Intune for Remote PRTG Probes

Occasional Contributor

Hi,

 

I was hoping to get some guidance on the below request.

 

We have devices deployed at various different clients functioning as remote PRTG probe devices. These devices are currently workgroup devices and the management of them is tedious to say the least. The idea I had was to manage these devices with Intune thus giving us the ability to patch etc. them and ensure they are compliant and has up to date security protection.

 

Would this be possible using device only licenses and would I be able to manage all of them with a single service account?

 

Any advice or alternative solutions would be welcomed.

5 Replies

@MorneVR Using of an device only license bring the following limitations:

 

  • Intune app protection policies
  • Conditional access
  • User-based management features, such as email and calendaring

If you only want to manage updates and compliance it should be possible. 

Thanks for the info.

If you use device only, would you use a local windows account to log onto the device or can a unlicensed cloud only O365 account log onto the device?

This is possible to login to the device but I am not sure if this is the best solution. What about to create an own service account for each device (to be license-compliant) and assign the e3 license to this account insted of using the device only license.

@Jannik_Reinhard the idea is to keep costs down as the machines will only be used to monitor client environments. Interaction with the machines will be minimal but I would still like to keep them patched, secured and compliant as they are sitting in client networks.

@MorneVR :

When you deploy this device as a self-deploying device / kiosk pc it will work. The following enrollment types are supported for a device only license:

  • Windows Autopilot Self-Deploying mode
  • Apple Device Enrollment Program without user affinity
  • Apple School Manager without user affinity
  • Apple Configurator without user affinity
  • Android Enterprise dedicated
  • Using a device enrollment manager account

If you setup the device as an kiosk pc you also have an local user and you don't have an need for an additional AAD user. 
A instruction how to configure an kiosk pc you can find here: Setup an Modern Kiosk PC – Modern Device Management (jannikreinhard.com)

 

When you setup the device not as a kiosk pc I think you need an licensed user to be compliant.