Description: This article focuses on the outlook 365 login. You will learn what Microsoft 365 Business brings to Windows users and devices, getting a deeper understanding of how Azure Active Directory and Microsoft Intune work together to enable upgrade and management scenarios.
My name’s Mike O’shea. I’m a Microsoft MVP for Windows for devices and IT. Today I’ll be running through Windows 10 management with Microsoft 365 business. First of all what’s Microsoft 365 business?
It takes components of Microsoft Intune of your Active Directory and combines them with the Office 365 business premium product. I’ll give you a breakdown in terms of what’s included with the skills as we go in more detail.
But I thought rather than spending a whole bunch of time going through all the introduction sides, let’s jump straight in.
The first thing that I want to highlight is that one of the core parts of this when it comes to the Windows 10 management PCs which is leveraging the Windows 10 autopilot capabilities, so in this case, all I need to do is to sign in.
Before I signed in, this is a new machine, so it’s coming out of the out of box experience, but it’s already got co-branding which was creative enough to give it the windows logo, probably that shouldn’t go to give it something a little bit more identifiable as something that’s not standard.
It’s telling me to enter my work email and get some co-branding as well as some additional sign in text. I’ll need to enter my password twice. Now, once that happens, it will walk us through a few steps.
The first step is going to be that it will ask me to start setting up for a pin, but then as it does, that it will also ask me to go through and verify credentials. So what you start seeing is capabilities like your multi factor authentication.
With the pin capabilities, you can start seeing how we can leverage windows for business for example. These are things that don’t take too long, I’ll let that run in the background for a moment and while that’s happening, I’ll jump across to a machine where they run through this process.
I can walk you through a few of the things that you should expect and you’ll see this on the other machine as well. So first of all we’ve got this magical thing called Windows 10 business.
This is not a new skew. This is Windows 10 pro being managed through this environment, so if you look at any price lists and you look for a Windows 10 business, you won’t find anything because it’s pro.
But in this case, it’s probing managed through Microsoft 365 business. As that happened, let’s jump back to set the pin up. As that goes through that initial setup process there will be a few things that will be obvious.
The first thing you’ll see is that we’ve got to customize desktop background. So this is because one of the inclusions is the enterprise state roaming capability, normally you’d need to get your Active Directory premium.
In this case you get this available as part of the skew things like your browser settings, passwords. Whatever it is that you want to synchronize between multiple devices, we can start doing through here, you can rest assured that it’s stored safely back in back-end encrypted storage.
Now other things are going on behind the scenes, hopefully I’ve given it enough time, we’re on the network for the event, some of this stuff can take a little bit longer than what we’d normally see.
I was going to be a little bit more patient. But what will happen within a short time period is that Microsoft Office will start getting pushed down to this, and this is doing a regular office click to run installation, but purely through MGM.
These were some special Csps added into Windows 10, it could pull this down, because with Windows 10 even though you can do application installs, they have to be packaged as an MSI. But for the cause of how critical it is to make sure that office gets deployed, this is something that we can go through and have office deployed via diem.
We can see some of the components such as the only diem client, which are effectively the Windows 10 in diem capabilities. Now that’s going to take a little while to kick in, but you can already see some of the customizations running.
We’ve got Excel sitting here, let’s fire excel up. I can show you the version of officers. We’ve got surprise at some point. Recently a very new version of Excel was installed, because when we go through and sign in, we automatically get issued a token.
Because we’re signing in directly against as your Active Directory. So the first time I open up office, office goes through and says, I recognize who you are. It automatically logs me in and it also automatically activates for me.
But someone may have already used Office 365 pro plus, what I want to highlight here for those of you who probably living in the E3 or the E5 worlds, when it comes to office, this is Microsoft Office 365 business.
But it’s still click to run, it still based on that same installation into the same installation files as pro plus. It’s the user details what it is that gets exposed for you. I’ll show you in a moment how we go through and configure all of these that we can get them deploy.
Let’s quickly see if we’ve got any office installation pieces. Microsoft Office, click to run, that’s installing in the background. It’s not getting a lot of network activity from it yet. But hopefully it’s already installed.
I was not expecting that, the benefit of being hooked up to a wired connection versus using the Wi-Fi that almost everyone else is using, so that’s good. What this means is that if I click on Excel, and we do that same thing, what you’ll see is that we have to go through it.
It’s saying okay. It’s already figured out who I am, if I go to the blank workbook, I can go back to the account settings. I haven’t run this one previously. But as I mentioned it’s already gone through, it’s already done because of the wired connection.
It is quick. We weren’t able to watch one of the things that we normally see at this stage, this would sit there and be unactivated in giving me a message, in 30 days it’s going to go into low functionality mode.
I can connect back in and go. You have a license, but because it does so quickly on this scenario. I couldn’t show you a non licensed product. I had to show your license product instead. That’s a good demonstration.
Let’s go jumping behind the scenes and take a look at what’s required in the portal to get these pieces working. If you have used the Office 365 admin center, it looks familiar, but it also have a few differences.
I’ve pulled the difference up to the top, so first is the Microsoft 365 business preview. A preview product is going to get some announcements soon around when it goes live, but I’ve got the ability to walk through and set things up.
What I’ve pulled towards the top are some of the differences because we’re pulling in some addition as Microsoft Intune capabilities, for the device actions, remove company data in factory reset, that’s leveraging into incapability.
