Thanks Jason! If I'm going to switch, now would be the time as we haven't rolled out MDM companywide yet.
Thanks, Eric Morrison From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Jason Sandys Sent: Tuesday, November 21, 2017 4:54 PM To: mssms@lists.myitforum.com Subject: [mssms] RE: Intune Standalone VS Hybrid The story is definitely not straight-forward and co-management doesn't really straighten it out [today]. Note however that the current Microsoft guidance is no new deployments of Hybrid with co-management the way forward. J From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Eric Morrison Sent: Tuesday, November 21, 2017 3:59 PM To: mssms@lists.myitforum.com<mailto:mssms@lists.myitforum.com> Subject: [mssms] RE: Intune Standalone VS Hybrid Thanks for the feedback! We're doing extremely basic MDM with Hybrid config today. Actually, we haven't even rolled it out companywide yet. We're just doing forced enrollment to access email and will probably push some other basic policies down and possible make apps available. With that small implementation and not planning on going beyond mobile device and possibly AAD hybrid joined win10 devices, is there any advantage staying with Hybrid Intune/ConfigMgr setup? Thanks! Eric Morrison From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of John Marcum Sent: Tuesday, November 21, 2017 3:41 PM To: mssms@lists.myitforum.com<mailto:mssms@lists.myitforum.com> Subject: [mssms] RE: Intune Standalone VS Hybrid IMHO..... Someone at MS doesn't understand the real advantage of Intune/CM Hybrid or maybe they do and the intune devs just haven't filled the gaps in stand alone intune that hybrid has been filling since day 1. Neither of these are specific to Windows 10 devices, as a matter fact I've needed them for many of my mobile device management projects to succeed. I can't create collections in Intune (and please don't try to humor my by comparing dynamic groups to collections) and the reporting in Intune still doesn't come close to ConfigMgr. So if I want or need those two things to effectively manage my mobile devices I think I still need hybrid. I admit those are corner cases that don't come in to play with most or any BYOD deployments but they are VERY valid reasons for a small number of customers who are doing CYOD mobile devices. When I say that think of things like point of sale devices, medical devices etc etc. Sensitivity: Confidential between partners From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Eric Morrison Sent: Tuesday, November 21, 2017 12:39 PM To: mssms@lists.myitforum.com<mailto:mssms@lists.myitforum.com> Subject: [mssms] Intune Standalone VS Hybrid Now with CM 1710 out and the ability to have Win10 devices co-managed by ConfigMgr and Intune at the same time with Hybrid AAD joined, what would the benefit be that I may be missing. Reading this article: https://docs.microsoft.com/en-us/sccm/core/clients/manage/co-management-overview<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsccm%2Fcore%2Fclients%2Fmanage%2Fco-management-overview&data=02%7C01%7Ceric.morrison%40outlook.com%7C17c2c248ed4a46a8912e08d5312a2f57%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636468979602901995&sdata=cTAq%2Fgua%2BBrZ%2FsuYVnOaIxjtoTRqp%2Bh51TddVSwCELU%3D&reserved=0> it states I cannot have Intune Hybrid with ConfigMgr, which I do with ConfigMgr set as the authority. We're piloting BYOD with MDM mobile phones. But may also extend our "policies" to restrict access to cloud applications and resources to only enrolled devices. This article doesn't really help me choose if I should go to stand-alone Intune with Co-management: https://docs.microsoft.com/en-us/sccm/mdm/understand/choose-between-standalone-intune-and-hybrid-mobile-device-management<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsccm%2Fmdm%2Funderstand%2Fchoose-between-standalone-intune-and-hybrid-mobile-device-management&data=02%7C01%7Ceric.morrison%40outlook.com%7C17c2c248ed4a46a8912e08d5312a2f57%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636468979602901995&sdata=SPuJejs8E6ImUPjOmZ4vwpuvz8W9IlG9Hy93mMNimII%3D&reserved=0> My original understanding back when you could create a hybrid mdm solution with ConfigMgr was to add it to ConfigMgr for a single console view for everything. But I find for specific things I still needed to go to the Intune management portal for setting up Conditional Access policies for EOL and stuff like that. I've also noticed our Intune subscription has not been migrated to Azure yet. Not sure if that's because we're hybrid or something else. Thanks, Eric Morrison Sent from Mail<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgo.microsoft.com%2Ffwlink%2F%3FLinkId%3D550986&data=02%7C01%7Ceric.morrison%40outlook.com%7C17c2c248ed4a46a8912e08d5312a2f57%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636468979602901995&sdata=TT83%2B%2FaxwIGziDNp1oIvmPPH3Gm4faGfgVEex5vmxHg%3D&reserved=0> for Windows 10
