answer this, as an MDM admin, you need to filter out the following:
Finding the ideal process to automate might be difficult because it must first satisfy a number of conditions. However, to ensure streamlined & automated user-app-device management, you must select and automate the right task!
It is challenging to cover all use cases in this article because Intune can now manage SIX different types of device platforms, and several device types are inside each. So I’ll go over a few typical device-user-app management activities that are simple to execute, yield instant advantages, and are widely used. I have tried to scope them by type of tasks. Let’s get started, then!(Apologies to the MEM community experts if I have missed mentioning your blogs/article)
The Mobile Device Management lifecycle starts with device provisioning. If you are provisioning & deploying corporate devices daily without Zero-Touch, then this would be the first task you should automate. Depending on the type of device/platform you are provisioning, the provisioning method and automation also differ. Intune currently support zero-touch provisioning for the following platforms:
Zero-touch provisioning is a method of setting up devices that automatically configure the device using certain inbuilt/custom features. Zero-touch provisioning helps IT teams quickly deploy corporate devices in a large-scale environment, eliminating most of the manual labour involved with adding provisioning and managing them.
Zero-touch provisioning is also used to automate the system updating process. You can also use your own custom scripts to pre-configure the devices so that they can be enrolled and managed through your device management platforms.
Windows Autopilot is a cloud service provided by Microsoft that makes it easier for device management admins to provision Windows 10/11 devices on the go. With Windows Autopilot, administrators can avoid building custom images for each device and maintain them. With each new Microsoft update, admins must update the images and start the process repeatedly. With Windows Autopilot, administrators can instead automatically provision the devices with the necessary settings and configurations.
One of the most useful features is customizing the OOBE, which is the setup wizard, wherein, for example, you can restrict the user from being a local admin, enable self-deployment mode or even provision the machine with a corporate nomenclature. Administrators can remotely reset the devices and re-deploy them to another user using the Autopilot reset option. The device is ready for you to use right away. You need to connect to the internet, and it will be ready for you!
Bulk provisioning can be automated in a number of ways, including through custom connectors, PowerShell, Graph, Power Automate, PowerApps, and Logic Apps. If you look for these, you can easily locate the information on blogs written by community experts. I’ve provided links to a couple of them below to save you time:
Apple devices can be handed out to employees directly and used right out of the box with Apple Business Manager without requiring manual configuration. Additionally, thanks to flexible deployment models for all Apple platforms, as an IT admin, you can provide workers with the appropriate apps for the job more quickly than before.
Apple Business Manager is a web-based portal for IT administrators to deploy iPhone, iPad, iPod touch, Apple TV, and Mac, all from one place. Working seamlessly with a mobile device management solution, Apple Business Manager makes it easy to automate device deployment, purchase apps, distribute
content, and create Managed Apple IDs for employees. With Apple Business Manager, every iPhone, iPad, and Mac can be set up and configured automatically—eliminating the need for IT teams to handle each device individually. IT can also purchase and distribute apps for employees and enable employees to use Apple services with a Managed Apple ID.
Some the blogs to refer:
Similar to how you use Apple DEP to enrol large numbers of Apple devices, you can use Android Zero-Touch Enrollment for bulk provisioning Android devices. Android Zero-Touch, commonly called Android ZTE, allows IT admin to bulk deploy corporate-owned devices without configuring each one individually. When the devices are switched on, and the initial network connectivity is successfully established, they are silently added to the MDM.
Samsung Knox Mobile Enrollment, commonly referred to as Samsung KME, helps you set up Intune for enrolling supported Samsung Enterprise Android devices. Using Intune with Samsung KME, you can enrol many company-owned Android devices when end users turn on their devices for the first time and connect to a Wi-Fi or cellular network. Also, devices can be enrolled using Bluetooth or NFC when using the Knox Deployment App.
Here are a few noteworthy blogs to refer:
Deploying apps is also one of the essential device management operations in a managed environment. A manual process of assigning and configuring the apps for each new device is not very effective. You may easily set a dynamic policy with the apps to be installed using an MDM like Intune or can try to automate the app deployment.
Again, depending upon the platform to be managed, the app type and distribution mechanism differ. For example, if it’s a public store app, then for Windows, you have the new Winget-based Microsoft Store; for Android, it’s Enterprise Google Play Store; similarly, for Apple devices, you have VPP apps. And the list of some of the blogs to get started with automating app deployment:
BAU, or Business As Usual, happens after the devices have been enrolled/registered and distributed to the end users. The end user’s devices must be supported, and you must carry out specific tasks, deploy apps, and create and publish reports. Most tasks are time-consuming and repetitive, making them the ideal candidates for automation. Again, I wouldn’t want to reinvent the wheel because plenty of blogs and articles can help you comprehend and begin automating these processes. I’ve included a couple of blogs below for your quick reference:
Similar to onboarding, offboarding devices or deleting corporate data from corporate or personal devices can also be automated. You can remove the device(s) from enrollment or delete the user from the portal. This eliminates the policies that were related to the user or device. Here are a few blogs to refer to:
There is so much happening in the device management world that it is impossible to catch up on everything. But there are two super newsletters that you should subscribe to be always updated:
The purpose of this blog article was to provide you with a quick overview of how automating your everyday Intune operations may help you tremendously and to prompt you to implement automation so that, as an IT administrator, you can save time and improve your client device management environment.
Automating device management becomes necessary as the number of devices you manage increases daily. This is necessary since it will help you in a number of ways, including decreasing repetitive work and increasing productivity.
That’s all for this week. Thank you for reading, and please share your feedback.
