News

Microsoft Readies Improved Intune Migration Process

A new Microsoft Intune migration process will make it easier for organizations to switch from what Microsoft calls a "hybrid" mobile management approach to a "standalone" mobile management approach.

The hybrid scenario refers to settings in which Intune has been integrated with System Center Configuration Manager (SCCM), while standalone scenarios describe pure Intune-managed environments. The new migration process, announced last week, is designed for organizations that want to move from the former to the latter.

Switching from the hybrid approach to the standalone Intune service has typically required organizations to "reconfigure all settings in Intune, including re-enrolling all devices." It also was a potentially painful process because the whole tenancy had to be switched at once.

The new approach supposedly adds a little more flexibility to this switching process. It permits a "phased approach" with testing along the way, according to a Microsoft document describing the process.

First, organizations use an Intune Data Importer tool, available from GitHub, to copy policies from SCCM to Intune. Objects can be imported if they are based on Active Directory groups, Microsoft's announcement explained. Organization may be OK at this stage "if the policies targeted to a user are the same in both consoles," Microsoft's announcement noted.

Next, organizations can move some users over to the standalone Intune service. It'll result in a so-called "mixed authority" state, with some users managed under standalone Intune, while others continue to be managed via hybrid SCCM. During this phase, the tenancy-level polices can only be modified via the SCCM console, Microsoft's announcement explained. However, it's possible to dispense with the legacy Silverlight-based console during this phase, at least for the users that were moved over to Intune management.

Organizations first need to know that they have the mixed authority capability before they can proceed with this stage, though. They'll get a notification from the Office 365 Message Center telling them if it's possible.

The last step in the move to standalone Intune is to "initiate the tenant MDM authority switch through the Configuration Manager console." It'll move things created via the Azure Portal, along with tenancy-level policies, to Intune, which gets managed through the Azure Portal. Moreover, "enrolled devices will not be required to re-enroll," Microsoft's announcement claimed.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.