Every week I’m on a conference call with customers who are using, or interested in using, SCCM and Intune/EMS. Every single conversation finds its way into the following questions:
- “Should I use Intune to manage Windows 10 Surface Pro and Dell/HP laptops outside the network?”
- “Should I integrate SCCM and Intune?”
- “Can I just move all my SCCM infrastructure into Azure?”
Good questions. Unfortunately, the answers aren’t yet fully-baked. The answer to each is “it depends”.
But during one call in particular, we had a bunch of crusty old SCCM engineers discussing the past, present and future of the product. This wound up in a discussion about “what would it take?” …to switch to Intune as the primary management interface, even for on-prem devices. The gist of this was not about “eventually” or long-term, but rather, what could be dropped in our lap sooner, and make us say “oh, snap! time to reconsider!”
Anyhow, we came up with the following:
1 – Hybrid Deployments
The ability to configure application deployments in a cloud console, while directing clients to fetch the content from on-prem sources. The reverse of cloud DPs, if you will. The application configuration resides in the cloud, and the source content, and deployment content, are hosted on-prem.
This could be handled with the Intune client being equipped to poke for the on-prem location as a means to determine on/off prem status. If on-prem, download the content from the on-prem DP. Otherwise, follow the configuration (wait, or download from another source). The goal would be to support cloud clients, mobile clients and on-prem clients, where each could pull content based on proximity, performance and least cost.
This would also span out to OSD as well. If the WIM files, driver packages, and other bits were available from an on-prem source (via PXE/WinPE) it could work. Maybe it would require something like iPXE Anywhere, or maybe not.
2 – Expanded Deployment Types
Intune would need to be able to deploy more flexible types of instructions. Such as EXE files with additional parameters (aka “switches”), MSI’s with MST transforms. PowerShell scripts would be nice too.
3 – Full Inventory
This is actually two parts combined. The first being a split inventory detection that pulls a complete (e.g. SCCM-style) WMI inventory data set from a full Windows client, but does the status quo for other clients. The second part being a means for leveraging that extended inventory to save time/effort in other areas (targeting policies, apps, etc.)
And speaking of inventory, is there a CIM-like equivalent for mobile platforms like iOS, Android, etc.?
Granted, this is *not* enough for SCCM to throw in the towel and surrender. But these seem to be the most-used features in SCCM which are not replaceable with Intune, yet.
If this is true, or “accurate”, then it doesn’t seem like such a tall hill to climb. We were not entirely sober at the time, so it’s quite possible we overlooked something here. Maybe something embarrassingly obvious, but hey.
Thoughts? Substance or Garbage? Let me know.