Blog

Intune Training: Considerations for Hybrid Deployment

December 29, 2023
Posted by: Lara Administrator
Category: End User Computing

Intune Training: Considerations for Hybrid Deployment

Introduction

Welcome to another informative blog post from the Intune Training series. In today’s lesson, we will be discussing a crucial consideration for Intune when thinking about a hybrid deployment.

Why Consider a Hybrid Deployment?

In many cases, especially in small and medium-sized businesses (SMBs), fully adopting a cloud solution may not be feasible due to existing on-premises infrastructure and capital expenditures. However, Microsoft Intune offers excellent capabilities for a hybrid architecture, allowing businesses to gradually transition to a modern solution within Microsoft 365.

Understanding the Existing Architecture

Before we delve into the phase milestones of adopting Intune, let’s first understand the typical architecture of organizations considering a move to a cloud-based environment.

Typically, businesses will have a perimeter network with a firewall for accessing corporate resources. Workstations are domain joined to a domain controller, and users either physically go to the office or use a VPN to remotely access corporate data stored on a file server. To extend on-premises identities to the cloud, ADConnect is set up, and users rely on Microsoft 365 for email functionality.

Phase Milestones for Intune Adoption

To ensure a smooth transition to a fully managed cloud-based solution, we recommend the following phase milestones:

Use the Group Policy Analytics tool in the Endpoint Manager Admin Center to assess the compatibility of your existing group policies with Intune. This step helps identify policies that may need accommodation or are no longer applicable, streamlining your migration process.
Configure hybrid device join with ADConnect, allowing domain-joined devices to hybrid join Azure AD. This step facilitates bulk enrollment into Intune and sets the stage for Windows Autopilot, enhancing your change management processes.
Incorporate Windows Autopilot for procuring new devices. Collaborate with OEM providers to upload new serial IDs into the Autopilot service, automatically enrolling them in Intune. This enables you to push applications, policies, and configurations to the new devices, while still managing legacy devices through Active Directory and Group Policy.
Create app protection policies to manage corporate data on unmanaged devices. By applying these lightweight policies per device type (iOS, Android, and Windows), you can extend user productivity while maintaining security and compliance.
Bulk enroll devices into Intune using Group Policy. This step involves creating registry keys that enroll devices into the MDM service, allowing you to push scripts, policies, applications, and perform patch management efficiently.
Gradually adopt more Intune services over time, such as application deployment, script deployment, and configuration settings, until achieving full management of cloud devices joined to Azure Active Directory. This phased approach minimizes disruption and ensures a smooth transition.

Considering Other Architectural Elements

Aside from the hybrid deployment considerations mentioned above, it’s essential to evaluate other architectural elements that may impact your decision to replace your current Remote Monitoring and Management (RMM) tool with Intune.

Patching

Endpoint Manager fully supports patching, enabling you to replicate your current RMM tool’s patching capabilities.

Printers

If your network relies on local printers, Intune offers PowerShell scripting to deploy printers on devices. Alternatively, you can explore Microsoft’s Universal Print solution or third-party tools like Printix for cloud-based printing.

Remoting Capabilities

While Intune does not directly replicate all the remoting capabilities of an RMM tool, you can integrate with TeamViewer to enable remote access to devices.

File Share

Migrating file shares to the cloud can be achieved using the SharePoint Migration Tool (SPMT), while OneDrive silent configuration and Known Folder Move provide seamless data sync and access.

Scripts and Applications

Endpoint Manager Admin Center allows you to push out scripts and applications, offering similar functionality to an RMM tool.

Device Enrollment

Intune’s agentless device enrollment eliminates the need for maintaining an agent, simplifying device management.

Multi-Tenancy

For businesses managing multiple companies, Microsoft Lighthouse offers a multi-tenant solution for MSPs, expanding Intune’s management capabilities.

Conclusion

By following the phase milestones and considering the various architectural elements, businesses can successfully adopt Intune as part of their hybrid deployment strategy. Intune’s powerful capabilities, coupled with Microsoft’s ongoing enhancements, make it a compelling choice for modern device management.

Stay tuned for our next blog post, where we will explore the best practices for Microsoft Intune. Thank you for reading!

Intune Training Demo

Join our Intune WhatsApp Community

Join our Intune Telegram Community

Leave a Reply Cancel reply

      Excellent rating  
 Based on 16 reviews 
    
  
 
 
      Trustindex verifies that the original source of the review is Google. It was great working  and learning experience with krish on scripting issue. Communication with Management is very responsive and helpful and  special thanks to krish for his patience.
     
   sujith B 
 
 
 
 
 
    Trustindex verifies that the original source of the review is Google. Trainer explained well.completed all topics and helped in technical issues
     
   Laxmi M 
 
 
 
 
 
    Trustindex verifies that the original source of the review is Google. Gulshan who is the trainer is very good at giving insights of the RPA and he is good on clearing all my doubts. The institute also helped me find the right trainer
     
   Srivalli Anand Makkapati 
 
 
 
 
 
    Trustindex verifies that the original source of the review is Google. Thank you so much, Mr. Kishore, for the online IT training.  That was a great experience with you. I have learned a lot from you. You are a very knowledgeable person and helpful in answering questions. I appreciate your replies to me promptly through text messages or email. I understand you overall.
     
   Asif Jafri 
 
 
 
 
 
    Trustindex verifies that the original source of the review is Google. The explanation is excellent. Trainer explained with live examples and secenarios
     
   Eswar vakada 
 
 
 
 
 
    Trustindex verifies that the original source of the review is Google. Excellent experience. Kishore is a valuable resource, Lara online training should be proud of him.
     
   Nasir Javed 
 
 
 
 
 
    Trustindex verifies that the original source of the review is Google. that was a best practice and I have learned alot new things.
thank you kishore
     
   Muscle Passion 
 
 
 
 
 
    Trustindex verifies that the original source of the review is Google. Thank you so much for give us such a great training I learn a lot and it adds value to my knowledge If got a job I should be able to do it without any trouble thanks.
     
   Mohammad Zahid_Qureshi

Login/Sign Up

Search

Menu

Blog

Intune Training: Considerations for Hybrid Deployment

Intune Training: Considerations for Hybrid Deployment

Introduction

Why Consider a Hybrid Deployment?

Understanding the Existing Architecture

Phase Milestones for Intune Adoption

Considering Other Architectural Elements

Patching

Printers

Remoting Capabilities

File Share

Scripts and Applications

Device Enrollment

Multi-Tenancy

Conclusion

Intune Training Demo

Leave a Reply Cancel reply