This is second (2nd) part of Microsoft Intune for SCCM admin. In this part you are going to see how to perform Intune infra setup. The best way to start learning Intune is to get a trail version and follow the Microsoft LAB which I explained in the video.
Part 1 – Video Microsoft Intune for SCCM Admins – https://youtu.be/23j0Pgdp_zA
NOTE! – Learn about the Microsoft Intune for SCCM Admins training posts. 1. Microsoft Intune for SCCM Admins Part 1 2. Microsoft Intune for SCCM Admins Part 2
Introduction
I have a post in which I’m talking about the SCCM co-management lab. You can click on that lab and search with Intune you will get an option to set up AM in tune lab. In that lab there are instructions which you need to follow to learn Intune infra setup.
The prerequisite for the lab is get a trial version of Microsoft 365. I have explained how to get a Microsoft 365 subscription for free for 30 days. So, this lab would be a good starting point for you.
Intune Infra Setup with LAB
You can get the trial subscription and you can follow through the instructions in the lab. Download Microsoft EM+S (Microsoft 365) step by step setup guide from here. This will cover the trial version options.Â
I’m sure that LAB instructions will help you to learn Intune setup and create complaints policies and all the other policies. We are going to talk about these policies in upcoming Intune for SCCM Admin videos and posts.
Intune Infra Setup Guide for SCCM admins
In this video, we are going to see:
- How to setup Intune infrastructure?
- How to setup device enrollment how to integrate in tune with Azure Active Directory?
- How to setup enrollment restrictions policies?
SCCM is tightly integrated with Active Directory but in Intune world it’s all about Azure Active Directory integration.
Intune is not integrated from Active Directory. But, you can sync your on Prem Active Directory with us or Active Directory using AAD connect.
Intune Integration with Azure AD & Active Directory
So, once you have linked Intune with your Active Directory then you can setup the management authority for that tenant. Intune will be your management authority for your tenant as you can see in the video.
You can add Vmware Airwatch, MobileIron, and mass365 to your Azure Active Directory. Checkout the video for more details. More details about this integration and Intune infra setup in this post & video.
Intune Enrollment options for SCCM Admins
Let’s check the enrollment options available in Intune. Unlike SCM, there is no need of Active Directory discovery or Active Directory user discovery or system discovery or group discovery.
There is no need of that because Intune tightly integrated with Azure Active Directory.
Intune Enrollment Restriction Rules for SCCM Admins
Enrollment restriction are another configuration which is available in Intune. I don’t see this kind of similar configuration available in SCCM.
So you can restrict a particular device based on the OS and based on the enrollment method which each which you use within your organization. Intune infra setup is explained in the above video.
For example, if you want to restrict BYOD devices from enrolling into Intune, then you can do that for Windows, iOS, and Android. The only company owned devices can be enrolled into Intune.
I have couple of other post related to this topic. You can go through those posts to get the details. Also, you can watch the video to understand it better.
3 Parts of Intune Enrolment Configurations
Intune enrollment options are basically divided into 3 parts. First one is windows enrollment and second is iOS or Apple enrollment, and the third one is Android enrollment. So, these are the 3 parts of enrollment options available in Intune.
Configure Intune Enrollment
You can configure windows enrollment by clicking on the windows enrollment tab can you can set up the policies which you want. You can create enrollment status page. Also, you can create autopilot profiles etc…
Other interesting options which Intune has is terms and conditions you can create different terms and conditions for your users and diploid to the Azure AD groups.
Others – Intune Infra Setup Options
There are other options like device categories like SCCM device categories. And you have an option to upload the corporate owned devices details into Intune using corporate device identifiers option. Device enrollment manager is another useful option in Intune.
Extra Tips – Intune Infra Setup
Expanding on the Intune enrollment restrictions options here. There are 2 kind of restrictions policies, device type restrictions and device limit restrictions. Intune device type list policy has the priority option.
So, you can set up the BYOD restrictions in Intune. You can block the version of OS. You can block the out of support version of the OS and kind of stuff like this Intune infra setup.
Resources
What to Learn Intune? Great Resource Around you! (1)LinkedIn Learning Courses for Microsoft Intune , (2)Learning How to Learn SCCM Intune Azure(3)Learn Intune Beginners Guide MDM MAM MIM, (4)Microsoft Intune for SCCM Admins Part 1