As you may already know, Microsoft decided to move from Classic Intune to Azure integrated Intune. There are a few things that need to be considered before you decide to use Azure integrated Intune for patch management.
If there is a policy that exists in the Classic portal that has a software update ring, and you are using Azure integrated Intune, then there might be a policy conflict. Make sure the Classic Intune policies are removed.
Classic Intune can only manage the devices using Intune management agent. Azure integrated Intune can manage the devices only if the device is enrolled as a Mobile Device. If the agent is present in the Workstations area of the Azure Resource Manager (ARM)/Classic Portal, it can't be enrolled as a Mobile Device. So, the first thing you should do is remove the Agent.
If the Agent is present in the workstation, it can't be enrolled to new Azure integrated Intune. You have to uninstall the agent, you can use this process. This will create a Scheduled Task. It may take about 5 to 10 mins. It uses ProvisioningUtil.exe located under C:\Program Files\Microsoft\OnlineManagement\Common. If you have a custom installation path, or if the exe doesn’t exist, then you might need to reinstall the Agent and run this script again.
If you are planning to migrate to Azure integrated Intune from Classic Intune, make sure the device is not listed in the Classic portal. If the device is visible, then before enrolling, make sure the workstation entry is removed from the Classic portal. Sometimes you may see entries in both portals - in that case, you have to remove the device from both, and re-enroll.
If you'd like to find out more information we are a Microsoft License Solution Provider and can assist with in-depth technology discussions, product demonstrations, virtual lab sessions and proof-of-concepts.
- By Vijaya Ragavan (Senior TSC Consultant)