Easy Setup of Cloud Attach/Co-Management Workloads with Intune and MECM (Pilot Mode with Collection Sync)

A quick note dump on how I set this up. Most commonly, I find they are either setup as (Intune or ConfigMgr). Our happy Medium is Pilot Intune. Some folks actually prefer to keep this setting permanently and just populate the collections in SCCM. This is my method. Combined with Collection Sync To Azure AD Groups and you have an easy method to organize/track the solution. Screenshots below.

I’ll be creating one collection per Workload

I create a folder for Co-Management(or Cloud Attach) in the console for my Pilot Collections:

Within this folder I create one collection per Workload.

I also create one parallel group in Intune/Azure AD for each collection I created.

Once you’ve onboarded CM into Azure, you have the ability to enable collection sync to Azure AD. This is very useful, since it will sync any collection’s membership to a specified group in Intune/Azure AD.

So ensure Collection Sync is enabled, Set your workloads to Pilot Intune, connect each workload to your chosen Pilot Collection, then you tie each collection to a parallel group in Azure AD/Intune. This ensures you have “one source” of truth. This avoids drift in the groups so you aren’t manually maintaining both sides.

If we compare the collection and group in Intune, we have parity.

Until next time.