70-697
Support Windows Store and cloud apps
Install and manage software by using Microsoft Office 365 and Windows Store apps, sideload apps by using Microsoft Intune, sideload apps into online and offline images, deeplink apps by using Microsoft Intune, integrate Microsoft account including personalization settings
- Package Office
- Telecharger « Office Deployment tools »
- Modifier le fichier de configuration « confiduration.xml »
- Telecharger les sources office avec setup.exe /download
- Installer avec setup.exe /configure
- Creation d’un package AppV avec setup /packager
- Installation sur Azure
Licence : <property Name = « SharedComputerLicencing » Value = « 1 »/>
- AppV
- Autoriser le mode offline : Disconnected operation mode
- APPLocker
- Test AppLocker Policy => From Group Policy : enforce the new AppLocker policy in Audit mode
Support authentication and authorization
Identifying and resolving issues related to the following: Multi-factor authentication including certificates, Microsoft Passport, virtual smart cards, picture passwords, and biometrics; workgroup vs. domain, Homegroup, computer and user authentication including secure channel, account policies, credential caching, and Credential Manager; local account vs. Microsoft account; Workplace Join; Configuring Windows Hello
- Interdire la synchronisation => GPO : Block Mcrosoft Account : Users can’t add or log on with Microsoft Account
Migrate and configure user data
Migrate user profiles; configure folder location; configure profiles including profile version, local, roaming, and mandatory
Configure Hyper-V
Create and configure virtual machines including integration services, create and manage checkpoints, create and configure virtual switches, create and configure virtual disks, move a virtual machine’s storage
- Invoke-Command => Option -VMName pour gérer les VM
The Invoke-Command cmdlet runs commands on a local or remote computer and returns all output from the commands, including errors. By using a single Invoke-Command command, you can run commands on multiple computers.
To run a single command on a remote computer, use the ComputerName parameter. To run a series of related commands that share data, use the New-PSSession cmdlet to create a PSSession (a persistent connection) on the remote computer, and then use the Session parameter of Invoke-Command to run the command in the PSSession. To run a command in a disconnected session, use the InDisconnectedSession parameter. To run a command in a background job, use the AsJob parameter.
You can also use Invoke-Command on a local computer to evaluate or run a string in a script block as a command. Windows PowerShell converts the script block to a command and runs the command immediately in the current scope, instead of just echoing the string at the command line.
To start an interactive session with a remote computer, use the Enter-PSSession cmdlet. To establish a persistent connection to a remote computer, use the New-PSSession cmdlet.
Configure mobility options
Configure offline file policies, configure power policies, configure Windows To Go, configure sync options, configure Wi-Fi direct, files, powercfg, Sync Center
- Windows To GO
- Depuis Windows to Go voir le disque du PC => Diskpart configure san policy
- Depuis le PC voir le disque Windows to go => DIskpart configure attributes volume
- Powercfg
- Import et export => Exporter ou importer une configuration de gestion d’alimentation
- -s ou -setactive => Active le mode de gestion de l’alimentation spécifié
- -x ou -change => Modifie une valeur de paramètre dans le mode de gestion de l’alimentation actuel
Configure security for mobile devices
Configure BitLocker, configure startup key storage
- Necessite une puce TPM 1.2 ou 2.0
- Pré requis pour les « virtual Smart Cards »
- Sans puce TPM : GPO : « Require Additional authentification at startup »
- Debloquer un disque (non systeme) pour un PC dans l’AD
- Besoin du nom de l’ordinateur
- Lancer la commande : manage-bde-unlock E:pw
Support mobile devices
Support mobile device policies including security policies, remote access, and remote wipe; support mobile access and data synchronization including Work Folders and Sync Center; support broadband connectivity including broadband tethering and metered networks; support Mobile Device Management by using Microsoft Intune, including Windows Phone, iOS, and Android
Deploy software updates by using Microsoft Intune
