This post will show how you can enable co-management in SCCM 1710 and how to automatically enroll a Windows 10 1709 machine into Intune (Intune standalone) when it is currently managed by SCCM 1710.
- Configuration Manager version 1710 or later
- Azure AD
- EMS or Intune license for all users
- Azure AD automatic enrollment enabled
- Intune subscription (MDM authority in Intune set to Intune)
In portal.azure.com then Azure Active Directory, Mobility (MDM and MAM), Microsoft Intune, I have set my MDM user scope to All for automatic Intune enrollment for Windows.
In the SCCM console, in Administration, expand Cloud Services, right click on Co-management to create a new co-management policy.
Sign in with the Intune account
I have set automatic enrollment in Intune to pilot.
Configure the workloads.
I have created a collection called Comanagement Pilot. I have added my test Windows 10 1709 machine managed by SCCM 17010 into this collection.
You can check the Monitoring node and look for the CoMgmtSettingsPilot status. You can see my test machine WIN10MDT has successfully had the co-management policy applied.
Previously in the Azure Active Directory then Devices blade in portal.azure.com you can see that my Windows 10 1709 machine is Hybrid Azure AD joined but the MDM was set to none.
Once the policy was applied above, you can see the machine has changed from None under MDM, to Microsoft Intune.