Forum Discussion
Intune MDM Authority Inquiry
I have a question around the Intune MDM Authority for 'Mobile Device Management for Office 365' which is currently disabled - hence the reason I am asking this question. I have been in the process of...
MatthewButcher
Microsoft
MicrosoftHi Marc Rodieck, the act itself of setting your MDM authority to Intune will have no direct impact to MobileIron. However to your point, having multiple sources of MDM policy to the same device can have a less than desirable outcome.
With a few exceptions, Intune is all about AAD Group membership & targeting, so if the users who currently have MobileIron enrolled devices are not members of the targeted groups by your Intune policies, they should not experience any impact.
However, the main sources of potential impact would be:
1. Azure Conditional Access
2. Compliance Policy Settings under Intune > Device Compliance > Setup - Compliance Policy Settings in the Intune on Azure portal. The settings for Secure By Default, Enhanced Jailbreak, and Compliance Validity Period are applied to everyone via the "Built-in Compliance Policy" and cannot be scoped down.
3. Policies assigned to "All Users" or "All Devices" rather than a specific AAD group.
We have a migration guide here: https://docs.microsoft.com/en-us/intune/migration-guide which is a great resource for anyone looking to switch to Intune from another MDM provider.
I hope this helps!
Hi MatthewButcher Thank you so much for responding to my ask. This is exactly what I was looking for as duplicating this effort in a test lab is challenging sometimes when the resources are not there.
Have a good day!