Microsoft has announced that on September 1, 2019, they will retire the hybrid MDM service offering. If you have SCCM in Hybrid mode, plan your migration to Intune Standalone. If you’re planning to do Mobile Device Management, please see our new post on that topic
The first step in order to link Intune and your Configuration Manager 2012 server is to add and verify your domain in Windows Intune. Mobile devices will be communicating with Intune and not directly with your Configuration Manager.
Intune management is split into 2 distinct links :
- https://account.manage.microsoft.com to access the Windows Intune Account Portal. Use it to add and manage users, subscriptions and domains). This console will be used to setup the environment.
- https://admin.manage.microsoft.com to access the Windows Intune technical console This console will be barely used since all the mobile device management will be made in Configuration Manager.
Let’s start the Windows Intune configuration :
- Log in your Intune Account Portal
- Select Domains section
- Cick on Add a domain
- Enter your domain name
- Click Next
- In the Verify domain screen
- Follow the on-screen instructions to create a TXT record or a MX record on your public DNS. We choose to create a TXT record for this blog post.
- Sign in to your domain name registrar’s website, and then select the domain that you’re verifying.
- In the DNS management area for your account, select the option to add a TXT record for your domain.
- In the Host or Host name box for the domain, type or paste @.
- In the value box, type or paste your MS=msXXXXX. Depending on the website, this box may be labeled Text, Value, Address, Points to, or TXT record.
- Where it asks for TTL information, type 1 Hour to set TTL to 1 hour.
- Save your changes, and then sign out of your domain name registrar’s website.
This step is important because it allows Intune to verify that you are the owner of the domain. Note that your TXT value will have an unique value.
While you are modifying your DNS,
- Create a DNS alias (CNAME record type) that redirects EnterpriseEnrollment.YourDomainName.com to manage.microsoft.com. This will be used for managing Windows Phone 8, Windows RT and Windows 8.1 devices. It will prevent to enter the server name during device enrollment.
Note: Typically it takes about 15 minutes for your changes to take effect. But it can take up to 72 hours for the DNS record that you created to propagate through the DNS system.
Here’s the result on our domain.
- Once you’re complete your DNS entries, go back to the Intune console
- Click on Verify
You’ll be taken back to the Domains screen.
- Check the status of the domain
- You should read Verified
If you get an error, wait a couple of hour and try again. You need to wait for your domain to sync your new DNS entries.
That’s it, you’ve completed the first step to manage mobile device with SCCM 2o12.
sccm 2012 mobile device management intune