Windows Intune: SCCM Connector

Windows Intune: SCCM Connector

The big thing in the Microsoft and SCCM world right now is Intune and how it functions with the System Center Suite, specifically SCCM. Connecting Intune to SCCM gives administrators a good amount of control over BYOD devices and ability to keep corporate data secure. Some features include wiping devices, configuring compliance settings, deploy LOB applications, and collecting software and hardware inventory.

There is an entire series of blog posts at to get you started in Intune. This post will detail the steps required to tie your Intune subscription into SCCM to give you a signal pane of glass with which to manage your devices.

Intune Prerequisites

The first prerequisite for tying Intune to SCCM is obviously an Intune subscription. You must have this, or at least a trial set up first. You must also have your Azure AD set up and synced with your corporate directory. Finally, you need to have a DNS alias set up to point enterpriseenrollment.<company domain name>.com to This alias is used in the enrollment process. For more details about these steps, see this TechNet article:

Enabling Intune for SCCM

After the prerequisites are complete, you can install the Intune connection site system role. This role pushes settings and applications to the Intune service. This is done by setting up the subscription under the Administration>Cloud Services tab in your SCCM console. Go through the wizard and sign into your Intune account. One important thing to notice here is that you will only be able to manage mobile devices by using the SCCM console. If you are managing computers, that will have to be done natively through SCCM.

Once you select SCCM has your management authority, it CANNOT be changed back to Intune.

You will be asked to specify a collection that contains the users who are able to enroll mobile devices. I would suggest creating a collection that will serve ONLY this purpose. You will also be asked to provide your SCCM site code. You will also be asked to configure some additional options about the devices that you wish to manage. After this, the wizard is complete.

Intune Site System Role

After the subscription has been added to SCCM, an option to install the Intune site system role will be available. This can be installed like any other system role, though it is only available on central administration or stand-alone primary sites. This role can be installed on any site server.

Setup Mobile Device Enrollment

Setting the system up for the enrollment of devices is different for each platform. For Windows Phone 8 devices, you must get a Symantec certificate and code-sign your company portal. For Windows Phone 8.1 and Windows RT, you must use a sideloading key and all LOB apps must be code signed. For iOS, you need an Apple Push Notification certificate, and nothing is required for Android. After these various certificates are in place, you are ready to begin enrolling and managing devices with SCCM and Intune.



Contact Us

On Key

More Posts

Mastering Azure AD Connect - A Comprehensive Guide by WME
Active Directory

Mastering Azure AD Connect – A Comprehensive Guide

Modern businesses are fast moving toward cloud-based infrastructure. In fact, cloud-based business is not just a trend anymore but a strategic necessity. Microsoft’s Azure Active Directory (Azure AD) has become a frontrunner in this domain. It

Read More »
Security Best Practices in SharePoint
Office 365

Security Best Practices in SharePoint

Microsoft SharePoint is an online collaboration platform that integrates with Microsoft Office. You can use it to store, organize, share, and access information online. SharePoint enables collaboration and content management and ultimately allows your teams to

Read More »
The Ultimate Guide to Microsoft Intune - Article by WME
Active Directory

The Ultimate Guide to Microsoft Intune

The corporate world is evolving fast. And with that, mobile devices are spreading everywhere. As we venture into the year 2024, they have already claimed a substantial 55% share of the total corporate device ecosystem. You

Read More »
Protecting Microsoft 365 from on-Premises Attacks
Cloud Security

How to Protect Microsoft 365 from On-Premises Attacks?

Microsoft 365 is diverse enough to enrich the capabilities of many types of private businesses. It complements users, applications, networks, devices, and whatnot. However, Microsoft 365 cybersecurity is often compromised and there are countless ways that

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.