Highlights from the Workplace Ninja Summit, day 2

From a deep dive on Autopilot to a look inside Endpoint Privilege Management, day two of the Workplace Ninja Summit over-delivered, providing much optimism about the future of endpoint management. 

This blog will focus on the highlights from day two. If it’s your first time reading about the Workplace Ninja Summit, head to my original blog to learn why this is such a solid endpoint management conference and read about the highlights from day one. 

At a high level, the summit covered topics such as: 

• Microsoft Endpoint Manager ConfigMgr & Intune 

• Microsoft Security 

• Microsoft Defender 

• Microsoft Sentinel 

• Azure AD 

• PowerShell 

• Azure Virtual Desktop & Windows 365. 

Here are my highlights from day two: 

• In his presentation ‘Inside Windows Autopilot’, Michael Niehaus provided a deep dive on Autopilot, focusing on its components and services. He finished by providing some useful information on the different ways of importing hashes and explaining why only the endpoint manager portal should be used on an ongoing basis. 

• The session on ‘Microsoft Endpoint Manager and the future of management’ by Matt Call and Dilip Radhakrishnan was by far the highlight of the day. Those who attended were lucky enough to see ‘Endpoint Privilege Management’ in action. There is no doubt this will be a game-changing technology for enabling the removal of the last local admins within your environment. We understand a few apps need to elevate when compiling code, and some developers have a business justification to install/remove new software. Thanks to these new features, it’s now possible to achieve this based on multiple variables and without always enabling admin privileges. It was also great to see just how aligned Microsoft and Devicie are when it comes to the goals of endpoint management: To power better user experiences, protect the hybrid workforce and to simplify endpoint management. 

• Michael Niehaus delivered another standout presentation on ‘How does MDM management work across platforms?’. In this session, Michael delved into the past to try to see how MDM works on all the main platforms (Windows, macOS, Android and iOS). Of course, it was different across the board: While Windows uses an XML/Soap-based approach, Apple (macOS, iOS and ipadOS) uses XML-based PLISTs while Android is based on JSON payloads. This was a great session with insights about the provisioning solutions of each player (Autopilot, DEP and Android Zero Touch). 

• Another eye-catching session was ‘Say Hello to Cloud Trust’ by Michael Mardahl and Ben Whitmore. This presentation focused on how easy is to enable cloud trust as well as the benefits that allow Windows Hello for Business identities to seamlessly access on-prem resources. The session also looked at its pitfalls, such as the limits on the number of users using the same device with WHFB and the fact that when you remove the RODC objects from On-Prem AD you might need to wait some time before re-creating it due to replication. 

• The presentation ‘Discover new ways of software deployment on Windows’ by Lothar Zeitler, Cristina Osorio Valenzuela and Nina Desnica was also a goodie, providing a sneak peek on the new Microsoft store and the role of Winget (Windows Package Manager CLI). This technology is expected to roll out before March 2023, when the current store will be decommissioned. 

• Next in line was ‘Beyond passwords – securing your identities in Microsoft 365,’ where Jan Ketil Skanke and Sandy Zeng discussed best practices to eradicate the use of passwords. They also shared a useful resource from Microsoft to help define personas for conditional access. 

• Wrapping up the busiest conference day was the ‘Ask me anything’ session with all Microsoft Program Managers. We heard some good news, including how the macOS bootstrap token is coming along with macOS Ventura, which will allow admins to silently deploy macOS updates to devices. On the provisioning side we heard about some long-awaited features that will be coming, as support for installing and tracking quality updates and app ordering for ESP is also in the works. 

Tuesday was an unusually long day, totalling 12 hours of learning time, but all the amazing sessions and speakers made it go flying. Being able to connect and discuss issues with so many Microsoft Program Managers was reassuring and a good demonstration of how engaged Microsoft is with the community. 

Devicie and Microsoft have a synergistic relationship. Learn how we work together to make end-user device management seamless and secure.