Windows 10 provides an enterprise management solution to help IT pros manage company security policies and business applications, while avoiding compromise of the users’ privacy on their personal devices. A built-in management component can communicate with the management server.
There are two parts to the Windows 10 management component:
- The enrollment client, which enrolls and configures the device to communicate with the enterprise management server.
- The management client, which periodically synchronizes with the management server to check for updates and apply the latest policies set by IT.
Third-party MDM servers can manage Windows 10 by using the MDM protocol. The built-in management client is able to communicate with a third-party server proxy that supports the protocols outlined in this document to perform enterprise management tasks. The third-party server will have the same consistent first-party user experience for enrollment, which also provides simplicity for Windows 10 users. MDM servers do not need to create or download a client to manage Windows 10. For details about the MDM protocols, see [MS-MDM]: Mobile Device Management Protocol and [MS-MDE2]: Mobile Device Enrollment Protocol Version 2.
Learn about device enrollment
- Mobile device enrollment
- Federated authentication device enrollment
- Certificate authentication device enrollment
- On-premise authentication device enrollment
Learn about device management
- Azure Active Directory integration with MDM
- Enterprise app management
- Device update management
- Enable offline upgrades to Windows 10 for Windows Embedded 8.1 Handheld devices
- OMA DM protocol support
- Structure of OMA DM provisioning files
- Server requirements for OMA DM
- Enterprise settings, policies, and app management