Intune - Server management and unlicensed client


Hi everyone, more than a problem this is a post to clarify some aspects of Intune. I have moved the management of all our devices from SCCM to Intune. After a pilot phase, the workload was completely shifted to management via Intune. This is the current configuration of SCCM: ![58565-image.png][1] ![58359-image.png][2] ![58520-image.png][3] [1]: /api/attachments/58565-image.png?platform=QnA [2]: /api/attachments/58359-image.png?platform=QnA [3]: /api/attachments/58520-image.png?platform=QnA And my doubts follow. I am aware that Windows Servers cannot be managed by Intune, and clients cannot be managed without a licensed user either. My question therefore is how to handle these cases. How can I implement updates on the servers? From what I think I should create a client group by entering the licensed ones and excluding the servers, and contrary to what Microsoft suggests, redistribute the workload again. How do you manage these situations? Thank you, Alfio

Windows Server Management
Windows Server Management
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Management: The act or process of organizing, handling, directing or controlling something.
423 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,480 questions
Microsoft Configuration Manager
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Jason Sandys 31,181 Reputation points Microsoft Employee

    A handful of notes:

    • Your first screenshot above is not for co-management, it's for tenant attach. With Tenant attach. the MEM admin console becomes another management console for your ConfigMgr site exposing a small subset of functionality to admins. Tenant attach is not client OS specific and thus you can actually manage servers from the MEM console. Keep in mind "manage" here is simply a limited subset of overall ConfigMgr capabilities exposed in the MEM console and not Intune management capabilities.
    • Co-management will only apply to systems running Win 10 1709 and above so even if you include other systems in your targeted collection (or use All as you have in your second screenshot above), these other systems will be ignored are far as co-management goes.
    • Co-management does not move management from ConfigMgr to Intune, instead, it enables coordinate management by both on the Win 10 devices. The sliders give you control over this coordination but this is client-side functionality. Thus, moving a slider doesn't disable anything in ConfigMgr itself, it merely instructs the targeted client(s) to consider/enforce policies from Intune (each slider has a slightly different end-effect and result so this is a generic statement at best).

    Thus, you deploy updates to servers using the normal processes in ConfigMgr regardless of the co-management or tenant attach configuration.

    1 person found this answer helpful.
    0 comments No comments