Apple Endpoint Management Using Microsoft Intune (2026)

In this lesson students learn the basics of navigating the iOS user interface.

This lecture covers the topics of iPhone and iPad Forced Reset, putting your device into iOS Recovery Mode, and Device Firmware Update (DFU) mode and why you may need to use it.

This lecture covers the topic of monitoring iPhone and iPad battery health and utilization.

In this lecture students learn the concepts of storage management on iOS devices.  Topics like Offload App vs Delete App are discussed and students are shown how the sandbox app environment handles user created documents and data.

This lesson demonstrates how to interact with an iOS device in Recovery Mode.

In this lesson students are introduced to Apple's transparency, consent, and control policy and the associated Settings for managing Security and Privacy in iOS.

This lesson demonstrates how to view an iOS device's MAC address for the WiFi network adapter, how to configure a static IP address on an iOS device, and how to modify the DNS server on an iOS device.  Configuration of the built-in VPN on iOS is also explored.

This lecture briefly discusses additional features available on iPadOS that are not supported on iOS including Sidecar, Stage Manager, Apple Pencil and mouse/cursor support.

This lesson introduces the Mac hardware architecture and on some of the differences from the Intel and Apple Silicon architectures.

In this lesson we introduce Recovery OS, which is basically macOS Recovery for Apple Silicon.  There are some subtle differences between the two pre-boot environments (Intel v Apple Silicon) that are explored here.

In this lesson we give students a brief overview of the basic macOS user interface.  We discuss the the desktop, dock, and menubar along with essential navigation and customization of the Finder.

In this lecture students dive into the deep end of macOS client administration.  Topics include using the option-key modifier to expose hidden Menu options, exploring hidden files and folders, and mapping network drives among other foundational principles.

In this lesson students are introduced to the idea of hidden folders and how to toggle their visibility as well as how to create their own hidden folders.

This lesson introduces students to macOS System Preferences.  A few common System Preferences are explored in more detail.

This lesson explores various system utility applications in the Applications/Utilities directory and the System/Library/Core Services/Applications directory.

In this lesson students begin to use the Terminal app and become familiar with navigation and file management commands.  This lesson is the foundation for scripting exercises that are used throughout the course.

This lesson introduces students to strategies for keeping their Macs patched with the latest macOS updates using the GUI.

This lesson demonstrates the way that connected disks are managed in macOS.  Topics such as the file system, restore snapshots, and formatting/partitioning are explored in detail.

In this lesson students will become familiar with the three computer names every Mac client has on a local area network and how to update/change them.

Apple Silicon Macs have an iOS-like feature for quickly erasing and reinstalling macOS. This lesson explores this concept and how to use it to rapidly re-stage a Mac.

In this lesson students explore the Users and Groups system preference, including the hidden Advanced Options, and learn how to enable and disable the 'root' user account.

In this lesson students are introduced to POSIX security and how to set permissions on files using both the Finder and the Terminal.

In this lesson we briefly discuss the Privacy tab of the Security & Privacy system preference and discuss Apple's TCC policy and whitelisting.

This lesson provides students with a high-level introduction to mobile device management concepts.

This lesson introduces students to the various ways that devices can be enrolled in mobile device management.

In this lesson, students learn specifically about Apple's Device Management Framework, the technology built into every Apple operating system that enables device management.

Declarative Device Management is a next-generation form of MDM.  This lesson provides a brief overview of this new specification and how it differs from the Apple Push Notification model it replaces.

In this lesson, students learn about the different device ownership models and how ownership impacts the various functions and features available for device management.

This lecture introduces students to Apple Business Manager.  Students are encouraged to sign-up for this solution if their company doesn't already have access to this service.

This lesson introduces students to Managed Apple Accounts and how they differ from traditional Apple Accounts.

This lesson provides students with an overview of the Apple Business Manager interface, touches on organizational setup options, and covers the basics for manually creating accounts, groups, and locations.

In this lesson, we demonstrate how to generate an Apple Push Notification certificate and configure Microsoft Intune for the APN service.

In this lesson we demonstrate how to create a new Intune MDM Server in Apple Business Manager and then connect it to the DEP service in Microsoft Intune.

In this lesson we configure our connection between Apple Business Manager and Microsoft Entra ID to enable Federation.

In this lesson students learn how to enable Directory Sync for automatically creating Managed Apple Accounts at your custom domain and resolve Apple Account conflicts.

In this lesson we discuss device assignment for Automated Device Enrollment and demonstrate how to automatically onboard newly purchased devices into Apple Business Manager.

In this lesson we demonstrate how to manually add a device to Apple Business Manager when it was not purchased from Apple directly or through an authorized third-party reseller.

In this lesson students learn how to redeem apps and books using Apple Business Manager in preparation for Managed Distribution later in the course.

