Entering Intune Deployment Technology Settings
To connect App Portal to Intune, you need to enter settings on the Intune tab of the Site Management > Settings > Deployment view.
To enter Intune connection settings, perform the steps in this section.
To enter Intune connection settings
|
1.
|
On the Admin tab, open the Site Management > Settings > Deployment view. |
|
3.
|
In the Microsoft Graph URL field, enter the Microsoft graph URL. |
Note:By default, this field value is pre-populated with the value - https://graph.microsoft.com. This field can be configured with country specific Intune Government URL.For example, for US government the URL will be https://graph.microsoft.us.
|
4.
|
In the Azure Authentication URL field, enter the azure authentication URL. |
Note:By default, this field value is pre-populated with the value https://login.microsoftonline.com This field can be configured with country specific Intune Government URL. For example, for US government the URL is https://login.microsoftonline.us.
|
5.
|
In the Tenant ID/Tenant Name field, enter the Tenant ID or the Tenant name. |
|
6.
|
In the Client ID field, enter client ID. |
|
7.
|
In the Client Secret field, enter client secret. |
|
8.
|
In the Principal ID field, enter the principal ID. |
|
9.
|
Click Test to test the connection settings that are entered. This also validates the minimum permission required by Intune to communicate with App Portal. |
|
10.
|
The checkbox Check device compliance for deployment is checked by default. This checks if the device selected during the checkout is compliant or not. |
Client Device Validation for Intune
When each item is selected on Choose Target panel of checkout, it goes through several checks to validate the selection against the items being requested. If there is a problem with adding one of the selections or validations fails, an error/warning message will be displayed as Cannot select because this machine is not a recognized client.
A few of the client device validations checks for Intune device are to:
|
•
|
Check if the Target Device is Managed and Enrolled in Intune. |
|
•
|
Check if the Target Device is Compliant in Intune. |
Note:You can disable Compliant check validation for a target device on Admin > Site Management > Deployment > Intune view as well by unchecking the Check Device Compliance for deployment option.
Configuration Manager and Intune Co-Management
App Portal now includes support for Co-management capabilities. Co-management is one of the primary ways to attach your existing Configuration Manager deployment to the Microsoft 365 cloud. Co-management enables you to concurrently manage Windows 10 devices by using both Configuration Manager and Microsoft Intune. Configuration Manager version 1710 or later is required.
Switch Workloads in ConfigMgr
You can configure different pilot collections for each of the co-management workloads. You can switch workloads when you enable co-management, or later when you're ready. If you haven't already enabled co-management, you need to do that first.
To switch co-management workloads in SCCM:
|
1.
|
In the Configuration Manager console, go to the Administration workspace, expand Cloud Services, and select the Cloud Attach node. For version 1710 and later, select the Co-management node. |
|
2.
|
Select the co-management object, and then choose Properties in the ribbon. |
|
3.
|
Switch to the Workloads tab. By default, all workloads are set to the Configuration Manager setting. To switch a workload, move the slider control for that workload to the desired setting. |
|
•
|
Configuration Manager—Configuration Manager continues to manage this workload. |
|
•
|
Pilot Intune—Switch this workload only for the devices in the pilot collection. You can change the Pilot collections on the Staging tab of the co-management properties page. |
|
•
|
Intune—Switch this workload for all Windows 10 devices enrolled in co-management. |
|
4.
|
Go to the Staging tab and change the Pilot collection for any of the workloads if needed. |
Important:Based on the different workload management option in ConfigMgr for co-managed devices, it is recommended that you set appropriate 'Define order for detecting client deployment technology option under Admin > Site Management > Settings > Deployment > Common view.
Recommended options for Define order for detecting client deployment technology for different client Apps workload management settings in Configuration Manager are shown following:
|
•
|
When Client Apps workload is set to Configuration Manager in SCCM, it is recommended to set Define order for detecting client deployment technology option to ConfigMgr. |
|
•
|
If user try to deploy Intune application catalog for a co-managed device, the request will not go through and an error message such as CatalogName is not available at the site for DeviceName will be displayed on the Choose Target panel. In such cases, Intune deployment technology can be moved to the top in Define order for detecting client deployment technology. |
Important:On a co-managed environment, if user try to deploy Intune application catalog for a co-managed device, the request will not go through and error message such as ‘CatalogName’ is not available at the site for ‘DeviceName’ will be displayed on the Choose Target panel. In such case, Intune deployment technology can be moved to the top in Define order for detecting client deployment technology available under Site Management > Settings > Deployment > Common tab.
See Also
Deployment
SCCM 2012 Tab