Foundational Architecture & Design
Core architectural principles for CMMC/NIST compliance, Zero Trust, and defensible Intune configuration.
Provisioning with Windows Autopilot
Provisioning with Windows Autopilot for Entra Join and Hybrid Join
Entra Join (The Cloud-Only Path)
Cloud-Only Deployment using Entra Join
Hybrid Deployment (The Transition Path)
Hybrid Deployment (The Transition Path)
Windows Hello for Business Setup & Troubleshooting
Windows Hello for Business setup and troubleshooting for Entra Join and Hybrid Join
Scenario: AVD — Dedicated Sovereign Tenant
Scenario: AVD — Dedicated Sovereign Tenant — deploying AVD in a separate GCC High tenant for organizations that are not migrating their primary tenant
Scenario: AVD — Enclave in Existing Tenant
Scenario: AVD — Enclave in Existing Tenant — using device extension attributes, Conditional Access, and DLP to enforce isolated CUI management within a GCC High tenant you already own
Scenario: Shared PC Mode
Scenario: Shared PC Mode
Scenario: Migrating to Entra Join
Scenario: Migrating existing domain-joined or Hybrid Joined machines to Entra Join while preserving user profiles
Scenario: AVD — Privileged Admin Workstation
Scenario: AVD — Privileged Admin Workstation — using managed identities and phishing-resistant AVD sessions for zero-credential administrative operations