I did all the configuration at the front end (In Intune console) required for device enrollment and successfully enrolled the device. what will happen at the backend at the server level? what objects get created? how the API calls flow and how the intune services work at the backend.
Could anyone provide a detailed description or related document?
The best read would be Oliver Kieselbach's post https://oliverkieselbach.com/2019/07/18/intune-policy-processing-on-windows-10-explained/ or the links in this document https://docs.microsoft.com/en-us/windows/client-management/mdm/ . It is quite a broad question.
Basically, I faced this question in "Microsoft Interview". The interviewer asked me to explain "what will happen at backend at server level when we enrolled a device" I tried to explain about AAD ID creation and flow of push notification but he refused and asked to explain the server-level flow.
Lost my Interview!
@MohammadIsmailSikandar-1879 Thanks for posting in our Q&A.
For objects created, the device objects will be added into Azure AD and Intune after device enrollment. Here is the one in my environment:
The device object in Azure AD portal:
The device object in intune portal:
For API calls flow and intune service flow, based on my research, it is not recorded in our official articles. I only find the following articles for the reference.
https://docs.microsoft.com/en-us/mem/intune/developer/intune-graph-apis
https://docs.microsoft.com/en-us/graph/api/resources/intune-graph-overview?view=graph-rest-beta
If you are interested in it, maybe you can consider contacting our Premier support to get more information:
https://www.microsoft.com/en-us/msservices/premier-support
Thanks for understanding and have a nice day.
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
I am looking for server-level information, what will happen at sever when we enrolled a device and did the global admin have access to the MDM server.
@MohammadIsmailSikandar-1879 Thanks for response.
Based on my experience, for MDM solution as Intune, we didn’t call “MDM Server” .It is a cloud-based service and can provide mobile device management(MDM) and MAM. When we enroll a device, we can check it in the Intune portal which is called “Microsoft endpoint manager admin center”,
For the global admin account, it has permission to manage who has access to organization's resources. We can read the following article as a reference.
https://docs.microsoft.com/en-us/mem/intune/fundamentals/role-based-access-control
Hope the above information can help.
Thanks for taking your time and helping with the above details
Basically, I faced this question in "Microsoft Interview". The interviewer asked me to explain "what will happen at backend at server level when we enrolled a device" I tried to explain about AAD ID creation and flow of push notification but he refused and asked to explain the server-level flow.
Lost my Interview!
@MohammadIsmailSikandar-1879 I'm sorry to hear that. If you have any other problem in the future, feel free to post in our Q&A.
5 people are following this question.
