Intune Learning for ConfigMgr Admins | Endpoint Manager

ConfigMgr Admins Let’s start learning Intune. In this post, I will cover Intune Learning for ConfigMgr Admins. Microsoft Intune and ConfigMgr are part of the Endpoint Manager Product group. Both are part of modern device management solutions from Microsoft.

My recommendation to the SCCM admin is to start learning Microsoft Intune. This is because the Configuration Manager is tightly integrated with Intune and Azure. Tenant attach is one of the features within SCCM. This feature helps admins to manage devices managed by on-prem ConfigMgr servers from the Intune console.

Intune Server Infra at Microsoft Data Center (Azure) - Pic credit to Microsoft - Intune Learning ConfigMgr Admins
Intune Server Infra at Microsoft Data Center (Azure) – Pic credit to Microsoft – Intune Learning ConfigMgr Admins

I have a series of posts to explain the difference between SCCM and Intune administration and architecture. Check out those posts:

  1. Microsoft Intune for SCCM Admins Part 1 (the video post here)
  2. Microsoft Intune for SCCM Admins Part 2

Introduction to Microsoft Intune for Beginners

I don’t think SCCM will go away for another 5-6 years. Instead, the difference between Intune and ConfigMgr will be blurred more, and more in the coming years with the features like tenant attach.

Patch My PC

This is why Brad Anderson mentioned that the truth is really simple: MEM means ConfigMgr has eternal life.

i’ve been asked a couple times today if Microsoft Endpoint Manager means the death of #ConfigMgr
honestly, the truth is really simple: MEM means ConfigMgr has eternal life!#MSIgnite pic.twitter.com/AeMp5eGxa7

— Brad Anderson (@Anderson) November 4, 2019

This post would be useful for Intune newbies. The latest Intune posts are available https://www.anoopcnair.com/intune/

What is Microsoft Intune and How is it different?

Intune is an enterprise mobility management (EMM) solution from Microsoft. The EMM provider helps to manage mobile devices, network settings, and other mobile services and settings.

Microsoft Intune is nothing but a combination of Device, Application, Information Protection, Endpoint Protection (antivirus software), and Security/Configuration policy management solution (SaaS) facilitated by Microsoft in Cloud.

Take Free Intune Subscription

Let’s check the Quickstart: Try Microsoft Intune for free

What are the Management Options in Intune?

Intune can manage macOS, Android, iOS, and Windows devices via MDM (Mobile Device Management) channel. The different Microsoft Intune Enrollment options are explained in the following post. 

https://microscott.azurewebsites.net/2018/08/31/managing-windows-10-with-intune-the-many-ways-to-enrol/

Intune Learning ConfigMgr Admins
Published by scott – Intune Learning ConfigMgr Admins

What is Modern Workplace OSD Replacement (Windows AutoPilot)?

Not really 🙂 But Autopilot is the enrollment service provided by Microsoft from the cloud. We have more posts related to Windows Autopilot in the following link. 

https://www.anoopcnair.com/windows-autopilot/

How to Start Using Intune Portal?

Intune portal (console) is part of the Microsoft Endpoint Manager. Let’s learn more about EndPoint Portal – Intune Admin Related Activities.

EndPoint Portal Walkthrough Stop Using Azure Portal for Intune Admin Related Activities
MEM Portal -Intune Learning ConfigMgr Admins

What are the Intune Team Roles & Responsibilities?

In a high-level following are the roles and responsibilities of Intune team. Some parts of it have the involvement of Azure AD and other teams of the organization.

Understanding the roles and responsibilities will help the IT Pros to understand, How Intune works? And How Intune will be deployed within the organization? More details are available in my previous post “Intune Team’s Roles and Responsibilities.”

Setting up a team is also part of Learn Microsoft Intune process.

User Management
Application Creation and Deployment/Assignment
Service Administration
Mobile Application Management
Device/Profile Management
Conditional Access
Company Resource Access
Software Update Management

What is MDM Authority?

