Intune / SCCM – You can now launch device sync and device action activities from the Intune portal

If you are working with System Center Configuration Manager Current Branch 2002 (SCCM CB 2002) and Intune/Endpoint Configuration Manager in a co-managed configuration, you can now launch Device Sync or Device Action from the Intune/Endpoint Configuration Manager portal.

Before you are able to do such thing, you need to meet some requirements:

• First you need to be running System Center Configuration Manager Current Branch 2002 (released few weeks ago – see https://t.co/4AH1xRqvEY)
• Use a global administrator account when setting up configuration
• Accounts triggering these actions must be discovered by SCCM using both Azure Active Directory user discovery and Active Directory user discovery – this mean these accounts must be synchronized with Azure AD
• Accounts triggering these actions must be granted the Initiate Configuration Manager action permission
• You must have enabled and configured co-management in System Center Configuration Manager

Once all these prerequisites are meet, you can start implementing the configuration.

First stop, the SCCM administration console to update the co-management configuration to enable uploading SCCM devices to Intune

• Open your SCCM administration console and go to the Administration workspace to edit the co-management under the Cloud servicesCo-management

• Go to the Configure upload tab from the co-management properties to enable the upload; you can choose to either upload all devices from your SCCM or a specific collection.

You will get prompted to sign-in with the global administrator account

• This will create an Azure AD application

If you don’t have yet co-management configured, you can enable this during the initial configuration process by checking the option Upload to Microsoft Endpoint Manager admin center; you will then have to do the same as above (sign-in with a global admin account and confirm the Azure AD application creation)

You can review the upload activities using the CMGatewaySyncUploadWorker.log log file located under the SCCM install directory logs folder where you should find Next run time will be at approximately and Batching X records messages which confirms the upload process is working.

Upload process is running every 15 minutes and it may take up to 15 minutes for the changes to appear in the Intune/Endpoint Configuration Manager portal.

Batching 16 records    SMS_SERVICE_CONNECTOR_CMGatewaySyncUploadWorker

Worker CMGatewaySyncUploadWorker is finished processing.    SMS_SERVICE_CONNECTOR_CMGatewaySyncUploadWorker

Next run time will be at approximately: 04/23/2020 09:42:23    SMS_SERVICE_CONNECTOR_CMGatewaySyncUploadWorker

NOTE you may got the following the first time as there has been no data upload yet after the initial configuration and upload

No rows were returned or could not be read for last sync result for spCMGSGetDevices. May cause re-init.    SMS_SERVICE_CONNECTOR_CMGatewaySyncUploadWorker

Once the upload has been successful and the data process by the back-end, you should then see in the IntuneEndpoint Configuration Manager portal in the DevicesAll Devices all devices part of the selected collection with the Managed By information set to ConfigMgr

From there you can now select one device to initiate Device Sync or Device Action – including for servers if the collection you selected contained server devices