From 2599a42031e23992b0b8274201b765d059b55200 Mon Sep 17 00:00:00 2001 From: Barry Langer Date: Wed, 4 Oct 2017 15:15:21 -0700 Subject: [PATCH 1/3] adding AAD bits --- .../get-started-with-microsoft-education.md | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/education/get-started/get-started-with-microsoft-education.md b/education/get-started/get-started-with-microsoft-education.md index 51de907eef..46a130c709 100644 --- a/education/get-started/get-started-with-microsoft-education.md +++ b/education/get-started/get-started-with-microsoft-education.md @@ -10,7 +10,7 @@ ms.localizationpriority: high ms.pagetype: edu author: CelesteDG ms.author: celested -ms.date: 08/29/2017 +ms.date: 10/04/2017 --- # Get started: Deploy and manage a full cloud IT solution with Microsoft Education @@ -146,6 +146,15 @@ To learn more about the services and tools mentioned in this walkthrough, and le - Deployment using PowerSchool Sync: How to deploy School Data Sync by using PowerSchool Sync and School Data Sync required attributes for PowerSchool Sync - Deployment using Clever Sync: How to deploy School Data Sync by using Clever Sync and School Data Sync required attributes for Clever sync - Deployment using OneRoster CSV files: How to deploy School Data Sync by using OneRoster CSV files +- Azure Active Directory features used by Intune for Education, including: + - Single Sign-On" Allow your AAD users to access SSO-enabled apps, so they don’t need to type in their credentials to access these apps + - MDM auto-enrollment: Devices are automatically enrolled with Intune upon being joined with AADJ + - Enterprise State Roaming: Keep school data and personal data separate on your devices. + - Dynamic Groups: You can use dynamic groups to create rules that populate your groups (e.g. a group with all 9th graders) instead of having to manually add/remove members of the groups. Group stays updated by continually staying populated with members that fit the rules you pick. + - Password write-back: Password writeback allows you to configure Azure AD to write passwords back to your on-premises Active Directory. It removes the need to set up and manage a complicated on-premises self-service password reset solution, and it provides a convenient cloud-based way for your users to reset their on-premises passwords wherever they are. + - Administrative Units: **don't quite know what to put here** + - Additional local administrators: **don't quite know what to put here** + - Self-service BitLocker recovery: **don't quite know what to put here** **For teachers** From 22fcb0bb8062789dd8dd6fe7edcc6aa3397dbeb0 Mon Sep 17 00:00:00 2001 From: Barry Langer Date: Fri, 6 Oct 2017 13:25:41 -0700 Subject: [PATCH 2/3] update per celested --- .../get-started-with-microsoft-education.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/education/get-started/get-started-with-microsoft-education.md b/education/get-started/get-started-with-microsoft-education.md index 46a130c709..f85c99e3c1 100644 --- a/education/get-started/get-started-with-microsoft-education.md +++ b/education/get-started/get-started-with-microsoft-education.md @@ -147,14 +147,14 @@ To learn more about the services and tools mentioned in this walkthrough, and le - Deployment using Clever Sync: How to deploy School Data Sync by using Clever Sync and School Data Sync required attributes for Clever sync - Deployment using OneRoster CSV files: How to deploy School Data Sync by using OneRoster CSV files - Azure Active Directory features used by Intune for Education, including: - - Single Sign-On" Allow your AAD users to access SSO-enabled apps, so they don’t need to type in their credentials to access these apps - - MDM auto-enrollment: Devices are automatically enrolled with Intune upon being joined with AADJ - - Enterprise State Roaming: Keep school data and personal data separate on your devices. - - Dynamic Groups: You can use dynamic groups to create rules that populate your groups (e.g. a group with all 9th graders) instead of having to manually add/remove members of the groups. Group stays updated by continually staying populated with members that fit the rules you pick. - - Password write-back: Password writeback allows you to configure Azure AD to write passwords back to your on-premises Active Directory. It removes the need to set up and manage a complicated on-premises self-service password reset solution, and it provides a convenient cloud-based way for your users to reset their on-premises passwords wherever they are. - - Administrative Units: **don't quite know what to put here** - - Additional local administrators: **don't quite know what to put here** - - Self-service BitLocker recovery: **don't quite know what to put here** +- Single Sign-On (SSO) - Allow your Azure AD users to access SSO-enabled apps, so they don’t need to type in their credentials to access these apps. +- MDM auto-enrollment - Devices are automatically enrolled with Intune upon being joined with Azure AD join. +- Enterprise state roaming - Keep school data and personal data separate on your devices. +- Dynamic groups - You can use dynamic groups to create rules that populate your groups (for example, a group with all 9th graders) instead of having to manually add or remove members of the groups. The group stays updated by continually staying populated with members that fit the rules you pick. +- Password write-back - Allows you to configure Azure AD to write passwords back to your on-premises Active Directory. It removes the need to set up and manage a complicated on-premises self-service password reset solution, and it provides a convenient cloud-based way for your users to reset their on-premises passwords wherever they are. +- Administrative units +- Additional local administrators +- Self-service BitLocker recovery - A self-service portal that allows your employees to retrieve their BitLocker recovery key and avoid support calls. **For teachers** From 88b198b7005bb830cfd484b84153580048d2e581 Mon Sep 17 00:00:00 2001 From: Barry Langer Date: Fri, 6 Oct 2017 15:05:13 -0700 Subject: [PATCH 3/3] indents --- .../get-started-with-microsoft-education.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/education/get-started/get-started-with-microsoft-education.md b/education/get-started/get-started-with-microsoft-education.md index f85c99e3c1..899c7aa79e 100644 --- a/education/get-started/get-started-with-microsoft-education.md +++ b/education/get-started/get-started-with-microsoft-education.md @@ -147,14 +147,14 @@ To learn more about the services and tools mentioned in this walkthrough, and le - Deployment using Clever Sync: How to deploy School Data Sync by using Clever Sync and School Data Sync required attributes for Clever sync - Deployment using OneRoster CSV files: How to deploy School Data Sync by using OneRoster CSV files - Azure Active Directory features used by Intune for Education, including: -- Single Sign-On (SSO) - Allow your Azure AD users to access SSO-enabled apps, so they don’t need to type in their credentials to access these apps. -- MDM auto-enrollment - Devices are automatically enrolled with Intune upon being joined with Azure AD join. + - Single Sign-On (SSO) - Allow your Azure AD users to access SSO-enabled apps, so they don’t need to type in their credentials to access these apps. + - MDM auto-enrollment - Devices are automatically enrolled with Intune upon being joined with Azure AD join. - Enterprise state roaming - Keep school data and personal data separate on your devices. -- Dynamic groups - You can use dynamic groups to create rules that populate your groups (for example, a group with all 9th graders) instead of having to manually add or remove members of the groups. The group stays updated by continually staying populated with members that fit the rules you pick. -- Password write-back - Allows you to configure Azure AD to write passwords back to your on-premises Active Directory. It removes the need to set up and manage a complicated on-premises self-service password reset solution, and it provides a convenient cloud-based way for your users to reset their on-premises passwords wherever they are. -- Administrative units -- Additional local administrators -- Self-service BitLocker recovery - A self-service portal that allows your employees to retrieve their BitLocker recovery key and avoid support calls. + - Dynamic groups - You can use dynamic groups to create rules that populate your groups (for example, a group with all 9th graders) instead of having to manually add or remove members of the groups. The group stays updated by continually staying populated with members that fit the rules you pick. + - Password write-back - Allows you to configure Azure AD to write passwords back to your on-premises Active Directory. It removes the need to set up and manage a complicated on-premises self-service password reset solution, and it provides a convenient cloud-based way for your users to reset their on-premises passwords wherever they are. + - Administrative units + - Additional local administrators + - Self-service BitLocker recovery - A self-service portal that allows your employees to retrieve their BitLocker recovery key and avoid support calls. **For teachers**