A few questions about Intune initial setup


Is there a best practices setup how-to? A lot of the setup I have a basic understanding of, but I do not know the best way to set it up so would love to see a best practices setup.

We currently use SCCM in HTTP mode as all our devices are in-network previous to this. Cloud management gateway and co-management are not configured at all. We will be receiving a donation of around 8000 dell laptops that are not domain joinable (Windows 10S) and we are being told to use Intune. (I think it is microsoft pushing us to use intune again).

If I do decide to setup co-management on SCCM do I need to figure out how to put SCCM in HTTPS mode first?
We currently have Intune set to allow all users to enroll devices by default including personal devices. I see that there are personal devices enrolled. If I set enrollment restrictions and block users from being able to enroll personal devices
1. how does intune know it is a personal device?
2. what happens to those personal devices once I block them from enrolling? Does the user notice anything?

I see some devices that are enrolled in intune are co-managed even though I have never setup co-management, wonder why it allowed the computer to do that if it is managed by SCCM.

Answers ( 4 )

  1. 1. If the device is enrolled by user, it’s treated as personal – Basically Azure AD registered devices (mainly for Windows devices)
    – If Autopilot is used to enroll a device that device is treated as corporate devices.
    – DEP enrollment devices are treated as Corporate devices.
    2. It will keep working until those devices enrolled again


      Okay so I can block users from enrolling personal devices (assuming that is best practice?) and there will be no effect that the user notices?

      What about setting SCCM to use HTTPS only, is that a requirement before you start using intune or doesnt really relate?

Leave an answer

Sorry, you do not have permission to answer to this question .