I would like to build devices using SCCM, much like they arrive new, for Intune AutoPilot deployments. This seemed simple enough. I created a generic Task Sequence, Then wrote a script which uninstalls the SCCM Client, gathers the device's hardware ID and then, runs "sysprep /oobe /shutdown". This script runs after the Task Sequence completes, using the Task Sequence Variable "SMSTSPostAction". All of this works beautifully, until the machine is joined to Azure AD via AutoPilot. My first sign of trouble was that the Intune Policies would not apply. I then found this message when looking at the device in Intune:
Co-management <UserName>'s Windows PC is being co-managed between Intune and Configuration Manager. Configuration Manager agent state is shown below, if the state is anything other than “Healthy” there are a few steps that help with this. Configuration Manager agent state Could not connect Details The Configuration Manager client is currently unable to reach the Configuration Manager management point. Make sure the client can communicate with the server. For more information on client communication issues, see the CcmMessaging.log, LocationServices.log, or ClientLocation.log files on the Configuration Manager client.
We did have Co-Management turned on, for a brief moment, in our AutoPilot journey. We quickly found that it complicated things and then followed instructions in someone's blog post to turn it off. Possibly, something went wrong turning it off? What I do not understand is why Intune thinks these devices are managed by SCCM. My best guess is that the SCCM client uninstall leaves behind cruft which the MDM system is reporting back to Intune.
Is it possible to create devices, ready to be AutoPiloted and only managed by Intune, using SCCM? If so, how?
Thanks.
This is also a ServerFault Question.