First of all, co-management is not SCCM and Intune feature, but it’s a Windows 10 feature. Windows 10 provides an option to device management applications to concurrently manage a device. For example, you can manage a Windows 10 device with SCCM and Intune at the same time. Even this could true for other vendors and solutions like Airwatch and Kace? More SCCM Co-Management details are below with 16 posts and more than ten (10) video tutorial. This post also includes the latest updates of co-management.
Windows 10 Version Requirement?
Co-management is a dual management capability available with Windows 10 1709 version (Fall Creators Update) and later. Co-management is the bridge between traditional management and modern management. So if your Windows 10 version is not 1709 or later, then you can’t manage that device with SCCM and Intune at the same time.
SCCM Version Required for Co-management?
Your SCCM version should be SCCM 1710 or later to support co-management scenario. If you have the latest version of SCCM 1806 or 1810, then you can avoid creating many PKI certificates to implement co-management. Co-management setup for SCCM is getting simplified with latest releases of SCCM.
Firewall Ports Required for Co-Management?
We do not need to open any inbound ports to your on-premises network. The SCCM service connection point and CMG connection point initiate all communication with Azure and the CMG. These two site system roles must be able to create outbound connections to the Microsoft cloud.
Is CMG Mandatory for SCCM Co-Management
No, SCCM CMG is not mandatory for Co-Management. When you use Intune to install the SCCM client, enable a cloud management gateway in SCCM. More details in Microsoft documentation here.
Co-Management Related Posts
SCCM co-management related posts are available in the following list. Some of them are outdated as I mentioned in the video above. I would recommend reading the Microsoft documentation on co-management to get the latest updates.
- How to Setup Co-Management – Introduction – Prerequisites Part 1
- How to Setup Co-Management – Firewall Ports Proxy Requirements Part 2
- Setup Co-Management – AAD Connect UPN Suffix Part 3
- Setup Co-Management – CA PKI & Certificates Part 4
- Setup Co-Management Cloud DP Azure Blob Storage Part 5
- Setup Co-Management Azure Cloud Services CMG Part 6
- SCCM Configure Settings for Client PKI certificates Part 7
- How to Setup SCCM Co-Management to Offload Workloads to Intune – Part 8
- How to Deploy SCCM Client from Intune – Co-Management – Part 9
- End User Experience of Windows 10 Co-Management – Part 10
- Overview Windows 10 Co-Management with Intune and SCCM
- Custom Report to Identify Machines Connected via SCCM CMG
- How to Setup SCCM Cloud Management Gateway as cloud DP
- Troubleshooting Tips SCCM CMG Connection Analyzer
- Learn How to Remove SCCM Cloud DP
- Clean-up SCCM CMG and Cloud Services from SCCM
SCCM Co-Management Video Posts
#1 How to enable AAD Connect and UPN Suffix change
#2 – PKI Certificate Details for SCCM Co-management
#3 How to enable Cloud DP in SCCM CMG
#4 Remove or Delete SCCM Cloud DP
#5 Remove or Delete SCCM CMG
#6 SCCM CMG troubleshooting
Resource
https://docs.microsoft.com/en-us/sccm/core/clients/manage/co-management-overview
Another interesting blog post https://blogs.technet.microsoft.com/arnabm/2018/10/24/cmg-with-just-one-cert/
Windows Autopilot Video Starter Kit – https://howtomanagedevices.com/windows-autopilot-video-guide/