This is part 5 in a series of guides about cloud attach in Microsoft Endpoint Manager, with the aim of getting you up and running with all things cloud attach. This part will focus on enabling the compliance policies workload. This series is co-written by Niall & Paul, both of whom are Enterprise Mobility MVP’s with broad experience in the area of modern management. Paul is 4 times Enterprise Mobility MVP based in the UK and Niall is 10 times Enterprise Mobility MVP based in Sweden.
In part 1 we configured Azure AD connect to sync accounts from the on premise infrastructure to the cloud. In part 2, we prepared Azure resources for the Cloud Management Gateway, in part 3 we created the cloud management gateway and verified that everything was running smoothly. In part 4 we enabled co-management. With co-management, you retain your existing processes for using Configuration Manager to manage PCs in your organization and you gain the additional advantage of being able to transfer workloads to the cloud via Endpoint Manager (Intune). In this part we’ll enable the compliance policies workload and see how that affects a co-managed computer.
- Cloud attach – Endpoint Managers silver lining – part 1 Configuring Azure AD connect
- Cloud attach – Endpoint Managers silver lining – part 2 Prepare for a Cloud Management Gateway
- Cloud attach – Endpoint Managers silver lining – part 3 Creating a Cloud Management Gateway
- Cloud attach – Endpoint Managers silver lining – part 4 Enabling co-management
- Cloud attach – Endpoint Managers silver lining – part 5 Enabling compliance policies workload
Step 1. Verify compliance status in Endpoint Manager
Before making any changes to workloads, on a co-managed device, open devices in Microsoft Endpoint Manager and locate that device, you should see that the compliance state is in a status of See ConfigMgr.
Step 2. Create an Azure AD group
In Endpoint Manager, create a new Azure Ad group which you’ll use in the next step. Give it a suitable name like Co-managed compliance policies devices, this group should have a membership of Assigned.
Step 3. Add some devices to the workload collection
Next, add one or more devices to the collection that you will use when piloting a compliance workload. You can add the device(s) by selecting them and right clicking, choose Add selected items to Existing Device Collection and then point them to the relevant collection corresponding to that workload. The collection you will add device(s) to in this case is the Co-managed compliance policies collection.
You can read the rest of this blog post here.