Over the past year or so, Microsoft has been releasing Test Lab Guides for many of their technologies. In essence, Microsoft has performed significant work implementing their own technologies and then producing detailed documents to share the experience. The docs not only allow you to implement the same technologies in your own testing environment, but they also give you a unique understanding of potential gotchas and the breadth of work required to bring the technologies to life within your infrastructure.

The BYOD Test Lab Guides have been around for a bit, but they have just been updated to version 1.1 to include new areas of coverage.

Here's what's available today:

Base Configuration– Covers the setup of the core infrastructure including network and services like Active Directory, and PKI in order to later allow viable access to the internal network from a Windows 8 non-domain joined computer, a Microsoft Surface, iPad and Android tablets all through a Wi-Fi connection.

File Access depending on device status and user authentication strength– Describes, for the aforementioned different types of BYOD devices, a suitable implementation to provide selective file sharing access on a file server depending on both the level of confidence of the device, and the strength of authentication. The suggested implementation relies on the Authentication Assurance Mechanism, Virtual Smartcard, and Dynamic Access Control (DAC) technologies.

Exchange Messaging with Data Protection– Focusses on how to access an Exchange 2013 messaging system with email protection on the internal corporate network from a Windows 8 non-domain joined computer, a Microsoft Surface − Windows RT −, an iPad, and an Android tablet. The Exchange Active Sync (EAS) with Information Right Management (IRM) is leveraged for that purpose.

Data Classification and encryption– Details how to classify and protect sensitive data on a file server (wherever it goes) by leveraging the DAC technology along with an Active Directory Right Management Server (AD RMS) infrastructure for information protection and control (IPC) as well as a selective access for BYOD devices as implemented in the TLG 2: File Access.


NOTE:The Windows Intune document is still pending and will be released in the next revision of the docs.

Download the updated docs: Bring Your Own Device (BYOD) Test Lab Guides - Series v1.1