8 Reasons to Select Intune Standalone Over ConfigMgr Integrated Intune. I understand that deciding to go with Intune standalone or Intune integrated with SCCM is critical for all organizations.
I was part of one Intune standalone Vs Integration with the SCCM decision-making team. And I’m happy that we did not go with Intune hybrid solution with SCCM integration.
High-Level Content of this post
Should I go with Intune Standalone or SCCM Integrated Intune?
Feature Parity – Is it still valid to go with SCCM Integrated Intune?
Role-Based Administration – Is it still valid to go with SCCM Integrated Intune?
Single Pane of Glass – Is it still valid to go with SCCM Integrated Intune?
Reporting – Is it still valid to go with SCCM Integrated Intune?
Scalability – Is it still valid to go with SCCM Integrated Intune?
Programmability (Automation) – Is it still valid to go with SCCM Integrated Intune?
Integration with Third (3rd) Party Echo system – Is it still valid to go with SCCM Integrated Intune?
Other Reasons – Is it still valid to go with SCCM Integrated Intune?
What are Intune Design Decisions?
From this video, you will get details on Intune Design Decisions. The important decision points on Intune Architecture.
- Existing Investments – Exchange Online, AAD, etc..
- Device Management Topics – Intune Vs SCCM Vs Co-Management?
- Integration with current solutions
Should we go with Intune Standalone or SCCM Integrated Intune?
Whether to go with SCCM Integrated Intune or Intune standalone? Let’s check SCCM Integrated Intune architecture using co-management (What is SCCM Cloud Attach Tenant Attach Client Attach Vs Co-Management) and Tenant Attach (What is ConfigMgr Tenant Attach Architecture).
- My previous post explained this, “SCCM Intune Architecture Decision Making Tips and Sample Diagram“
In this post, I will discuss more than eight (8) reasons either to go with Intune Standalone over SCCM Integrated Intune. I will perform a detailed analysis of those 8+ reasons which can influence decision making. Following are my recommendations!
NEW customers should select INTUNE STANDALONE as a preferred method
EXISTING customers should start PLANNING to MIGRATE to INTUNE STANDALONE
Feature Parity – Intune Standalone or SCCM Integrated Intune
The parity between Intune standalone and SCCM Integrated Intune features was the initial concern. I mentioned this my previous blog here that “The biggest and most awaited thing in SCCM CB hybrid is feature parity between Intune Stand Alone version and SCCM CB hybrid version”.
But things changed after that blog post, and Microsoft introduced co-management of Windows 10 and other new things.
Feature parity is NOT a VALID point in deciding to go with Intune HYBRID.
Decision ==> Intune Standalone
Role-Based Administration – Intune Standalone or SCCM Integrated Intune
The changes mentioned above made the decision-making between Intune standalone or SCCM Integrated Intune a bit easy. Apart from the feature parity, Role-Based Administration (RBA) was one reason organizations went with Intune with SCCM integration.
Intune standalone introduced the RBAC option in the Intune portal. I have a post that explains RBAC’s “Intune Role-Based Administration RBA Controls“.
RBAC is NOT a VALID point in the decision making to go with SCCM Integrated Intune.
Decision ==> Intune Standalone
Single Pane of Glass – Intune Standalone or SCCM Integrated Intune
The single pane of glass was another reason organizations wanted to choose Intune hybrid with SCCM integration. But in reality, it was never a single console for an end to end device management.
But Intune console can be the single pane of glass for Windows PC (through the MDM channel), Mac, iOS, and Android device management. Now the single pane glass concept is coming from Intune portal, but it’s still a temporary solution.
- So in other ways, we need to use different consoles to manage Azure AD Conditional Access.
- A Single Pane of Glass console is NOT a VALID point in deciding to go with Intune HYBRID.
Decision ==> Intune Standalone
Reporting – Intune Standalone or SCCM Integrated Intune
Intune reporting solutions are improving a lot in recent releases in 2023. So there is no need to have SCCM integrated Intune solution using Tenant Attach and Co-Management solutions. This will help organizations perform data mining and create custom reports, etc.
