Forum Discussion
Sam Smith
Oct 19, 2017Copper Contributor
Utilising Group Policy on a device enrolled in Co-Management?
We are a provider of Cloud Solutions are investigating extending this to management of the end points with Intune. Intune works great from a compliance stand point but lacks the breadth of config...
RobYork
Microsoft
Oct 19, 2017Co-management is SCCM+AD+Intune+AAD so you still get to leverage all your existing GPOs. One thing we know from speaking to customers is that GPOs are complex and organisations often don't fully understand what they actually need or even what they have in place. Co-management allows you to begin a journey to modern management without having to make a leap. Co-management bridges the gap from traditional to modern giving you time to rationalise what you have and to plan and implement the controls you need through Intune device configuration profiles.
Rob
Rob
- dctardyOct 19, 2017
Microsoft
Additionally, you are not required to have Active Directory joined devices that are Co-Managed. What that means is that as you transition to modern management, you can reduce your dependence on Active Directory.
- Sam SmithOct 19, 2017Copper ContributorBut do you have to have SCCM in order to utilise co-manage? Can I Domain Join a 1709 Windows 10 device that has only been connected to Intune so far?
I understand that some organisations have complex setups where they don'y fully understand what they need or have in place however this is not us. We are trying to make up the shortcomings of Intune for device configuration with a proven technology.
Other than wrapping a script up in an MSI how can I provision printers or make other changes that are no exposed by Intune configuration templates or the OMA-URI schema?- dctardyOct 19, 2017
Microsoft
You do have to have SCCM to Co-Manage - that is the definition - Co-Manage is Intune & SCCM co-managing a device. However, you do not need the device to be joined to on-prem Active Directory to be co-managed. You may have the device AAD Joined or Hybrid AD/AAD joined and still co-manage with both SCCM & Intune.