Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Azure AD & Intune Connectors - Best Practice

            Modified on Thu, 22 Jan at 1:31 PM

            TABLE OF CONTENTS


            Configuring Azure AD and Intune Connectors for User-Device-App Linkage

            Prerequisites

            • Install both the Azure AD and Intune connectors to enable creation of user-device-app links.

            Azure AD Connector Configuration

            Configure the Azure AD connector with the following options:

            • Create and Update Users:
              Enables creation and update of user objects. For user migrations, obtain an Intune group as required.

            • Create and Update Devices:
              Allows creation and update of device objects.

            • Application Update Options:
              Enables app linkage based on assignment groups. The deployment group must be specified in each application. Note that the Intune connector will create links based on application installations (rather than group membership), which is generally recommended.

            Intune Connector Configuration

            Configure the Intune connector with the following settings:

            • Import Managed Applications:
              Set to Yes to import managed apps.

            • Import Discovered Applications:
              Optionally enable to import applications found in the "Add/Remove Programs" area. This is optional and may generate a large volume of application records.

            • Import Devices:
              The Azure AD connector will create devices found in Intune. If the on-premises AD connector is also in use and devices are hybrid joined, it will ensure these are created. For devices managed only via modern management, enable this option. You may also use a hostname filter to restrict import to devices managed only in Intune.

            • Update Devices:
              Set to Yes to add additional information such as hardware details and last seen dates, which are not available from Azure AD.

            • Mapping Rules:
              Enable mapping rules to use application installation status to link users and devices:

              • Use Device Install Status:
                Links applications, devices, and users. Recommended option (Link Apps-Devices-Users).
              • Use User Install Status:
                Creates App-User links for applications assigned to a user; devices are not included. Recommended only for scenarios where apps are user-assigned (Link Apps-Users).

            Device Details Tab Configuration

            In the Devices module, navigate to the Details tab and enable the following fields to assist with troubleshooting:

            • Azure Object Id
            • Azure Device Id

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0