End-User Experience of Windows 10 Co-Management

In this post, I will cover the Windows 10 Co-Management end-user experience. I have a series of posts in the Windows 10 co-management topic, and this is the last post on that series.  Microsoft is still performing design changes in co-management topics, and this is expected to get more and more interesting in later versions of SCCM. I did all my co-managements posts with SCCM 1802 product release.

This post is my post number 10 (ten) to help you to configure Windows 10 Co-Management in a lab environment. I would recommend reading Microsoft documentation to get the latest update about the co-management features. I have attached Microsoft documentation links in all of my blog posts to make it easy for you.

(End User = Admins, Support teams, and Business users)

Patch My PC
All in One - How to Setup Co-Management Eight(8) Video Tutorials

Co-Management Related Posts

Overview Windows 10 Co-Management with Intune and SCCM 
Custom Report to Identify Machines Connected via SCCM CMG 
How to Setup Co-Management - Introduction - Prerequisites Part 1 
How to Setup Co-Management - Firewall Ports Proxy Requirements Part 2 
Setup Co-Management - AAD Connect UPN Suffix Part 3 
Setup Co-Management - CA PKI & Certificates Part 4 
Setup Co-Management Cloud DP Azure Blob Storage Part 5 
Setup Co-Management Azure Cloud Services CMG Part 6
SCCM Configure Settings for Client PKI certificates Part 7
How to Setup SCCM Co-Management to Offload Workloads to Intune - Part 8
How to Deploy SCCM Client from Intune - Co-Management - Part 9
End User Experience of Windows 10 Co-Management - Part 10

Video Tutorial – End User Experience of Windows 10 Co-Management

User Communication Management of Windows 10 Co-Management

The real world end user experience of using SCCM and Intune co-managed Windows 10 device is a bit different from normal SCCM managed device. We should communicate this change to end users and support teams. This change communication will make their life easy. I hope SCCM and Intune product teams are working to improve the end-user experience of co-managed devices.

What is the tool they want to use for application installation?

Software Center ?
Application Catalog ?
Intune Company Portal/ https://portal.manage.microsoft.com/Apps ?
Windows store for Business?

Windows 10 Co-managed Device – How to Refresh SCCM/Intune Policies ?

As mentioned in SCCM 1806 TP post, now users or admin can sync the Intune and SCCM policy refresh from one place (download client policy or SCCM client agent). This MDM sync will automatically happen when you change the workload switch settings in co-management configuration properties. You don’t need to do the sync from both the management tools like Intune MDM setting and SCCM client agent settings.

SCCM CB 1806 (TP) client actions from a co-managed device automatically synchronize MDM policy from Microsoft Intune. This sync also happens when you initiate the Download Computer Policy action from Client Notifications in the SCCM console.

How to Install SCCM client on Intune Managed Windows 10 Device?

I have an Intune managed Windows 10 device. In this post, I will show the experience of getting that device into SCCM management. As discussed in the previous post, I have deployed a required SCCM client application from Intune to this Windows 10 device.

You can check the status of the SCCM client deployment from https://portal.manage. microsoft.com/Apps. As you can see in the video tutorial, the content is downloaded from the cloud DP, and the client got installed. The co-management status of the Windows 10 device got updated in SCCM console only after a couple of policy refreshes.

End User Experience of Windows 10 Co-Management

Immediate use of Microsoft Intune features for SCCM Managed Devices

Immediate use of Microsoft Intune features which would be available for SCCM managed devices in a co-managed scenario.

Remote Actions
Factory reset
Selective wipe
Delete devices
Restart device
Fresh start

SCCM Orchestration with Intune for the following workloads

SCCM can offload the workloads to Intune for following workloads. As I explained in this post, SCCM can take care of Intune workloads like application deployment. SCCM can be used for deploying the complex MSI applications for a co-managed device.

Compliance Policies
Device Configuration (Available with SCCM TP 1805 or later)
  Resource Access Policies (WiFi, VPN profiles)
  Endpoint Protection
Configuration Policies 
Office Click-to-Run Apps (Available with SCCM TP 1806 or later)
Windows Update Policies (Patching without on-prem WSUS/SUP)

SCCM Client Status from the Control Panel Applet

Following are the Windows 10 co-management properties for SCCM client applet. There are 55 co-management capabilities with SCCM 1802 production version. When a device is co-managed, the co-management feature should be enabled in SCCM client applet.

Client Certificate: Self-signed
Co-management Capabilities:55
Connection Type:Currently Internet

In the screenshot below, you can see the initially the connection type was Currently INTRANET. The connection type is changed to Currently Internet after a couple of policy refreshes. Once all the policies are delivered to the client, the status is changed to “Currently Internet” in SCCM client applet in control panel.

End User Experience of Windows 10 Co-Management

SCCM Console – How to check Windows 10 Co-Management Status of a Device?

As you can see in the video tutorial, check whether the device is enabled for co-management from SCCM console. You may need to add an additional column “Co-Managed” to get co-management information in the SCCM 1802 console.

End User Experience of Windows 10 Co-Management

Intune Portal – How to check Windows 10 Co-Management Status of a Device?

As you can see in the video tutorial, check whether the device is enabled for co-management from Intune portal. All devices tab in Intune blade will help you to vide the co-managed status of a Windows 10 device.

Managed by MDM
Managed by MDM/ConfigMgr Agent/SCCM Agent
End User Experience of Windows 10 Co-Management

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.