Intune Teams Roles Responsibilities

In this post, I will discuss Intune Modern Device management roles and responsibilities. I think the first version of Intune is released back in 2011 (or before that), but the large scale adoption of Microsoft Intune started since last two years.
I thought it’s better to spend some time on defining Intune modern device management job roles within an organisation. This post will help to create a baseline for Microsoft Intune R & R for your organisation. In this post, we will see “Intune Teams Roles Responsibilities”.
Modern device management roles are similar to SCCM/ConfigMgr roles but not exactly same. As a starting point, we can take some of the job roles from SCCM and then expand that list to produce more comprehensive modern device management related roles and responsibilities. This will also help to build Intune modern device management teams within your organisation.
Intune Teams Roles Responsibilities
Following are Intune team’s Roles are responsibilities of Intune/AAD/Device management in high level. I have segregated these roles and responsibilities depending on each feature of Intune. As per the requirement of your organisation you can segregate these in to different support organisations. Maybe some of the tasks can be completed by Intune L1/L2 teams within your organisations. However, some tasks require more technical skills and that kind of tasks would be handled by Intune/Device Management L3 teams.

What are Intune Team’s Roles and responsibilities?

Overall I will segregate Intune roles in to two(2). I have a Intune RBAC post that will help you to understand the security permissions needed for each roles.

  1. Intune Help Desk – First level support
  2. Intune Admin – Second or Third Level Support

More granular roles and permissions which can help you to define Intune RACI matrix for your organisation.

User Management
Application Creation and Deployment/Assignment
Service Administration
Mobile Application Management
Device/Profile Management
Conditional Access
Company Resource Access
Software Update Management
Intune/AAD – User Management
  1. On boarding of users (On boarding process will be different for each organizations)
  2. User Licenses (Assigning licenses can be automated in near future)
  3. Create, edit or delete Azure Active Directory (AAD) user/Device groups
  4. Create, edit or delete Azure Active Directory Dynamic user/Device groups

Intune Teams Roles ResponsibilitiesIntune/AAD – Application Creation and Deployment/Assignment

  1. Upload and Configuring LOB applications (Windows, iOS and Android)
  2. Upload and Configuring Store applications (Windows, Apple and Google )
  3. Deploy LOB applications to a computer/mobile devices (iOS, WP and Android)
  4. Deploy Store applications to a mobile devices (Windows 10, iOS, WP and Android)
  5. Deploy LOB/Store applications to group of users (AAD user groups)
  6. Monitor application deployment status

Intune Teams Roles Responsibilities 2

Intune – Service Administration

  1. Subscriptions and licenses
  2. Apple APN cert Management (Once in a year – Use generic mail box to create APN certs)
  3. Reset mobile device authority (In case if you want to change MDM authority)
  4. Provisioning
  5. Domain Management
  6. Role Based Access controls (RBAC) assignments for different Intune roles
  7. Android for Work – configure and setup A4W device management
  8. Device settings configuration to enable Azure AD join (for Windows 10 devices)
  9. MDM auto enrollment configurations (for Windows 10 devices)
  10. Company portal Branding
  11. Terms and Conditions setup
  12. Windows Hello for Business
  13. Enrollment Restriction Rules
  14. Service availability
  15. Alerts and notifications
  16. Reporting – Power BI and OMS

Intune Teams Roles Responsibilities 3

Intune – Mobile Application Management
  1. MAM Policy creation, edition and deletion of Managed Applications
  2. Deployment/Assignment of managed application to AAD groups
  3. LOB Application Wrapping for iOS and Android managed applications
  4. Wrap the LOB apps using iOS SDK
  5. Wrap the LOB apps using Android SDK

Intune – Device/Profile Management

Create, Maintain, Update, Deploy and Delete policies

  1. Configuration policies :-
    Device Restriction
    Wi-Fi Profile
    VPN/Per APP VPN Profile
    SCEP Profiles
    Custom Policies
  2. Compliance Policies:-
    iOS Compliance Policies
    Android Compliance Policies
    Windows Compliance Policies
  3. Device Life Cycle
  • Enroll the mobile devices (iOS, WP, Windows 10 and Android)
  • Retire and Wipe Devices
Intune Teams Roles Responsibilities 4

AAD/Intune – Conditional Access

  1. Create, Maintain, Update, Deploy and Delete CA policies
  2. CA for Windows devices
  3. CA for Android devices
  4. CA for iOS devices
  5. CA for MAC OS devices ?

Intune Teams Roles Responsibilities 5

Intune/NDES/CA – Company Resource Access
  1. Exchange on-premises connector
  2. Office 365 connector
  3. NDES connector

Intune/Analytics – Software Update Management

  1. Software Update Deployment in traditional way using Intune client
  2. Software Update Scheduling via MDM policies
  3. Update Approval using Windows 10 CSPs

Sharing is caring!

8 thoughts on “Intune Teams Roles Responsibilities”

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.