Use reports and In-Console Monitoring to identify required updates, approve or decline updates, configure automatic approval settings, configure deadlines for update installations, deploy third-party updates
- Paramétres d’agent Intune
- Desactivation du prompt de redemarrage
- Allow Immediate installation of updates that do not interrupt Windows
- Désinstallatoin
- ProvisioningUtil.exe command
- Windows Configuration Policy
- Minimum Classification of update to install automatically
- Resuire automatic updates
- Configuration dans SCCM
- Configurer le role « Microsoft intune Connector »
- Creation du « Microsoft Intune subscription »
- Changement du groupe parent d’un groupe existant : impossible, il faut le supprimer et le recreer
- Gestion iOS
- Necessite « Apple Push Notification Certificate »
- Enregistrement
- Entreprieregistration.nomdomaine.com
Manage devices with Microsoft Intune
Provision user accounts, enroll devices, view and manage all managed devices, configure the Microsoft Intune subscriptions, configure the Microsoft Intune connector site system role, manage user and computer groups, configure monitoring and alerts, manage policies, manage remote computers
Configure IP settings
Configure name resolution, connect to a network, configure network locations
- Netsh
- Add address => ajouter une adresse IP sur une carte reseau
- Set interface => modifie les paramétres d’une carte reseau
- Set adress => modifie une adresse IP sur une carte reseau
Configure networking settings
Connect to a wireless network, manage preferred wireless networks, configure network adapters, configure location-aware printing
Configure and maintain network security
Configure Windows Firewall, configure Windows Firewall with Advanced Security, configure connection security rules (IPsec), configure authenticated exceptions, configure network discovery
Support data storage
Identifying and resolving issues related to the following: DFS client including caching settings, storage spaces including capacity and fault tolerance, OneDrive
Support data security
Identifying and resolving issues related to the following: Permissions including share, NTFS, and Dynamic Access Control (DAC); Encrypting File System (EFS) including Data Recovery Agent; access to removable media; BitLocker and BitLocker To Go including Data Recovery Agent and Microsoft BitLocker Administration and Monitoring (MBAM)
- Application Control Policy
- Necessite le service : Application identity
Configure shared resources
Configure shared folder permissions, configure HomeGroup settings, configure libraries, configure shared printers, configure OneDrive
Configure file and folder access
Encrypt files and folders by using EFS, configure NTFS permissions, configure disk quotas, configure file access auditing Configure authentication and authorization
Configure remote connections
Configure remote authentication, configure Remote Desktop settings, configure VPN connections and authentication, enable VPN reconnect, configure broadband tethering
- Bureau à distance
- Utilisation de « Gateway IP address »
Configure mobility options
Configure offline file policies, configure power policies, configure Windows To Go, configure sync options, configure Wi-Fi direct
Deploy and manage Azure RemoteApp
Configure RemoteApp and Desktop Connections settings, configure Group Policy Objects (GPOs) for signed packages, subscribe to the Azure RemoteApp and Desktop Connections feeds, export and import Azure RemoteApp configurations, support iOS and Android, configure remote desktop web access for Azure RemoteApp distribution
Support desktop apps
The following support considerations including: Desktop app compatibility using Application Compatibility Toolkit (ACT) including shims and compatibility database; desktop application co-existence using Hyper-V, Azure RemoteApp, and App-V; installation and configuration of User Experience Virtualization (UE-V); deploy desktop apps by using Microsoft Intune
Configure system recovery
Configure a recovery drive, configure system restore, perform a refresh or recycle, perform a driver rollback, configure restore points
Configure file recovery
Restore previous versions of files and folders, configure File History, recover files from OneDrive
Configure and manage updates
Configure update settings, configure Windows Update policies, manage update history, roll back updates, update Windows Store apps
Cet article n'a pas été revu depuis la publication.
Cet article a été créé par david le 31 mai 2017.
Laisser un commentaire