High Level Approach to Migrating Win32 Apps from SCCM to Intune
Apurva Singhal
Digital Workplace | UEM | MDM | Migration and Modernization | IT Portfolio Management | Agile Thought Leader | Neurodiversity Advocate
To leverage the full potential of #MSIntune, besides other workloads Applications should also move from #SCCM to Intune. This needs to be thoroughly Assessed, Planned, Tested and Implemented so the applications are migrated to Intune without any impact to users and business.
Why does this article only cover Win32 Apps
While there are several types of line-of-business (#LOB) app however most common type is Win32. #Win32apps are typically developed in-house and offer more control within #Intune than a Windows LOB app. Intune supports both 32-bit and 64-bit operating system architecture for this file type.
Deploying the Win32 app from Intune has the following advantages:
You can now deploy .exe files by converting them to the .intunewin format.
You can use detection logic to make sure that an app will be downloaded to the device and installed only if it's not detected as per a set rule.
You can create rules to require that the app is applicable to, downloaded to, or installed in the device only if it meets a specific criterion.
From the Intune user interface, you don't natively have the ability to deploy a single update to a Windows 10 device. If you have a critical update that has to be deployed to devices, you can use the Win32 app deployment approach.
You can set dependencies for a Win32 app. This setting enables you to determine either the sequence in which the app would be installed or the priority of the apps.
Nevertheless, the approach (Assessment->Plan/ Design->Test->Implement -> Handover) described here can be followed for any other type of application as well.
Assessment
Start with assessment to get an understanding of the current SCCM setup and how the Application Management is done via SCCM. Some of the questions could be:
=> Checking the Pre-requisites like:
Devices have Windows 10 version 1607 or later (Enterprise, Pro, and Education versions)
Devices must be enrolled in Intune and either Microsoft Entra registered, or Microsoft Entra joined, or Microsoft Entra hybrid joined
Windows application size has a maximum of 30 GB per app.
Co-management Workload (Client Apps) must be enabled.
=> Type and number of Apps that are actively being deployed via current SCCM setup
=> Are the Collections or on-prem AD groups leveraged for Application Installation/ Uninstallation?
=> Installation/ Uninstallation commands and Detection logic for the Apps
Planning and Design
Before actually converting the applications to .intunewin format and onboarding into Production environment proper planning and designing is required so there is no impact to the business.
Some of the key aspects to consider during Design phase are:
领英推荐
=> Approach for Application Migration (Phased or Big Bang). User or Application Based Deployment?
=> Pros and Cons of leveraging the Installation/ Uninstallation groups in On-Prem AD or Microsoft Entra ID
=> Naming conventions for Applications on Intune and Microsoft Entra ID Installation and Uninstallation group
=> Use Cases
=> Risks, if any
Testing
Test plan and strategy is needed to ensure there is seamless transition from SCCM to Intune and there is no impact to the business when deploying applications via Intune in Production environment.
As a good practice the applications should be first converted into .intunewin format in the non-prod environment and tested on the test devices.
Microsoft Entra ID groups for installation and uninstallation should be created and tested in non-prod environment before the same is replicated into the Production environment.
Document end to end testing results including all success and failures.
Implementation
Post successful testing and sign-off, we can move to Implementation in the Production environment.
The same .intunewin files can be onboarded to Production environment and the similar Microsoft Entra ID groups can be created for Installation and Uninstallation and assigned to the Applications.
Handover
Educate the BAU/ Operations team on the new Application deployment process via Intune
References: