Hey everyone! 😊 With Microsoft officially retiring MDT, I'm curious about what alternatives people are adopting for secure device deployments and imaging going forward. I'm part of a UK Multi Academy Trust and I'm looking into a hybrid approach with AD and Intune, but I'm still trying to figure out the best way to integrate it with Active Directory and existing Group Policy. Is combining Intune with Group Policy a viable replacement for the MDT-style imaging? How does this work for both shared devices and user-assigned devices that might change assignments later? I'm also interested in hearing strategies for hybrid join/enrollment and if Intune update rings can effectively replace WSUS or other patch management tools. I'm considering SCCM too, so I'd love to hear from anyone who's taken that route. Any recommendations for other alternatives would be great as well! Thanks!
6 Answers
I’m really frustrated that all the free tools that used to come with Windows licensing are now being phased out for Intune, which just adds to costs.
About Microsoft’s timelines, I think we’re safe for quite a while with MDT. From what I understand, ADK is still necessary for SCCM, so as long as that exists, MDT should keep working too. Worst case, we might just need to integrate VBS or custom PowerShell scripts into our images. We’re testing out Manage Engine's Endpoint Central which includes deployment features, so we might consolidate on that since we are using a mix of tools right now, including MDT and SCCM.
You might want to check out Smart Deploy from PDQ. I switched to that instead of going with Microsoft’s licensing and I have no regrets!
Is Smart Deploy included in the PDQ Deploy license or is it a standalone product?
Interesting choice! Is it part of the main PDQ Deploy package?
Honestly, I’m not too concerned about MDT being retired since we still use an older version for deploying Windows 10/11 and even Server 2019/2022. It works perfectly fine for us! We have everything running in one task sequence, and our current WinPE is based on Windows 10. It's great for our sales reps too since we can do WiFi deployments over VPN. So as long as it keeps working, there’s no rush to change.
I’m aware that some alternatives like PSDT might have better features, but they require more setup, and we’re sticking with MDT for now.
We're just running our MDT instance as is for now, and it's still effective. Eventually, we're thinking about moving to SCCM for better imaging options, but I'm not exactly sure how that transition will unfold.
I feel the same way! We’re using MDT but I don’t want to wait too long before making a switch. I’m worried it might fail when we least expect it.
Switching to SCCM just for imaging seems like a waste of time and money to me. I’d stick with MDT as long as it’s still working!
In our case, we utilize SCCM for imaging and rely on Intune for Windows Updates. It works seamlessly in our hybrid environment.
Thanks for sharing! How do you enroll devices into Intune? Do you have a Group Policy that handles that?
I appreciate your thoughts on this!