With co-management available in SCCM Current Branch 1710, you can install the SCCM client on a Windows 10 1709 Intune enrolled machine (Intune standalone) by creating an app in Intune. This will leverage the Cloud Management Gateway and Azure AD User Discovery. This example post is for a Windows 10 1709 Intune enrolled machine, but you could also use Autopilot with the steps below to get the SCCM client installed as well.
Microsoft lists two paths for co-management. This post is about the second path.
Co-management for Windows 10 devices
There are two main paths to reach to co-management. One is Configuration Manager provisioned co-management where Windows 10 devices managed by Configuration Manager and hybrid Azure AD joined get enrolled into Intune. The other is Intune provisioned devices that are enrolled in Intune and then installed with the Configuration Manager client reach a co-management state.
- SCCM Current Branch 1710 – https://docs.microsoft.com/en-us/sccm/core/plan-design/changes/whats-new-in-version-1710
- Cloud Management Gateway configured – See https://blogs.technet.microsoft.com/arnabm/2016/12/19/step-by-step-cloud-management-gateway/
- Azure AD User Discovery configured – See https://docs.microsoft.com/en-us/sccm/core/servers/deploy/configure/Azure-services-wizard#webapp
- Cloud Distribution Point – See https://docs.microsoft.com/en-us/sccm/core/plan-design/hierarchy/use-a-cloud-based-distribution-point
- Windows 10 1709 machine enrolled in Intune and Azure AD joined
- Management Point with HTTPS enabled for Azure AD user authentication
Firstly, distribute the Configuration Manager Client Package to the Cloud Distribution Point.
Next co-management will be enabled. This will provide the SCCM command line arguments with the correct information to install the SCCM client through Intune.
In Administration section, expand Cloud Services and right click Co-management
Sign in with your Intune account and click Next.
Select the required settings. Copy the command line arguments for later as this will be used in Intune to deploy the SCCM client.
I have set all to Pilot Intune.
I have created a test Pilot Intune collection.
Close the Wizard.
ccmsetup.msi needs to be uploaded from C:\Program Files\Microsoft Configuration Manager\bin\i386 on the SCCM 1710 site server to Intune
In portal.azure.com go to Intune then Mobile Apps, then Apps and click Add.
Browse to the ccmsetup.msi
Fill in the details. You can change the name and other information as you like. For the Command-line arguments, paste in the details that we copied before.
The ccmsetup.msi will then begin to upload. You can view the notifcation below to see when it has been uploaded.
Click on Assignments and select a group. I created an Azure AD dynamic group for Windows 10 1709 machines and made the app as “Required”
On the Windows 10 1709 machine, you can do a Sync, then you can see the SCCM client is installing. If you see the ccmsetup.log file, it will start to grab the SCCM client files from the Cloud DP (make sure the client is distributed to the Cloud DP)
When you open up Company Portal now, you will see “Your apps are located in Software Center”. You can see in Software Center my SCCM applications are now appearing.
You can now see the device appearing in the SCCM console as active as it is communicating through the CMG.