cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

InTune Integration

We're looking at integrating with InTune for device deployment in the near future.  In our current integration to SCCM we only pull in desktop/laptop/VDI devices for deployment.  We have a device collection that excludes servers on the Web Site - General tab and we do not integrate currently with MobileIron, but MobileIron devices will be moving to InTune.  We only want to deploy to desktop/laptop devices with InTune.

Is there a way to exclude these mobile devices from InTune so they can't deploy software to the devices?

(1) Solution

Are you syncing users/computers from Intune, or are you still syncing from SCCM? If the latter, then I'd expect that we should be able to put in custom computer sync query to filter out the Android/iOS devices.

View solution in original post

(8) Replies

Sorry, Teri.  It may just be me, but I'm not following the question.  Can you please clarify what it is that you're trying to do?  Are you trying to exclude specific devices from showing up in Imported Users and Computers?  If so, is it Intune Android/iOS devices that you're trying to exclude while still allowing Intune laptop/desktop devices to show up?  Are you trying to block mobile devices from connecting to App Portal, or just not allow them to be targets for deployment?

Anything expressed here is my own view and not necessarily that of my employer, Flexera. If my reply answers a question you have raised, please click "ACCEPT AS SOLUTION".

Hi Jim - we don't want any Android/iOS devices to show up in Imported Users and Computers from InTune and we do not want those devices to be targets for deployment through AppPortal.  We don't have mobile site enabled in AppPortal.

Are you syncing users/computers from Intune, or are you still syncing from SCCM? If the latter, then I'd expect that we should be able to put in custom computer sync query to filter out the Android/iOS devices.

Thanks for the reply.  We have custom sync queries so knowing that those would take precedence on the sync makes it easy for me to exclude mobile. I wasn't sure if both SCCM and InTune would sync user/computer or just one of them but you just answered that for me.

Honestly, I don't have an Intune instance to test with, so I don't know how it behaves.  Does Intune perform a user/device sync like Jamf and UEM?  If so, I'm not sure that the custom sync query is going to help you filter that out.  However, my guess is that it doesn't and that you'll only get user/device information synced over from SCCM (via your custom queries).

Anything expressed here is my own view and not necessarily that of my employer, Flexera. If my reply answers a question you have raised, please click "ACCEPT AS SOLUTION".



I'm not sure if InTune does bring in users/computers like JAMF because we haven't integrated yet, we're in the planning stage, but we don't want to sync the mobile devices.



The only time that we should pull users/computers from Intune is when you explicitly specify that users and/or computers should be synced from Intune. This is different than in the case of UEM/JAMF, where we will pull devices from these deployment technologies on a nightly basis. 

Thanks, Charlie.  I just looked around in the UI a bit, and I now see that Intune is listed in the drop-down boxes for "Syncing Users" and "Syncing Computers" on the Deployment > Common tab, so I guess that makes sense (though it means you couldn't have both SCCM and Intune as separate standalone solutions at the same time - probably a corner case, since you'd likely just use co-management rather than independent solutions).  Anyway, always glad to be educated on new features.  Thanks, @TeriStevenson, for the question, and thanks, @CharlesW, for the answer!

Anything expressed here is my own view and not necessarily that of my employer, Flexera. If my reply answers a question you have raised, please click "ACCEPT AS SOLUTION".