Setting up a mobile device management authority is an important first step before starting working with Intune. The Mobile Device Management (MDM) authority determines where you will perform mobile device management tasks.

Intune Learning ConfigMgr Admins
What is MDM Authority – Intune Learning ConfigMgr Admins

Monthly or Weekly Updates Of Intune

Let’s find more details about 📌Intune Monthly or Weekly Updates 📌Intune Features in Development 📌Intune Case Studies 📌Devices Node 📌Different Platforms – Windows, Android, iOS, and macOS.

Mobile App Mgmt without Enrollment (MAM)

Microsoft Intune supports MAM without enrollment (MAM WE) and Conditional Access policies for Android devices. There are two types of management options for Windows, Android, and iOS devices with Intune.

The first one is the traditional way of MDM management and the second method of management is the light management of apps that are installed on Android, iOS, and Windows devices via Intune.

BYOD devices are suitable for MAM WE type of Intune management. Intune can also have Conditional Access policies assigned to MAM users.

For example, if a consultant’s device has already enrolled in a 3rd part EMM solution, but he wanted to have access to the client’s corporate email access on his mobile device for a very short period then, The “MAM WE” is the best option for that consultant.

I have a post about MAM WE “How to Enable Intune MAM without Enrollment along with Conditional Access.”

Updated List of Microsoft Intune MAM protected apps – https://docs.microsoft.com/en-us/intune/apps-supported-intune-apps

Intune and macOS Device Management

Intune natively supports Mac Device management. But, the Intune Mac device support is improved a lot. More details What happens if you install the Company Portal app and enroll your macOS device in Intune?

Jamf is the one third-party solution that Microsoft advised all the organizations to look into if they are looking for more deep-level management of Mac Devices with Intune.

Learn to Troubleshoot Intune Issues

Intune troubleshooting is made easy in the MEM portal. It’s recommended to start with the “Microsoft Intune – Help and support” page in the MEM Admin center portal whenever you face any issue with Intune.

I have a post where I discussed “Start Troubleshooting Intune Policy Deployment Issues from Intune“. More details in the Video experience here.

Intune Learning ConfigMgr Admins
Intune Learning ConfigMgr Admins

Intune Training Playlist

Intune Training Courses

Let’s check the Microsoft learn courses Simplify device management with Microsoft Endpoint Manager & Introduction to Microsoft 365 unified endpoint management.

Learn about modern device management and the Microsoft Endpoint Manager (Intune + SCCM/ConfigMgr) and how the business management tools in Microsoft 365 can simplify the management of all your devices.

Learning objectives

Upon completion of this module, the learner will be able to:

  • Explain modern device and application management concepts
  • Explain the value of the Microsoft Endpoint Manager (MEM) including Microsoft Intune and ConfigMgr
  • Describe how Autopilot can help streamline new device acquisition and setup

Resources

Author

Anoop is Microsoft MVP! He is a Solution Architect in enterprise client management with more than 20 years of experience (calculation done in 2021) in IT. He is a blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. E writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc…

3 thoughts on “Intune Learning for ConfigMgr Admins | Endpoint Manager”

  1. Hello,
    I would like to clarify following topics as I’m still not sure what is possible only by using SCCM and what is possible by using Autopilot.

    – SCCM allows usage of customized OS deployment images assigned to users or computers
    – Autopilot just customize and add domain connectivity for already installed OS or not?

    I’m asking because I need to ship computers for new hired users working from day one at HO and want to know what Autopilot can do. Is it just settings configuration (language, input locale, keyboard), join the computer into AAD domain or is it capable to deploy customized OS image to the machine without need to be done in the office with corporate network connectivity.

    I saw some articles for Autopilot articles which mentioned that user will power the computer, connects it to network (ethernet or WiFi) and join with AAD credentials and than Domain Controler connectivity is needed to start Autopilot enrollment process.
    My question is how this can be achieved when user get standard OS deployed by manufacturer and without any VPN SW when not sitting in corporate office?

    Thank you for answering and/or explaining me possible solutions.
    With best regards
    Martin

    Reply

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.