Using Microsoft's Hybrid MDM? Er, not for much longer
You will move to Intune on Azure. You have one year to comply
Microsoft has warned customers managing mobile devices using hybrid MDM that the clock is now ticking for the service and gently reminded them to consider migrating to Intune on Azure?
Hybrid MDM (Mobile Device Management) was created to allow System Center Configuration Manager (SCCM) users to manage mobile kit using Intune to lob profiles, policies and apps at the things, while sticking with their existing on-premises infrastructure to administer content.
Microsoft has been shovelling features into Intune on Azure over the last year and now reckons the time has come to pull the trigger on the hybrid product, citing the fact that it now sees the majority of its enterprise customers opting for the cloudy choice.
Redmond is, however, at pains to point out that the change only affects mobile devices – on-premises SCCM for Windows 10 will continue to function as it always has.
Until, of course, management of Windows 10 shifts to a compulsory cloud-based subscription model. But that’ll never happen, right?
Microsoft also provides a co-management solution, allowing management of Windows 10 devices to be performed using both on-premises Active Directory and cloud-based Azure Active Directory, known as hybrid Azure AD. This "bridge from traditional to modern management" (or crudely welded cut-and-shut) isn’t affected by the end of hybrid MDM, but it is clear that the winds from Seattle are blowing cloudwards.
Hold-outs still clinging to their hybrid MDM solutions have just over a year to migrate to Intune on Azure, with the hammer falling on 1 September 2019. After that, Microsoft has warned, hybrid MDM devices will stop getting policy, app or security updates. New hybrid MDM customers will also be blocked from this November.
For the next 12 months, hybrid MDM will be very much a dead man walking, with Microsoft only committing to emitting what it reckons are "major" bug fixes and making sure the existing functionality keeps working over supported OS versions (such as the upcoming iOS 12).
The decision has seen a muted response from affected admins, with one telling The Register, "I didn't see the point of hybrid at all, it didn’t make any sense," before confessing to going "full Intune".
To ease the pain of transition, Microsoft has stated that licensing won't change (users already have the requisite licences for Azure as part of the existing hybrid MDM) and offers a case study of its own transition.
A case study that shows it manages a vaguely astonishing 20,000 Windows Phone devices. So that's where they all are. ®
Sponsored: Becoming a Pragmatic Security Leader