Co-management was first introduced in SCCM 1710, since then, it has been updating with the latest features that help to achieve more in a better way. Co-management helps to move the windows device management from traditional to Modern using Microsoft Intune (MDM). This post will describe how to Monitor it using an SCCM comanagement report. If you don’t have any plans to manage the device using Intune which is already being managed by ConfigMgr, you can still go ahead and enable the co-management and leave the workloads with ConfigMgr. You obsoletely have no issues in doing it. By enrolling the device into Intune, you get additional benefits from the cloud such as conditional access policy, wipe or reboot a device, etc. When you enable the co-management and start moving the workloads to Intune, it is always important to monitor the devices for enrollment status, the errors in case they failed … Read More
Deploy Yammer desktop application using Microsoft Endpoint Manager
Yammer is an enterprise social networking service used for private communication within organizations. Yammer helps you to connect and engage users across your organization, thereby you can discuss ideas, share updates, and network with others around the globe. To access Yammer, you can either use a web browser or desktop client application. I like the browser app on windows device but individual choice In this blog post, we will see how to deploy using Endpoint Manager the Yammer App desktop client using Microsoft Endpoint Manager (Intune). Yammer desktop app is available in both exe and MSI file (machine wide installer). If you want to deploy Yammer using .exe file using Intune, you can create a win32 app and deploy it to the user group. If you want to deploy Yammer using MSI, the Yammer Machine-Wide Installer is installed on the client machine (C:\Program Files (x86)\Yammer Installer), and it installs the Yammer … Read More
Manage Android devices without GMS using Microsoft Endpoint Manager
I was recently helping out a customer who wanted to manage Android mobile devices using Endpoint Manager for users in China. What is different from managing Android mobile devices for users in China and out of China? There is a significant difference and it is due to the services available on an Android mobile device that is required for managing the devices using Microsoft Intune. Microsoft Endpoint Manager provides 2 ways of protecting the mobile devices which are MAM-WE (Application management without enrollment) and Device enrollment (MDM). Following are some of the major differences between MDM vs MAM (app protection policies): MDM (Mobile Device Management) MAM(Mobile Application Management) Enroll devices Publish Apps Provision settings, certs, profiles Configure and update apps Auto install apps Secure corporate data within mobile apps Report and messure device compliance Report app inventory and usage Remove corporate data Remove corporate data Reset device Remote wipe (Corporate … Read More
How to resolve SCCM CMG Policy Violation Error
Cloud management gateway (CMG) is a new chapter in Microsoft Endpoint Manager Configuration Manager (MEMCM). It is getting improved better and better in each version that gets released. If you look at the technical preview build that was released recently (version 2009), it has a remote control feature for CMG connected devices which is very much needed to support the internet-connected devices and there are many other good features in the technical preview build that might ship in the next production build. But that’s a whole other topic. In this blog post, I will describe the SCCM CMG Policy Violation error that I recently come across at a customer while deploying the SCCM Cloud Management Gateway service. Due to the COVID-19, lot of workforce is working from home and managing the endpoints over internet or VPN is at most important and meet the compliance. You can refer to our guide … Read More
How to fix SCCM Bitlocker prompt for fixed drives
This blog post describes how to fix SCCM Bitlocker prompt for fixed drives when integrated the MBAM features with Configuration Manager. Introduction Starting with Configuration Manager 1910 onwards, Bitlocker features that were available in MBAM are now fully integrated into ConfigMgr and allows you to manage the Bitlocker drive encryption (BDE) for your windows clients without requiring any additional tools. From Configuration Manager 2002 onwards, the Bitlocker management feature is no more a pre-release feature. The Bitlocker functionalities that exist in Configuration Manager 1910 onwards, only supports the clients that are on-prem and joined to Active Directory ONLY. You will not be able to use the Bitlocker features for clients that are Azure Active Directory-joined, workgroup clients, or clients in untrusted domains. The clients that are not on-prem domain joined, will not be able to authenticate with the recovery service to escrow keys. For more information on how to set … Read More