The majority of companies use SCCM to manage laptops, computers, servers and some for mobile devices, if they use Microsoft Intune in hybrid mode. In some situations, Intune and SCCM management is done by 2 different teams. Except for the Full Administrator role in SCCM, it’s possible to separate Intune with Configuration Manager infrastructure in the console by using security roles and security groups (RBAC). The goal is to ensure that an Intune administrator does not access Configuration Manager client devices and objects, as you don’t want to end up with people who may wipes or manages mobile devices when they are supposed to be only Configuration Manager admins. This post will explain how to strengthen security and separate Intune with Configuration Manager infrastructure in SCCM console. Create Devices Collection for Intune Client The first thing to do is create a device collection that targets Intune clients. There’s two ways to create … Read More