Masterclass Description

Don’t miss the opportunity to join an advanced, technical training presented by a true Microsoft Intune dream team. Rudy Ooms, Ben Whitmore, Michael Niehaus, Andrew Johnson, and Johan Arwidmark invite you to a deep dive into the inner workings of Microsoft Intune, covering more than 15 highly focused sessions packed with live troubleshooting, real-world diagnostics, and advanced technical insight.

In this 3-day LIVE Online Training, you will go far beyond basic configuration. Instead, you will explore how Intune actually works behind the scenes, how data flows from cloud to device, where problems originate, and how to systematically diagnose and resolve complex management issues. If you want to truly understand, troubleshoot, and operate Microsoft Intune at an expert level, this training is for you.

This LIVE Online Training is unique in important ways. It has been developed by some of the world’s leading Intune experts and is built on years of real-world enterprise experience. The course focuses on internals, behavior, and root-cause analysis. All demonstrations use the current cloud-delivered version of Microsoft Intune and the latest supported Windows platforms, reflecting real-world enterprise environments.


Hands-on-Labs
In this Masterclass, significant time is dedicated to hands-on troubleshooting labs and guided exercises. These labs are based entirely on real-life scenarios and authentic production challenges. You will investigate broken enrollments, failed deployments, non-compliant devices, and policy conflicts. Along the way, you’ll learn proven techniques to trace issues from initial symptoms to root cause.

Added Bonus
One of the highlights of this LIVE Online Training is that you will receive access to all sample scripts, tools, diagnostic methods, and resources used throughout the course. You will also be provided with guidance and material to build your own dedicated Intune troubleshooting lab environment, allowing you to continue practicing long after the class has ended.


This LIVE Online Training is for YOU if you want to:

  • Understand how Microsoft Intune works at an internal level
  • Confidently troubleshoot complex Intune issues
  • Diagnose enrollment, compliance, and deployment failures
  • Build repeatable troubleshooting workflows
  • Automate diagnostics and remediation using PowerShell and Graph
  • Strengthen operational control of your managed endpoints
  • Move from “Intune admin” to “Intune specialist”

...and so much more!

This LIVE Online Training runs for three days and includes:

  • Daily live training sessions with deep technical content
  • Extensive real-world troubleshooting demonstrations
  • Dedicated hands-on lab time
  • A community of professionals sharing the same technical goals
  • A private discussion group for peer collaboration and knowledge sharing
  • Direct access to ask the presenters questions in a live environment


Prerequisites

This Masterclass is designed for those who already support or operate Intune in production and are looking to move beyond configuration into deeper analysis, troubleshooting, and operational mastery.

In addition to working in an Intune environment, participants should have:

  • Solid understanding of networking fundamentals, including TCP/IP, DNS, and basic troubleshooting concepts
  • Working knowledge of Active Directory and Entra ID concepts such as device join types, authentication flows, and identity signals
  • Practical experience managing Windows 10/11 devices
  • Hands-on experience working with Microsoft Intune, including creating and deploying policies, applications, and compliance settings.
  • Basic to intermediate PowerShell experience, including reading and modifying scripts

Masterclass Schedule

Date and start time for the next Masterclass:

  • April 13-15, 2026, 9:00 AM - 4:30 PM Central Time (US and Canada)

Note: The live sessions of the Masterclass will be recorded and made available for participants to view.

Sign Up Today!



Masterclass Outline

Module 1: Intune Service Architecture Deep Dive

  • Intune Control Plane vs. Data Plane
  • Microsoft Graph as the Backbone
  • Intune Policy Object Lifecycle
  • Device Communication Flow Diagram
  • MDM Channel vs. IME Channel


Module 2: Device Check-in and Sync Engine

  • Device Registration vs. Enrollment
  • Full Sync vs. Delta Sync
  • Scheduled vs. Triggered Sync
  • Token Lifecycle and Renewal


Module 3: Client-side State and Storage

  • Registry Locations Used by Intune
  • Local SQLite Databases
  • CSP Processing and Result Storage
  • Troubleshooting State Mismatch


Module 4: Conflict Resolution and Policy Precedence

  • User vs. Device Targeting
  • Multiple Configuration Sources
  • MDM vs. GPO vs. Security Baselines
  • How to Determine Effective Policy when No True RSoP Exists


Module 5: Enrollment Failures

  • Failed Entra ID Joins
  • ESP Failures
  • Token and Certificate Issues
  • Event Logs and Diagnostic Scripts
  • Error Code Breakdown


Module 6: Application Deployment Failures

  • Win32 App Lifecycle
  • Content Distribution Process
  • Common Failure Codes
  • IME Troubleshooting


Module 7: Policy and Compliance Failures

  • Non-Compliant Device Scenarios
  • Health Attestation Issues
  • Conditional Access Signal Tracing


