Forum Discussion
Connection of already Hybrid Azure AD joined Win10 Devices to Intune Management
Hi folks,
i'm trying to implement Intune.
My first steps were iOS & Android what i finished right now.
Now it's time for Win10 Devices:
BYOD Devices with a work or school account are no problem, they appear as expected in the Intune console.
At this moment i',m trying to connect our Windows 10 Devices, which are already Hybrid Azure AD joined. (joined to our OnPrem Domain)
I don't know how to achive this. Would you please help me out of this?
I already tried to set the GPO (Auto MDM Enrollment with AAD Token) at a local Win10 Client, but this doesn't do anything.
Is that the right approach? (Or what should i do? Do i need the Intune connector? Do i need Autopilot for this first step? (when deployment of the OS is done manually, not by autopilot))
Thank you very much :)
Patrick.
- Because of a new techcommunity account, this is just a short response to follow up the thread. :)
I have a similar situation although we do not have SCCM on premise. Devices have been Hybrid AD joined and Auto MDM enrolled through GPO but show up as Managed by MDM/ConfigMgr Agent. We do not have Configuration Manager OnPremise. How do i force MDM only?
Device Action status
Co-managementUSERNAME Windows PC is being co-managed between Intune and Configuration Manager. Configuration Manager agent state is shown below, if the state is anything other than “Healthy” there are a few steps that help with this.
Learn moreConfiguration Manager agent stateCould not connectDetailsThe Configuration Manager client is currently unable to reach the Configuration Manager management point. Make sure the client can communicate with the server. For more information on client communication issues, see the CcmMessaging.log, LocationServices.log, or ClientLocation.log files on the Configuration Manager client.Last Configuration Manager agent check in time2/1/1900, 12:00:00 AMNathan Hart We are having the same issue I will be happy to hear if you were able to sort this out .
I am working with Premier on this issue almost a week now .i am having same issue with 20h2 version. i created the image via MDT. Computer gets register in Azure AD but with compliant status as NO and shows as sccm managed. In intunes it registers with username rather than the computer name. we do not use sccm in our environment. i guess since the image was created using mdt its showing as sccm co managed. i did remove all sccm task sequence related keys and folders and still no luck. gfridman Please share if you were able to get something from support.
Hi
I have this same problem.
But i have SCCM co-management configuration set.
Co-management
the configuration is set to device collections.
I removed my test device from this collection and try to register it in Intune as being only managed by MDM.Unfortunately, it still appears as MDM / ConfigMgr
The MDM policy is set.
How to change the device authorization for MDM, leaving other devices managed by co-management?I successfully setup Hyrid ad join and co-management for some Pilot devices. Management is still controlled by ConfigMgr.
In the Azure console I see however stated that the Configmgr Agent state reports as could not connect. (See attached screenshot). Remote restart does work (with some delay) so there seems to be connection. Can anyone put me in the right direction how to troubleshoot this?
Are you certain that Hybrid Azure AD join is configured correctly? Configuring Hybrid Azure AD join in Azure AD Connect and setting the GPO are all that you need (plus assigning EMS / Intune licenses). Once these are configured, you should see devices register pretty quickly.
Docs here:
Hi Aaron
i've already read this MS Doc. Yesterday i found out a few things with dsregcmd and got the first machines working.
My current problem seems to be an SCCM topic.
Let me describe the current situation and the goal:
Currently:
1. We don't manage mobile devices (iOS & Android) yet.
2. We manage Win10 Devices (okay, most of them are mobile, too ;) by SCCM. (Enrolling the operating system, install a few software products)
Objective:
1. We want to manage our clients (iOS, Android & Win10) with Intune in AAD.
2. We want to use SCCM also in future for the "first enrollment". (An on-site training for sccm for my colleague is pending, starts in end of february.)
What i've done so far:
1. I learned quite a few interesting things about Intune in combination with iOS & Android, so we are able to manage them. Currently we're in a testphase and want to go in a pilot phase with a few more Users/devices)
2. I enrolled some Win10 testclients with the GPO setting to the Intune console.
When these clients already had the sccm agent installed, when they got enrolled in Intune, they appear in Intune as "managed by: MDM/ConfigMgr".
The problem is, that they won't get the policies and configurations i configured in Intune.
Because i'm not experienced in using SCCM yet i don't know how to go on.
Do i need the feature "co-management" within SCCM to achive this objective?
(The devices already appear in intune, as i mentioned before)
The goal should be:
- Managing all mobile devices (iOS, Android & Win10) in Intune
- Installing the basics of our desktop devices with onprem SCCM (Installing OS to workstations, installing some basic software packages.
I hope, my englisch is understandable so far :D
I would be happy if you (or anyone else) can help me a little bit.
Thank you very much!
Patrick
Hi,
If you want to get the policies and configurations from Intune you need to enable co-management and adjust the slider to set the authority. GPO will take precedence over MDM policy from Intune.
