Prepare - Cloud connected Guide
By the end of this article you will have set up Azure AD, MDM, and understand more about using Azure AD accounts and network requirements. This section of the guide will help you and your organization get prepared to deploy HoloLens 2 to the cloud and use Dynamics 365 Remote Assist. It will go over the importance of each piece of your infrastructure as well as providing links to guides to help you set up those pieces as needed.
For both personal and corporate deployment scenarios, an MDM system is the essential infrastructure required to deploy and manage Windows 10 Holographic devices. An Azure AD premium subscription is recommended as an identity provider and required to support certain capabilities.
Azure Active Directory
Azure AD is a cloud-based directory service that provides identity and access management. Organizations that use Microsoft Office 365 or Intune are already using Azure AD, which has three editions: Free, Premium P1, and Premium P2 (see Azure Active Directory editions.) All editions support Azure AD device registration, but Premium P1 is required to enable MDM auto-enrollment which we will be using in this guide later.
It is essential to have an Azure Active Directory as HoloLens devices do not support on-premises AD join. If you don't already have an Azure Active Directory set up, go to Create a new tenant in Azure Active Directory.
Employees can use only one account to initialize a device so it's imperative that your organization controls which account is enabled first. The account chosen will determine who controls the device and influence your management capabilities.
In this guide we have chosen that for the Identity used we will use Azure AD accounts, or Azure Active Directory accounts. There are several benefits to Azure AD accounts we would like to use, such as:
- Employees use their Azure AD account to register the device in Azure AD and automatically enroll it with the organization's MDM solution (Azure AD+MDM – requires Azure AD Premium).
- Azure AD accounts support Single Sign On. When a user signs into Remote Assist, their Identity from the signed in Azure AD user will be recognized and the user will be signed into the app for a streamlined experience.
- Azure AD accounts have additional authentication options via Windows Hello for Business. In addition to Iris log-in users can sign in from another device or use FIDO security keys.
Mobile Device Management
Microsoft Intune, part of the Enterprise Mobility + Security, is a cloud-based MDM system that manages devices connected to your tenant. Like Office 365, Intune uses Azure AD for identity management, so employees use the same credentials to enroll devices in Intune that they use to sign into Office 365. Intune also supports devices that run other operating systems, such as iOS and Android, to provide a complete MDM solution. For the purposes of this guide, we'll be focusing on using Intune for enabling a cloud deployment at scale with HoloLens 2.
It is essential to have Mobile Device Management. If you don't already have it set up follow this guide and Get started with Intune.
Multiple MDM systems support Windows 10 and most support personal and corporate device deployment scenarios. MDM providers that support Windows 10 Holographic currently include: AirWatch, MobileIron, and others. Most industry-leading MDM vendors already support integration with Azure AD. You can find the MDM vendors that support Azure AD in Azure Marketplace.
In this setup, we anticipate HoloLens 2 devices connecting to the Internet from any available open Wi-Fi network. Since a user could need to change the network connection based on location, they should learn how to connect HoloLens devices to Wi-Fi.
For Dynamics 365 Remote Assist there are a variety of network conditions, including bandwidth, latency, jitter, and packet loss, that can impact your video calling experience. Although audio and video calls might be possible in environments with reduced bandwidth, you might experience feature degradation. When using Dynamics 365 Remote Assist on HoloLens here are the network requirements to keep in mind:
Minimum : 1.5 Mbps up/down is required for peer-to-peer HD quality video calling with resolution of HD 1080p at 30 fps.
Optimal: For peer-to-peer HD quality video calling with resolution of HD 1080p, 4-5 Mbps up/down should be expected.
Optional: Connect your HoloLens to VPN
The devices being connected into this guide are going to connect to the network via and external cloud network. It may be that to access company resources you'll need to connect your devices via VPN. There are several different ways to connect your devices to VPN, both where the end user can connect via using the device UI, or the devices can be managed and receive the VPN profile from either a PPKG or MDM. How to set up VPN won't be covered in this article, so if you'd like to learn more about the different VPN protocols or ways to manage VPN visit these guides for information on HoloLens and VPN.
Submit and view feedback for