Skip to the main content.

1 min read

Success Story: Lock down Zebra devices using Microsoft Endpoint Manager (Intune)

Success Story: Lock down Zebra devices using Microsoft Endpoint Manager (Intune)

A company that sells and services communication devices had an upcoming Microsoft Dynamics Enterprise Resource Planning (ERP) deployment planned for the following week, but they overlooked one important detail. They needed to lockdown the new Zebra Technologies devices that they would be using to scan inventory barcodes into their ERP system. These devices would be used in their warehouse for inventory tracking, but they didn’t want employees using them to download games/apps or browsed the web. The customer was referred to us by one of our partners and needed assistance quickly. They had registered the devices in Microsoft Endpoint Manager (Intune), but they were having trouble applying the appropriate policies to lock them down to be a purpose-driven device.

 

We were able to get one of our Principle Consultants engaged quickly to evaluate the customer’s current Intune environment and recommended using Android Enterprise dedicated devices. Device enrollment needed to be quick and easy, so we leveraged the QR code for swift setup and Azure AD Dynamic Device groups to apply all the policies that were created. The customer needed a locked down menu, so we utilized a multi-app kiosk configuration profile and the Managed Home Screen settings of Microsoft Intune to achieve this. The final request was to lock down Google Chrome for Android, so we used Intune App Configuration policies to limit browsing to only corporate ERP system sites.

 

There were a couple of gotchas that we had to overcome:

  1. All apps for devices in Enterprise-Dedicated Mode must be deployed as Required, as well as be from the Managed Google Play Store. Web links must also be from the Managed Google Play Store, and can only be edited in that way. Editing managed links in Intune will not alter the URL, icon, etc.
  2. The barcode scanner application was part of the factory OS image, so an Android Enterprise system app had to be created.

 

Kudos to the team for helping this customer on very short notice! We enabled them to meet their Go-Live date for their ERP deployment. It’s always great when we can enable one of our customers to meet their business goals, even if it is short notice!

 

In a future blog we will provide some additional guidance on how we registered the devices and set some of these policies. Or if you need help, contact us!

Microsoft Q2 2024 Licensing Updates

Microsoft Q2 2024 Licensing Updates

Microsoft continues to deliver a stream of thrilling announcements throughout 2024!

Understanding FinOps: The Key to Financial Efficiency in Cloud Computing

Understanding FinOps: The Key to Financial Efficiency in Cloud Computing

As businesses increasingly rely on cloud computing to scale, innovate, and remain competitive, managing and optimizing cloud costs effectively...

Microsoft Announces Partner-to-Partner NCE Subscription Transfers: Why CloudServus is Your Ideal CSP Partner

Microsoft Announces Partner-to-Partner NCE Subscription Transfers: Why CloudServus is Your Ideal CSP Partner

Microsoft has announced a significant update to its Cloud Solution Provider (CSP) program: the introduction of partner-to-partner (P2P) subscription...