List of Intune Default Reports Reporting Strategies Advanced Reporting Options
Intune standalone has options called Intune Data Warehouse to create custom reports. We can use the Intune Data Warehouse to build words (perform data mining) that provide insight into devices managed by Intune solution.
Following are some data points related to reporting.
- Heavily use custom reports and perform all kinds of data mining activities with SCCM DB then, Intune Data Warehouse could be a little muddy option for some of you.
- The SCCM database is connected to the asset management system within the organization. You need to architecture those systems to get data from Intune Data Warehouse.
But if you compare other advantages of Intune Standalone and your organization’s future strategy, then I would still go with Intune Standalone.
Reporting is STILL VALID point in the decision-making, but I won’t go with Intune HYBRID.
Decision ==> Intune Standalone
Scalability – Intune Standalone or SCCM Integrated Intune
Scalability is not an issue since the Intune migration to the Azure portal. Microsoft can support over 50k mobile devices with the new Intune solution. Microsoft Intune standalone running on Azure infrastructure can scale to meet customers’ scalability needs.
Scalability is NOT a VALID point in deciding to go with Intune HYBRID.
Decision ==> Intune Standalone
Programmability (Automation) – Intune Standalone or SCCM Integrated Intune
Intune API is generally available in Microsoft Graph. All the automation & programmability options are available in a fully supported way. More details – Intune Graph Starters Guide Query Samples.
Intune API in Microsoft Graph allows you to connect different Microsoft cloud services and automate workflows and processes between them.
Programmability (Automation) – NOT VALID point in the decision making to go with Intune HYBRID
Decision ==> Intune Standalone
Integration with Third-Party Echo System – Intune Standalone or SCCM Integrated Intune
Can Intune standalone integrate with ISVs (Independent Software Vendors) like ServiceNow or Remedy? Yes, there is out-of-box integration available from the ISVs when updating the post in 2023.
ServiceNow and Remedy are very popular IT service management tools. These tools are essential for most organizations. As SCCM is having the vast majority of the market share in the device management world, the ISVs are interested in keeping their development efforts with SCCM integration.
But Microsoft Intune has a way of hooking into ISVs like Remedy and ServiceNow for IT service management and as well as for asset management. But I think these ISVs will wait until Microsoft Intune has a good market share to put their money into developing Intune integration efforts.
But there are workarounds to integrate your existing investments with Remedy/ServiceNow and Intune. These workarounds can be achieved through PowerShell and Graph API. I will tend to decide to go with Intune standalone on this topic.
Integration with Third-Party Echo System – STILL VALID point in the decision making to go with Intune HYBRID
Decision ==> Intune Standalone
Other Reasons – Intune Standalone or SCCM Integrated Intune
There could be other reasons that prompt each organization to decide to go with Intune standalone Vs SCCM Integrated Intune. But I’m sure Microsoft is fully aware of those decision points. If not, you can make Microsoft aware of those reasons via user voice items.
Following are/were some of the other reasons.
- Multiple NDES servers for Certificate Delivery – Already available with Intune Standalone
- Multiple Exchange connectors – Microsoft is already aware of this requirement.
- S/MIME encryption support – Microsoft is already aware of this requirement
- SamAccountName in email profiles, Entrust PFX, FQDN in SCEP cert profiles, etc..
In 2023, I don’t see any specific reason to go with SCCM Integrated Intune rather than a standalone Intune solution. All the things (almost) that you can do with on-prem solutions can be done with Intune standalone solutions.
Other Reasons – STILL VALID point in the decision making to go with Intune HYBRID
Final Decision ==> Intune Standalone
Resources
Choose between Microsoft Intune standalone and hybrid with SCCM
Author
Anoop is Microsoft MVP! He is a Solution Architect in enterprise client management with more than 20 years of experience (calculation done in 2021) in IT. He is Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc……………
How about SCCM Software Metering functionality? Customer’s that are currently performing Software Metering via SCCM for licensing management (purchase & allocation) for all installed 3rd-party applications on all Windows devices, how can Intune help the Asset management team in this area?