Module 8: Update, Feature, and Driver Deployment Issues

  • WUfB Behavior Model
  • Feature Update Rings Gone Wrong
  • Safeguard Holds and Conflicts


Module 9: Endpoint Security Troubleshooting

  • Defender Policy Misalignment
  • Firewall Profile Issues
  • Disk Encryption Conflicts
  • Unexpected State Drift


Module 10: Microsoft Graph Deep Dive for Intune

  • Reading Intune Data via Graph
  • Modifying Policies Programmatically
  • Auditing Changes
  • Throttling and Batching


Module 11: Observability and Log Analytics

  • Intune Monitoring
  • Azure Log Analytics Workspace
  • Custom Alerting Strategies
  • Query Design


Module 12: Co-Management and Hybrid Scenarios

  • Intune and ConfigMgr (SCCM) Overlap
  • Workload Transition Issues
  • Troubleshooting Hybrid Drift


Module 13: Response Automation

  • Non-Compliance Auto-Remediation
  • Integration with Power Automate
  • Incident-based Remediation Workflows


Module 14: Windows Autopilot Troubleshooting

  • Autopilot Architecture and Deployment Flow Breakdown
  • ESP Behavior, Timeouts, and Blocking Applications
  • Failed Profile Assignment and Incorrect Targeting
  • Device Identity, Hardware Hash, and ZTD ID Issues
  • Pre-Provisioning (White Glove) Failures and Reseal Problems
  • Network, Proxy, and Firewall Impact during OOBE
  • Critical Autopilot Log Analysis and Interpretation


Module 15: Diagnostics Collection Deep Dive

  • Intune Diagnostics Feature Overview, Limitations, and Supported Scenarios
  • What Happens behind the Scenes when Diagnostics Are Triggered
  • Device-side Data Collection Process and Data Flow to Intune
  • Structure of the Diagnostics ZIP Archive
  • Key Log Files and Folders inside the Diagnostic Package
  • Understanding IME, MDM, Autopilot, and Event Log Data in the Archive 
  • Common Failure Patterns Revealed through Diagnostics Collection

Masterclass Instructors

Johan Arwidmark

Johan Arwidmark is a consultant, author, speaker, and all-around geek specializing in Enterprise Windows Deployment Solutions and Systems Management. Johan speaks at several conferences each year, including MMS and Ignite around the world. He is also actively involved in the deploymentresearch.com community, and he has been awarded Microsoft Most Valuable Professional (MVP) since 2005. Johan is known for his energetic and humorous style, tackling complex concepts using simple "Real World" scenarios and lots of live demos. His areas of expertise include Enterprise Windows Deployment Tools and Management Systems: Intune, MDT, WinPE, WDS, and ConfigMgr (SCCM).

Johan Arwidmark

Technical Fellow

Andrew Johnson

Andrew has served in various technical and leadership roles in IT for over 15 years, spending most of his time in higher education. He's always looking for new ways to perform tasks more efficiently and share knowledge with others. His three favorite technology areas are Endpoint Management, Automation, and Monitoring. When he's not working with tech - professionally or in his home lab - you'll likely find him building the latest Star Wars LEGO set with his family. If you'd like to chat ConfigMgr, Intune, Azure AD, Office 365, Disney World or Star Wars, you can always find him on Twitter, @AndrewJNet.

Andrew Johnson

Solutions Architect, ADM Solutions

Michael Niehaus

Michael Niehaus is a Program Director and Master Inventor at 2Pint Software, working on device management and OS deployment technologies. Previously, Michael spent 16 years at Microsoft working on MDT, Windows as a Service, Windows Autopilot, and related management and deployment technologies. Prior to that, he spent 14 years working as an IT pro.

Michael Niehaus

Program Director and Master Inventor, 2Pint

Rudy Ooms

Rudy Ooms is a content creator at Patch My PC, focused on Windows, Intune, and Autopilot. He spends most of his time breaking down how things really work under the hood, from Autopilot enrollment flows to recovery mechanisms, and turning those findings into clear technical deep dives on Patch My PC and Call4Cloud. Before that, he worked hands on in enterprise environments, solving the kind of problems that never show up in documentation but always show up in the real world.

Rudy Ooms

Senior Endpoint Architect and Content Creator

Ben Whitmore

Ben Whitmore is a Microsoft MVP in Enterprise Mobility and a Systems Architect with PatchMyPC. He actively works in the community sharing his knowledge, hosting user groups and presenting. He is a contributor at https://MSEndpointMgr.com and runs his own blog https://byteben.com Ben has worked in the IT industry for over 20 years and has a strong focus on Microsoft technologies and a passion for innovation and automation.

Ben Whitmore

Systems Architect, PatchMyPC