Prerequisites for Microsoft Managed Desktop
This article outlines the infrastructure requirements you must meet to assure success with Microsoft Managed Desktop.
|Licensing||Microsoft Managed Desktop requires the Microsoft 365 E3 license with Microsoft Defender for Endpoint (or equivalents) assigned to your users.|
|Connectivity||All Microsoft Managed Desktop devices require connectivity to numerous Microsoft service endpoints from the corporate network.
For the full list of required IPs and URLs, see Network configuration.
|Azure Active Directory||Azure Active Directory (Azure AD) must either be the source of authority for all user accounts, or user accounts must be synchronized from on-premises Active Directory using the latest supported version of Azure AD Connect.|
|Authentication||If Azure AD isn't the source of primary authentication for user accounts, you must configure one of the following authentication methods in Azure AD Connect:
When setting authentication options with Azure AD Connect, password writeback is also recommended. For more information, see Password writeback.
If an external identity provider is implemented, you must validate the solution:
For more information on authentication options with Azure AD, see Azure AD Connect user sign in options.
|Microsoft 365||OneDrive for Business must be enabled for Microsoft Managed Desktop users.
Though it isn't required to enroll with Microsoft Managed Desktop, we highly recommended that the following services be migrated to the cloud:
|Data backup and recovery||Microsoft Managed Desktop requires files to be synced to OneDrive for Business for protection. Any files not synced to OneDrive for Business aren't guaranteed by Microsoft Managed Desktop. The files might be lost during device exchanges or support calls requiring a device reset.
Though not required, Microsoft Managed Desktop strongly recommends migration from mapped network drives to the appropriate cloud solution. For more information, see Prepare mapped drives for Microsoft Managed Desktop
When you're ready to get started with Microsoft Managed Desktop, contact your Microsoft Account Manager.
More about licenses
Microsoft Managed Desktop requires certain license options in order to function. See Microsoft Managed Desktop technologies for information about how these licenses are used.
To assign these license options to specific users, we recommend that you take advantage of the group-based licensing feature of Azure Active Directory.
- Azure Active Directory Premium P1
- Microsoft Intune
- Windows 10 Enterprise
- Microsoft Defender for Endpoint
- Microsoft 365 Apps for enterprise
- Microsoft Teams
- SharePoint Online Plan 2
- Exchange Online Plan 2
Your Microsoft Account Manager will help you review your current licenses, service plans, and find the most efficient path for you to get any additional licenses or service plans you might need, while avoiding duplication.
Steps to get ready for Microsoft Managed Desktop
- Review prerequisites (this article).
- Run readiness assessment tools.
- Buy Company Portal.
- Review prerequisites for guest accounts.
- Check network configuration.
- Prepare certificates and network profiles.
- Prepare user access to data.
- Prepare apps.
- Prepare mapped drives.
- Prepare printing resources.
- Address device names.