The Enterprise Mobility Suite Portal Survival Guide

On By Ronny de JongIn Azure, Azure AD, Azure Information Protection, Cloud, Enterprise Mobility, Enterprise Mobility Suite, Microsoft Intune, Mobile Device Management, Office 365

survival-guide I’m more than happy being your tour guide for today and walkthrough the various portals that the Microsoft Enterprise Mobility Suite (EMS) houses. For those who are involved with EMS, this might be a handy overview of all current available portals. I often heard  that it is not always clear which portal you need and where you can find it. In this blog I’ll do my best to cover all the portals including their purpose.

Azure Management Portal

The Azure Management Portal is the current interface to manage all your Azure services, like analytics, computing, database, mobile, networking, storage, web and identity. From an Enterprise Mobility Suite perspective, the portal allows you to manage Azure AD (Premium) and Azure Rights Management Services (RMS) features like Multi Factor Authentication (MFA) or defining Azure RMS templates. Regarding licenses, assignment for Azure AD Premium will be performed from this portal. This also applies to assigning EMS licenses which includes both Azure AD Premium, Microsoft Intune and Azure RMS. Assignment of Microsoft Intune licenses in a EMS suite can thus only assigned by the Azure Management Portal and not by the Microsoft Intune Account Portal. image

Azure Management Portal Preview

This will be your future management portal for managing all your Azure services and is currently still in preview. Easier, simpler, and (most importantly) faster! This unified hub radically simplifies building, deploying, and managing your cloud resources. Imagine a single easy-to-use console built just for you—your team, your projects. Now craft your very own best-in-class toolset by adding fully integrated capabilities from Microsoft, partners, and the open source community. Then make it yours! Organize your portal to custom-fit your work, and your workstyle. Stay on top of the things that matter most by pinning them to your Startboard. Resize parts to show more or less data. Drill in for all the details. And see insights (and opportunities) across apps and resources. portal[1]

Azure Access Panel Applications Portal

This self-service portal is intended for end users to provide them a self-service portal. End users therefore can be more productive as they are no longer depending on your IT and can help themselves by providing self-service capabilities like resetting their passwords, group management and accessing over more than 2400 SaaS applications. image

Azure Self-Service Password Reset Portal

Part of Azure Active Directory Premium is Self-Service Password Reset feature. With this self-service solution users are able to reset their password anytime and any place without any help of your IT department.  In order to take benefit of this self-service password reset function you requires Azure AD Premium, furthermore you organization must support and enable password write-back in order to synchronize mutations back to your on-premise Active Directory. Another great advantage is that this services takes care of your on-premise defined account policies like complex passwords, password history of password age. image

Microsoft Intune Account Portal

The Intune Account Portal is primary used for managing users, groups, and domains even for Microsoft Online services including Office 365 and Microsoft Azure. With this online portal, you can check the status of your subscriptions, add new subscriptions and activate new user accounts. This portal provides similar functionalities provided by Office 365 Admin Portal of Azure Management Portal and can be used as start point where you can set up and configure your hybrid identity (Azure Active Directory Sync & Single-Sign On). Further standalone Microsoft Intune licenses can be assigning using this portal. Microsoft Intune licenses which are part of a EMS license can’t be assigned through this portal but as mentioned before only through the Azure Management Portal. If you’re using Microsoft Intune in a hybrid scenario than the license part will be covered by your Configuration Manager instance. image

Microsoft Intune Admin Portal

Microsoft Intune Admin Portal is your start point from performing daily operational tasks such as managing mobile devices (selective wipe, wipe, passcode reset), configuring baseline policies, deploying software and keep track on your compliance status. Beside day-to-day operational tasks you’ll  configure your Microsoft Intune infrastructure components such as setting your mobile device authority, configure your platforms to manage and integration with other cloud & on-premise solution such as SharePoint (Online) and Exchange (Online). What is also striking is that this portal uses Silverlight, this however unlike the other portals in this list. Thus you can’t open this portal from the new Windows 10 Edge browser, Windows RT or iOS device and by September this year Google will discontinue support of Silverlight in there browser. image

Microsoft Intune Company Portal

End users will access the web based Microsoft Intune Company Portal when they have not the ability to use the native Company Portal. The Company Portal is an interface which acts a company app store where user can install apps or they can perform tasks such as performing a selective wipe or other tasks on there owned devices. image

Azure Rights Management Portal

On the Azure Rights Management (RMS) Portal you can download the Azure RMS Sharing app for the various platforms available. With the Azure RMS Sharing app you’re able to apply the defined policy templates or apply in-place protection on you Windows system. For the other platforms you’ll need the app in order to open and read protected documents by Azure RMS. Further the portal is used to register yourself as an individual Azure RMS user. Organizations or users which do not have an Azure RMS subscription wouldn’t able to read protected documents without being registered as an Azure RMS Individual user. As an registered Azure RMS Individual user your able to open protected Azure RMS documents but you’re not able to create protected documents yourself using Azure RMS. You must have a valid Microsoft ID of company ID in order to register yourself, namespaces like *.hotmail.com, *outlook.com, *.yahoo.com or *.gmail.com are currently not supported. image

Azure Rights Management Document Tracking Portal

The Azure RMS Document Tracking Portal – which is currently in preview and only available in US-region – but’s definitely worth to mention as it’s providing some great features. With Azure RMS Document Tracking – the name says it all – allows you to keep track your protected (corporate) data. It provides you insights who accessed the protected data, when and where. This is clearly displayed by a list overview, timeline and map. Further you’re able to revoke access and configure notifications when someone has opened a document or access has been denied. image

Office 365 Admin Portal

Because the Office 365 Admin Portal contains a number of important settings related to the Enterprise Mobility Suite (EMS) it’s listed here as well. From here you can request trial licenses or buy, activate and assign licenses. From an EMS perspective this applies to Azure AD Premium and Azure RMS where Azure RMS can be both activated from Office 365 or Azure AD. image

Feature

Despite my attempt to clear all portals, in case I’ve missed one…(or two)! If you have one or more portals for me than I’m more than happy to hear from you and I’ll add ‘m to this list. During my stay at the Enterprise Mobility Suite Airlift February this year – on the Microsoft campus – I tweeted – “All admin portals will be merged into a single admin portal” – currently we still have different portals available. However I assume it can not be long before the first portals will be integrated and the number of portal will be reduced. This will be a more than a welcome transition to make the Enterprise Mobility Suite portal landscape more clearer. Ronny de Jong

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.