How to Set Up Co-Management in Microsoft SCCM to Connect to Microsoft Intune

  • 🎬 Video
  • ℹ️ Description
preview_player
UCT9BKiLpbO1pGxXsU1-_zBg



Topics in Video:

Introduction – (0:00)
Overview of Co-management in SCCM and Microsoft Intune: (0:21)
The first scenario overview, using Azure AD Join Only (Cloud Domain Join): (1:02)
The second scenario overview, using On-Prem domain join and auto-register in Azure Hybrid AD and MDM: (1:26)
Validate Azure AD and Intune enrollment is enabled in the online portal: (1:53)
Covering CMG prerequisites for the option to Install the SCCM Agent from an Azure AD only scenario: (4:12)
Add the co-management subscription into the SCCM console: (5:58)
Enroll a device into Azure AD from OOBE to have it auto-enroll into MDM/Intune: (11:16)
Validate the device enrolled in MDM and the SCCM Client auto started and review the CCMSetup download from CMG over the internet: (12:38)
Review ClientIDStartupManager to review how the Azure AD Authentication is used to be approved within the SCCM environment: (14:31)
Validate in the Configuration Manager Control Panel applet the co-management is showing enabled: (15:47)
Review the scenario for registering on-prem domain joined devices to register into Hybrid Azure AD and auto-MDM enroll in Intune: (17:23)
Install Azure AD Connect and Configure the OU for the user/device sync we need for the lab: (18:13)
Validate a valid public UPN suffix is configured in Active Directory Domain and Trust and configure the on-prem users that will be used to auto-enroll devices with the public UPN in AD Users and Computers: (19:31)
Set GPO to have devices auto-enroll into MDM/Intune when the device registered into Azure AD: (26:08)
Run dsregcmd /status to see if the device is registered with Azure AD: (28:07)
Configure devices to auto Azure Hybrid AD Join in Azure AD Connect: (28:51)
Validate on-prem domain joined SCCM client switched to be co-managed after auto-enrolling into Intune: (32:08)
Validate both devices are showing in Intune and the SCCM console with co-management capabilities: (33:17)
Deploy device reset to both co-managed devices: (34:59)

Helpful Resources:







#SCCM #Intune

💬 Comments
Author

Your series on SCCM is an incredible resource. Thank you so much for creating these videos.

I have just started a new IT role and will be using SCCM on a daily basis, which is pretty scary at first as I have never used it. However, I feel so much more confident now.

Thank you.

Author — Richard Gailey

Author

Thanks a lot your guidance. That was really helpful and has given me a kickstart to further deep dive into it.

Author — Subhojit Choudhury

Author

another excellent tutorial. i like the details you provide. thank you!

Author — 550891

Author

Thanks Justin for this video. Very enlightening. Just a question on activating co-management on local sccm, is azure ad connect need to be setup first or the azure ad is a prerequisite?

Author — Edrian Tomoro

Author

Thanks for this! Quick question, would IBCM (rather than CMG) allow the Config Mgr Client to be installed via Intune for Azure-AD joined devices only? We are looking at a 1:1 scheme for laptops and would like to use Autopilot and the benefits of Intune but also have some management of the devices using Config Mgr and I'd only want them to be Azure-AD joined rather than Hybrid.

Author — Jonathan Worth

Author

Hi Justin, silly question, do you need a CMG to have co-managment capabilities? Or can you just have inTune and SCCM work independently from each other?

Author — Jazz Lead

Author

Justin. Thanks for doing this for the community. We appreciate it.

Author — sudheer bangera

Author

You are awesome. I was looking to have someone who teaches the same way we do in classroom trainings...

Author — ITNinza

Author

awesome serie. Its pretty hard to find content about modern deployment using co management with intune and sccm

Author — yann Sierro

Author

Thanks Justin for the video, I have a question about AAD, what AAD subscription do I need?

Author — Arturo Panca

Author

Justin thanks for doing this for the community. appreciate it.

Author — Chetan Gwari

Author

Thanks Justin, it was a very resourceful video.

Author — Vaquar Shaikh

Author

Thanks a million bro. You are just awesome.

Author — Rome Indian

Author

Really nice vid. Studying ms100 and this tied up a lot of details where I really don't feel like setting up a whole sccm, aadconnect environment.

Author — CautionCU

Author

When switching the workloads over to intune, how long does it take for the changes to apply? I have switched the "device configuration" workload over to intune, and created a device configuration policy that i assigned to some of my co-managed devices. But for some reason they do not get the policy, the status is set to "Not Applicable", Meanwhile non-co-managed devices that are only managed by Intune, get the Device configuration policy more or less right away.


Please advise!

Author — Bendik Gjøvikli

Author

Hi Justin, The links in the description of the video all refer back to this main video. Can you please provide the link to the video where you configure the Cloud Management Gateway. Thanks in Advance

Author — Shehzad Khan

Author

hi, when i enable co-management i dont get the parameter for AADCLIENTAPPID and AADTENANTID in the command line generated, what could be the reason?

Author — AdrianKL78

Author

Hello, in my Azure Portal, Mobility MDM & MAM, Microsoft Intune Enrollment is missing, do You know how can i configure it?

Author — Marcin Kochański

Author

So i have to install cmg first before i can go on with this tutorial?

Author — Prof essor

Author

Hi,

While trying to setup CMG, i get an error on the last option "Testing the CMG channel for management point", i have tried almost everything and seems i'm out of option, can you suggest here?

Author — Moses chougule