Cloud attach – Endpoint Managers silver lining – part 4 Enabling co-management

Posted on February 20, 2021 by ncbrady

Introduction

This is part 4 in a series of guides about cloud attach in Microsoft Endpoint Manager, with the aim of getting you up and running with all things cloud attach. This part will focus on enabling co-management. This series is co-written by Niall & Paul, both of whom are Enterprise Mobility MVP’s with broad experience in the area of modern management. Paul is 4 times Enterprise Mobility MVP based in the UK and Niall is 10 times Enterprise Mobility MVP based in Sweden.

  • Cloud attach – Endpoint Managers silver lining – part 1 Configuring Azure AD connect
  • Cloud attach – Endpoint Managers silver lining – part 2 Prepare for a Cloud Management Gateway
  • Cloud attach – Endpoint Managers silver lining – part 3 Creating a Cloud Management Gateway
  • Cloud attach – Endpoint Managers silver lining – part 4 Enabling co-management

In part 1 we configured Azure AD connect to sync accounts from the on premise infrastructure to the cloud. In part 2, we prepared Azure resources for the Cloud Management Gateway, in part 3 we created the cloud management gateway and verified that everything was running smoothly. In this part we will enable co-management. With co-management, you retain your  existing processes for using Configuration Manager to manage PCs in your organization and you gain the additional advantage of being able to transfer workloads to the cloud via Intune.

Step 1. Create some pilot collections

In ConfigMgr, create some collections that we’ll use for co-management, a suggestion is shown below. We’ve created an All co-managed devices collection which will contain all the devices we intend to co-manage. Create one collection for each corresponding co-management workload, and limit those collections to the All co-managed devices collection. The following workloads are currently available:

co management collection structure.png

Step 2. Configure co-management

In the Configuration Manager console, go to the Administration workspace, expand Cloud Services, and select the Co-management node. Right click and choose Configure co-management in the ribbon to open the Co-management Configuration Wizard.

Configure co-management.png

The co-management configuration wizard will appear, below screenshot is from ConfigMgr version 2010.

co-management configuration wizard.png

On the Subscription page of the wizard, configure the following settings:
• The Azure environment to use. For example, the Azure Public Cloud or the Azure US Government Cloud.
• Select Sign In. Sign in as an Azure global administrator

sign in as azure global admin.png
signed in.png
Note: By default, the option Upload to Microsoft Endpoint Manager admin center is enabled by default, this is part of tenant attach and we will deal with setting up tenant attach in a later blog post, for now, deselect this option for pure co-management.

upload to mem disabled.png

From the drop down select Pilot as we want to selectively target pilot (beta test) our co-managed devices. Browse to the All co-managed devices collection created in step 1. If you select All then all devices will be enabled for Intune Auto Enrollment and become co-managed. The text in the box below is used when deploying the configuration management client to devices already enrolled in Intune via a line of business app. This text is used as a command line parameter to onboard the targeted devices as co-managed.

enable co-management.png

On the Configure workloads screen, keep all the workloads pointing to ConfigMgr for now. We will enroll a client into co-management and then verify the status of that client before and after moving a workload to Pilot. When a workload points to Pilot, you will have to pick a staging collection, use the corresponding collection (from step 1) for that particular workload. You can add one or more devices to that pilot collection in order to test how the workloads behave on those targeted clients. When you move the slider to Intune, this enables that workload for all of your co-managed devices that are present in your All co-managed devices collection.

configure workloads.png

On the staging screen we are not able to select anything since we left all our workloads at ConfigMgr (for now). We will show you how to flip workloads in the next blog post.

configure roll out collections.png

Click next through the Summary and verify you are happy with the choices before proceeding through to the completion of this wizard.

completion.png

Continue reading this blog post here.

 

This entry was posted in 2010, Cloud Attach. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.