Home > IT-Pro Speaker Training > Kent Agerlund > Managing Windows 10 using Microsoft Endpoint Manager Configuration Manager and M365

Course information

Managing Windows 10 using Microsoft Endpoint Manager Configuration Manager and M365

Send a mail to sales@pds-site.com for more information

Being able to design, deploy, manage and troubleshoot Microsoft Endpoint Manager Configuration Manager, Microsoft 365 and Windows 10 in your environment. In the class there will be a high focus on automation and understanding how you can optimize your Windows 10 management using Configuration Manager & Microsoft Azure. The class is always based on the latest available public builds.

This class is organized only a few times a year 

Also possible to join this class remote



Tel: +31 88 55 88 400
E-mail: sales@pds-site.com


Prerequisites and abstract:
Basic understanding of Active Directory, Azure Active Directory, WSUS and SQL. Basic knowledge and working experience with Configuration Manager. We will take you through the advanced design, installation, configuration, cloud integration and troubleshooting of the main features in Configuration Manager based and Windows 10. After class, you will have a solid understanding off the design options, flow of the main features and troubleshooting techniques. Likewise, you will have a solid understanding on how Configuration Manager and Microsoft 365 can be used to secure Windows 10 deployments. The class will focus on how to integrate Configuration Manager with Microsoft Azure, using services like Cloud Management Gateway, Windows Autopilot, Microsoft Defender and co-management.

  • Fault tolerance and High availability
  • Installing and troubleshooting clients
  • Client Health
  • Inventory Management
  • Application deployment
  • Software updates
  • Compliance Settings
  • Operating System Deployment
  • Microsoft Azure integration with Cloud Management Gateway
  • Windows 10 modern management using Microsoft Endpoint Manager and co-management
  • Windows 10 security options
  • Troubleshooting tools
  • Microsoft Defender

Kent A.


The course will cover the following modules:

Module 1:

Introduction to Modern IT and Modern Workplace

  • How Microsoft thinks about Modern Management
    • Cloud Values for Configuration Manager
  • Manage modern Windows 10 devices using Endpoint Manager
  • Intune only compared to Configuration Manager with Intune Integration
  • The transition to a Modern client
    • How can we get from the on prem world to the cloud world
  • Issues we have seen in our projects.


Azure AD and Device authentication

  • Planning the directory synchronization
  • Windows 10 device authentication (Hybrid Join, AAD Join, Device registration)
  • Device Enrollment
  • Identity Models (Cloud, Synchronized, Federated, Pass-Through Authentication)
  • Azure AD Connect Installation and Configuration


Integrating the Cloud Management Gateway to support Internet based users


Troubleshooting Cloud Management Gateway

  • Understanding the Cloud Management Gateway in-depth
  • How to troubleshoot
  • Understanding log files


Configuration manager client management

  • Installing, configuring and troubleshooting clients
  • Installing the client for Internet based Windows devices (Intune / CMG)



Module 2:

Co-management and tenant attach

  • Introduction
  • The pros and the cons
  • Understanding co-management in-depth
    • Preparing Endpoint Manager to support the workloads
    • Configure co-management in Configuration Manager
  • Working with tenant attach
    • Understanding Endpoint Analytics
    • Working with real-time actions
    • Working with the Endpoint Manager Admin Center
    • CMPivot


Content distribution and sharing

  • Working with content distribution in distributed environments
    • Working with BranchCache
    • Working with Delivery optimization
    • Integrating the Cloud Distribution Point
    • Content Distribution for roaming clients without VPN (CMG managed)
    • Content Distribution for VPN clients (with- and without split tunnel VPN)


  Managing Windows 10 using the MDM agent

  • Develop a Windows 10 management strategy
  • Understanding the Windows 10 MDM management options
  • Manage modern Windows 10 devices using Endpoint Manager


Deploying Windows 10 with operating system deployment (Config Mgr)

  • Windows 10 servicing and Greenfield environments
  • Deploying images
  • Deploy an Operating System over CMG
  • Troubleshooting operating system deployment



Module 3:

Deploying Windows 10 with operating system deployment (Autopilot)

  • Windows 10 Autopilot integration
    • Scenarios (User-driven, self-deploying, Autopilot Reset, Pre-provisioning, Autopilot for existing devices)
  • Windows Autopilot Administration
    • Register devices
    • Device groups
  • Troubleshooting Windows Autopilot


Settings Management

  • Device Management concepts
    • Group Policies vs. MDM
    • Co-management strategy
  • Controlling device features and settings with Configuration Manager
  • Controlling device features and settings with Intune
  • Migrate group policy to MDM policies
  • Monitor the settings deployment



Module 4:

Application deployment

  • Working with the Configuration Manager application model
  • Working with the Endpoint Manager application model
  • Troubleshooting application deployments
  • ConfigMgr Collections / Intune Groups - Pros and Cons
  • Deploying Windows Store applications
    • Windows Store for Business integration
  • Deploying Win32 applications
  • Managed Applications
    • Intune App Protection Policies
    • Windows Information Protection
  • Software Center, Company Portal and Windows Store for Business


Managing Windows 10 security

  • Understand and implement the Windows 10 security options
  • Working with Microsoft Defender AV
  • M365 Identity + Security
  • M365 Defender for Endpoints security options
  • Working with Microsoft Security Center


Module 5:

Automation using Microsoft Graph

  • Introducing Microsoft Graph
  • Automating Windows 10 management using Graph


Software Updates

  • Creating and designing the software update infrastructure
  • Deploying and troubleshooting Microsoft software updates
  • Deploying 3rd. party updates
  • Develop a Windows Servicing model
  • SW Updates from the Cloud when using CMG and/or VPN
    • from CMG / cloud DP for internet based clients
    • from Cloud for VPN based clients with split tunnel configuration

Compliance Settings

  • Intune vs Configuration Manager
  • Security Settings and baselines
  • Creating and implementing configuration items and baselines
  • Remediate non-compliant computers and users
  • Troubleshooting compliance settings
  • Conditional Access



Some student quotes and recommendations:

"You can only teach what you know and Kent knows a lot :-)"

"Great course. Kent great teacher. Good understandable."

"Kent Rules!!"


Send a mail to sales@pds-site.com for more information