If we take a look at managing office deployment, how many options do you normally have when it comes to deploying office through click to run? How many of you have jumped into the XML for the configuration XML files and had to do customizations or through group policy?
Your option is to install it or uninstall it. This is all about simplicity, so the question that always gets to ask is what if I want to jump in behind the scenes. Don’t worry. We’ll get to that. That’s why I’ve got the other tabs open up.
With device policies, how many of you are using Microsoft Intune today? Everything I’m going to tell you is instead of looking at the ones I’ve got included. Let’s go through and create a new device policy.
What you’ll see is that we’ve got Android and iOS, this session is focused on the Windows 10 side, but I’ll cover these very quickly, what you’ll see is that these are application management policies, so this is all about man’s slash in diem.
When it comes to iOS and Android, the assumption with this product is that it’s a big way. Odie type approach where users are bringing in their own devices, so as the organization you don’t want to manage the device. You want to control what’s going on with the data within the apps that you care about based on that users profile.
Getting that deeper control over the office mobile apps and being able to control corporate data is something that we’re doing very simply for Android and iOS. But when it comes to Windows 10, we’ve got the application management using windows information protection.
We can also do the full Windows 10 aimed capability as well, but when you think about in diem, you normally think about hundreds hopefully not thousands of different settings. In this case, we can go through and set up a few options.
What happens with some of these is behind the scenes, it’s going through and setting up multiple policies. Setting up a handful of different settings for each of those, we’ll jump in and take a look at those in a moment.
If we do a quick comparison of when we get to the application management, they also do slight variations whether it’s a personal device or a company owned device for Windows 10, so I will give you different ways of working with the apps with the devices.
Now we’ll quickly talk about the Windows 10 upgrade, this is a Windows 10 pro upgrade for people who’ve got Windows 7 pro or Windows 8.1 pro. We didn’t take advantage of that free upgrade offer.
So it’s a user based subscription as opposed to a device base of scripture so that user could upgrade 5 of their devices to Windows 10 pro. You can upgrade it from only Windows 7 pro, Windows 8 pro and Windows 8.1 pro.
You can’t upgrade from Windows Expy regardless of what version, you can’t upgrade from Windows 10. You can’t upgrade from Windows tennis. That is probably not too much of a concern for too many people yet. So remember that it’s a way for people who set out that free upgrade.
It’s an app compat issue, they want to get under control before them. Now the final thing that I will do before we switch out is that I want to show you that I’ll do it over in this one first. So I could have switched in.
You may not have even noticed, don’t worry. There’s no trickery going on here. All I want to do to begin with is to show you a clean environment where we take a look at this user and we take a look at the product licenses. The only license that I’ve got is the Microsoft 365 business license.
I’ve got 300 of them, so if anyone wants one, I’ve got 290 go. I’ll be your host until this trial runs out. If we take a look at some of the important things. There’s a lot of Office 365 stuff because it’s Microsoft. It’s Office 365 business.
But as we go through that windows business, one important thing to note is that Windows 10 activation after your upgrade. It’s doing a digital license and looking at your requirements under your actor or your allowance under Azure Active Directory.
We want to focus on this one which is your Active Directory, notice that it’s not saying as your Active Directory premium, so this offers you some of the Azure Active Directory Premium features but not all of them.
Be a little bit careful with that, don’t assume that because you’ve done it, for example, this is going to do it and I’ll talk about those in a moment so you’ve got an idea.
If I go down to admin centers and we fire up, what you’ll see is that it effectively tells me that it’s ready for Office 365. So I could expect to see that cleaned up to Microsoft 365, we get a bit more of an idea.
It’s basically telling us that we do not have Active Directory premium. Otherwise, it wouldn’t be offering us. If you are using your Active Directory premium, you’re probably looking at this user signing thing wondering why it’s blacked out.
Because this is what happens when you don’t have your Active Directory premium. You don’t get all those advance security reports. That’s blacked out if we go to groups. Let’s go through to enterprise apps.
We’ve got more things blacked out because we don’t have the right for those, to make sure I’m getting this right for now. That is subject to change part of the product being launched. We get support for autopilot. We get support from greater than 10 sets out through the my apps portal, which is important because we get about 19 based on what’s included with Office 365.
You get the MGM auto enroll capabilities of your Active Directory premium. We get into prize state roaming. We get self service password. Get some of the other self service options around group synapse.
Let’s jump back across to that other tenant very quickly, if I go to the Admin Center for this one, in this case things are blanked out, because I’ve got a mix of different as you. Rady offering, I’ve got a deep pijuan pee 2 basic.
I wanted to make sure that if you saw this, you weren’t thinking that this was what would happen by default, but from here we can go through, if we want to take a look at what’s going on behind the scenes with Intune, for example, if I want to take a look at what’s going on with the different Intune device policies, it’s easy for me to go through and take a look at that.
If we take a look at the device configuration policies, Intune in your portal makes it easy for us to go in behind the scenes and see what’s there, so I’ve been given the wind up message.
This gives you an idea of behind the scenes. You still have access to what you’d expect to be able to see, but be careful because from a licensing perspective it is different from what you may have already had exposure to.
It’s worth taking a look at it, but I’ll cut off now and if you’ve got any questions, leave your comments below. Thank you for your reading.