Hey everyone! I'm diving into my role as a new sysadmin and I've hit a bit of a crossroads. Currently, our laptops are managed through Intune, but I haven't made any changes to their setup since starting. Should I stick with Intune or switch over to managing them via SCCM like we do for desktops? Does it even make sense to domain join the laptops? We're moving to a policy where users will either use desktops or laptops, and I want to ensure both devices are interchangeable with minimal differences. If anyone has helpful resources about what can be done with Intune, I'd love to see them! I noticed the previous team sourced a bit of everything, so I have some flexibility in how we proceed.
3 Answers
I suggest picking a single management standard for all your devices—laptops and desktops—unless you absolutely need them separated. Check if your desktops are Hybrid Joined, Entra ID Joined, or part of an on-prem AD. Also, see if SCCM is already co-managed with Intune. If there are no constraints, consider moving everything to Entra ID and leverage Intune for configuration and policies while keeping some SCCM co-management for reporting.
You're in a great spot to learn about Azure compliance and policy management! While GPOs aren’t exactly a thing in the cloud, there are plenty of device management options available with Intune. I’d recommend checking out Microsoft’s free training resources. It's your call if you want to spend money on certification exams later on.
Actually, Intune does handle some aspects like GPOs, just in a different way than traditional setup.
Since you're just starting, I'd suggest the CBT Nuggets training. Get a couple of devices enrolled, group them, and then apply policies to those groups. Just steer clear of blanket policies that affect all devices right away. Good luck!
Exactly! If you can do an Entra ID join and manage via the cloud, that's the way to go. We ditched SCCM and shifted entirely to Intune, and it worked well for us.