Event banner
Cloud attach vs. cloud only: the debate
Event details
Are you planning a new Microsoft Intune deployment? Are you wondering if you need Configuration Manager? Join Danny and Steve for a special edition of Unpacking Endpoint Management as they breakdown key management workloads of Windows devices (compliance policies, Windows Update policies, resource access policies, Endpoint Protection, device configuration, Office Click-to-Run apps, and client apps) to help you determine if cloud attach or cloud only is right for your new Intune deployment.
This session is part of the Microsoft Technical Takeoff: Windows + Intune. Add it to your calendar, RSVP for event reminders, and post your questions and comments below! This session will also be recorded and available on demand shortly after conclusion of the live event. |
- Heather_PoulsenCommunity Manager
How did we do on our Technical Takeoff Day 1 sessions? Please take this 2-minute survey and let us know your thoughts on this event.
- CapGlobalCopper ContributorWe find it difficult to re-create ConfigMgr collections as Azure AD Groups because the list of available properties is limited by comparison. Are there plans to add new properties such as chassis type for Azure AD Groups? Filters are a good start, but it just doesn't feel like it's quite there yet.
- ToddMoteBrass ContributorCloud Sync for collections when tenant attached seems to work ok. If you pre-create and make the server tenant object the owner of the cloud group and then configure the collection to sync to that group, if the device has a cloud identity it populates and keeps the group up to date based on collection membership.
- Rob de RoosIron ContributorDid you look at filters in Intune?
- CapGlobalCopper ContributorYes, as I said above, they are a welcome addition, but there is still a lot to be desired.
- JavoMejiaCopper ContributorEven when you can migrate the endpoint protection workload to Intune using Cloud Attach, you will be required to co-manage the device or to onboard Defender for endpoint in orden to have Defender AV Reporting like signatures and engine version, native information that is available on Configuration Manager database (CM Console).
- SteveThomasMicrosoftGreat point! Thank you.
- CarywellsCopper ContributorI feel all the people on the panel are trying to push to cloud only without really working in the real world. A reimage is not a viable solution for any environment for moving from Hybrid to On cloud and Intune does not cover the expanse that config Mgr can do for these companies. To sit there and just say do it anyways is negligent on their behalf.
- Rob de RoosIron ContributorI'm doing these kind of project for the last 5 years now. And, depending on the size of the organization and for example the age of the device stack, most customers choose to fully go to Intune with device reimaging (to get to a known state). In certain cases, like very complex environments, we choose to keep the old for the existing devices. But any device that is newly rolled out will be Intune only and most of the times AAD Joined only. Yes you have to manage application packaging twice, and some other stuff. But in my experience users that see the new, modern managed, devices even request a reimage themselves. We always try to create a bit of a must have that users can only benefit from when their device is Modern Managed. Let's say as sort of a marketing strategy 😉
- Paul_WoodwardIron ContributorThey said Reset, that's not quite the same as a reimage. You can even keep user data. It's still a big deal, and maybe not a viable solution, but it's not as heavy as a reimage.
- CarywellsCopper ContributorYou would still need to reinstall all the apps and honestly my OSD with a full variable based software install is a lot faster than resetting a pc and waiting for app install from Intune, especially on machines with large applications such as Autodesk and Creative Cloud.
- Heather_PoulsenCommunity Manager
That concludes our live stream for Cloud attach vs. cloud only AMA. We’re happy you’re here with us at the Microsoft Technical Takeoff! Whether you are attending one session or many, please take this 2-minute survey and let us know your thoughts on this event. We’ll continue to answer questions here in the chat for the rest of the hour and we’ll check back throughout the week.
- Thanks!!!
- David StowersBrass ContributorThe reporting is the weakest link. I have had to deep dive Graph a -lot- to get meaningful reports.
- SteveThomasMicrosoftThank you for your feedback. Please keep checking https://learn.microsoft.com/en-us/mem/intune/fundamentals/whats-new for more new items related to improved reporting experience.
- Paul_WoodwardIron ContributorWe need uninstall option for users in Company Portal
- Jason_SandysMicrosoftComing soon.
- Paul_WoodwardIron ContributorFantastic! Can't come too soon!
- Fish_TacosBrass ContributorIf I don't know anything, About intune where do I start? What do I tell my coworkers that want to stay on premise with GPOs?
- David StowersBrass ContributorWe had lots of devices fall off on-prem AD during the Pandemic due to how our VPN connections work in terms of AD login. The cloud-managed devices had no issues. Also, since we did not have CMG in place the CM-connected devices could not talk well to WSUS unless they were on VPN, which some were not. Add to that the oddities of sync vs async with GPOs and the cloud approach is a lot simpler to deal with long term. Also, Intune config profiles will tell you quickly when they have a conflict compared to legacy AD.
- Rob de RoosIron Contributor
Watch videos and use google. And NIKE has a great slogan.... just do it. That is the absolute only way. These guys have great videos https://www.youtube.com/c/IntuneTraining
- FuzzyWazHeCopper Contributor
Are there any guides or blogs covering the roadblocks most people would have in the transition?
- *file shares
- *policies
- *certs
- *etc
- Jason_SandysMicrosoftCheck out https://aka.ms/cloudnativeendpoints