Event banner
Event details
- Adding on to Adam's previous question about the set all workloads to Intune tick box, if you tick the box to have all in Intune, is there a method to move workloads back to CM if you workload sliders are not currently all moved over?
- It would be nice to put the sliders from Pilot to Intune, but if you have just one instance of needing something to not get enrolled/managed by Intune, then you need it. For example--VDI/gold images, Deep Freeze machines. Am I missing something?
- Agreed! I've been bugging Danny about this for a while. We need a way to exclude specific devices somehow without leaving the sliders in pilot.
- This is 100% why we have workloads in Pilot. Hence my other question. I want to use a full Intune experience for the ESP, but because of the collections are set to pilot, if we used this, the workload would be set to CM for apps and then the Intune ESP I would think, would not install.
- The biggest issue in regards to Adam's comments about the sliders is people using pilot collections for unintended purposes. Piloting is for testing on existing devices. It shouldn't be used for controlling new devices. Need to get those sliders moved to full Intune!!!
- If we used an internal certificate for CMG it looks like we would need to move to a public cert for CMG to make this work reliably?
- Great question! I recently went through this. The main issue that we found was that our PKI CRL wasn't accessible externally (from the internet). So if you're doing Autopilot off the business network, clients can't find the CRL so they will fail to install. So the workaround for us was to use a public certificate.
- So we currently deliver the memcm client via PSADT and it works well. I like the idea of this new profile, but I didn't get a good answer on how to monitor it -- not so much 'it shows up in sccm' - but if something goes wrong. Perhaps a cert is not there, or something else. Really, looking for an answer on this. TIA!
- If the client fails to install, it will cause Autopilot to fail during the "Preparing your device for mobile management" step. You would be able to look at the regular ccmsetup client logs or at Autopilot monitoring within the Intune console to see failed deployments. Additionally you would be able to use the Autopilot diagnostics directly on the device you're provisioning.
- Does this support Preprovisioning process (formerly white-glove)?
Venkata_PampanaMicrosoft
Not at the moment.
- Once configured will this reinstall over existing clients?
- Joe_LurieThis occurs during Autopilot, so assuming no managed OS on the device. Can you clarify your question?
- If the ConfigMan client was installed on devices previous to this setting existing and they get targeted outside of Autopilot.
- Venkata_PampanaYes, it can be targeted to already enrolled devices.
- Nice! Where in the Autopilot process does this co-management step actually run?
- In the "Preparing your device for mobile management" step - first section of the ESP.
- Joe_LurieIn the Preparing your device for mobile management part of ESP (enrollment status page)
- So if the device is not picked up as part of a pilot group or full workload moved for Apps to Intune, it will not install any apps that would be required during ESP then?
With PROVISIONTS supported, can we know directly launch desired task sequences with this process? We literally have an environment using the scheduled task method and want to optimize it!
- Yes you can
- Best way to monitor and confirm on the endpoint it got this profile ?