In this lesson we demonstrate how to apply restrictions to Apple Services for your Managed Apple IDs including how to control access to iCloud Drive, Messages, FaceTime, and more.

In this lecture we cover the general best practices for planning a phased rollout of device management with Microsoft Intune.

In this lesson, students are introduced to the concept of User Affinity and how they align with various deployment methods and models.

This lecture briefly reviews the licensing structure and associated costs for Microsoft Intune.

This lecture introduces students to the Mobile App Management (MAM) solution within Microsoft Intune.

In this demonstration, students will learn how to navigate the Intune Admin Center.

In this demonstration, students learn how to configure an enrollment profile for Account Driven User Enrollment and then step through the User Enrollment onboarding process on a personal iPhone.

This demonstration introduces students to the process of adding an iPad to Intune using the Direct Device Enrollment method.  Enrollment Profile priority is also briefly discussed.

In this demonstration, students are introduced to Automated Device Enrollment.  Using a MacBook Air, we step through the customized Setup Assistant process.

This lesson briefly demonstrates how to create a security group in Microsoft Intune for managing assigned devices by user.

Devices that are company owned, specifically those without User Affinity, may need to be assigned to device groups for device management.  This lesson briefly shows how to create a security group for devices and how to add a managed, supervised device to the new group.

In this lecture, students are introduced to Managed Distribution, the method for purchasing and assigning Apps and Books licenses to devices or users.

In this demonstration, students step through the final integration between Apple Business Manager and Microsoft Intune -- Apps and Books (VPP).

In this lesson, students learn how to customize and configure the Company Portal for their organization.  Customizations include themes, contact info, app availability, and more.

In this demonstration, students will learn how to configure a built-in Microsoft 365 app to appear in Company Portal as an optional install for end-users.

In this lesson, students will learn how to add multiple Apps to Company Portal with the intent set to available so end-users can install company Apps in a self-service manner.

In this lesson we introduce students to App Configuration policies and apply a biometric requirement as an additional layer of security for signing into Outlook on the iPhone.

In this lesson students learn the entire managed distribution pipeline from purchasing an App via Apple Business Manager through assigning it to a device group in Intune, installing it, and finally how to revoke the license for re-use by another device.

In this lecture, students are introduced to issues around conflicting app intents based on user and device assignment groups.

In this demonstration, students will learn how to import and deploy an Ad-Hoc line of business app to company owned iPads outside of the App Store.

In this demonstration students are introduced to 'packaging' a custom application for macOS.

In this lesson students will create a custom shell script that installs the Company Portal application for macOS.

In this lecture, students are introduced to configuration profiles for device management.

In this lecture, students are introduced to the concept of Declarations and how they differ from traditional configuration payloads when it comes to managing devices.

In this demonstration, students will configure a basic passcode policy and then deploy it to all managed devices.

This demonstration briefly discusses the topic of Scope Tags and how they are created and applied to objects in Microsoft Intune.

In this lesson we demonstrate the expected behavior when two different configuration profiles attempt to set the same payload setting.

This lesson demonstrates how to determine which payloads will apply to which devices based on how the device was enrolled and if it is supervised or not.

In this lesson students explore using policy sets.  We demonstrate how to create them and why you would want to use these.

This lesson briefly covers policy filters.  Students are introduced to filters and are shown how to create them, how to apply them, and the use cases for them.

In this lesson we download a custom *.mobileconfig profile from Microsoft's GitHub repo and import it into Microsoft Intune.

In this lecture, students are introduced to employee owned device management.

This lesson steps through how to configure a passcode policy for User Enrolled devices.

In this lesson, students learn how to create a Wi-Fi payload that can be deployed to a User Enrolled device.

This lesson introduces the Managed Email Account and how to configure a Microsoft 365 Exchange account as a Managed Account using the built-in Mail, Contacts, Calendar, etc apps.

In this lesson students learn how to create profiles that manage the sharing of organization data between apps including how to restrict copy/paste between organizational documents and personal docs.

This lesson demonstrates how you can configure both personal and organizational/managed accounts within the same app while still enforcing data security policies.

This lecture introduces students to supervised devices and the requirements for a device to be considered 'supervised'.

In this lesson students learn how to determine if a Mac is supervised and then how to configure a managed login window with a custom message and other components.

In this lesson, students learn how to configure a standard Wallpaper and customize Finder settings.

This lesson demonstrates how to configure a standardized Dock on the Mac using a combination of Microsoft Intune and a third-party tool.

In this lesson, students learn how to determine if an iOS device is supervised and how to hide built-in apps like Messages, FaceTime or even Safari.

In this lesson students are introduced to supervised iOS restrictions that disable various hardware features like Bluetooth and the USB port to restrict unauthorized data sharing.