INTUNE MIGRATION GUIDE
1.Intune Migration : Introduction
2.Intune Migration Challenges
Migrating Intune policies can present several challenges that organizations need to address to ensure a successful transition. Some common migration challenges associated with Intune migration include:
Policy Complexity and Diversity: Organizations often have a diverse range of Intune policies, including device configurations, compliance policies, app deployment policies, and more. Migrating these policies while maintaining their complexity and diversity can be challenging, as policies may need to be translated or adapted to fit the target environment.
Policy Dependencies: Intune policies can have dependencies on other policies, applications, or settings. Ensuring that these dependencies are preserved or adjusted appropriately during migration is crucial to avoid disruptions.
User Impact and Adoption: Migrating policies can sometimes impact end-users, causing changes in device behavior, settings, or application availability. Communicating these changes effectively to users and providing guidance can help minimize confusion and ensure smooth adoption.
Testing and Validation: Thoroughly testing migrated policies is essential to ensure they work as intended in the new environment. Challenges arise when policies interact with various device types, operating systems, and user scenarios.
Custom Configurations: Organizations often have custom configurations within Intune policies tailored to their specific needs. Ensuring that these customizations are accurately replicated during migration requires attention to detail.
Security and Compliance: Maintaining security and compliance during migration is critical. Ensuring that migrated policies align with regulatory requirements and security standards can be challenging, especially if there are variations in security practices between tenants.
Conditional Access and Identity Management: Migrated Intune policies might have conditional access rules that interact with identity management solutions. Coordinating these interactions between source and destination environments can be complex.
Laptop Migration Challenges
Laptop migration poses several challenges that organizations must navigate to ensure a seamless transition:
Azure AD Registration: Microsoft does not have builtin mechanisms to transfer a device from one Azure AD to another.
Office License Migration: Microsoft does not provide transparent and simple solutions for transferring and reactivating Office licenses on laptops during the migration from one tenant to another.
OneDrive Synchronization: OneDrive Synchronization agent cannot be automatically reconfigured to synchronize with the destination tenant once the user and laptop is migrated.
3.Intune Migration Benefits
The solution offers numerous benefits that can significantly enhance the efficiency and success of your Intune migration process:
Comprehensive Migration: The Cloudiway Intune Migration platform ensures a comprehensive migration experience by addressing various migration challenges, including policy replication, laptop reconfiguration, and data synchronization.
Effortless Discovery: The discovery process efficiently identifies all existing Intune configuration settings and policies, streamlining the migration planning phase.
Policy Replication: The platform seamlessly recreates configuration settings and policies at the target, saving valuable time and effort by eliminating the need for manual reconfiguration.
Automated Assignments: Assignments are automatically mapped to their corresponding groups, reducing the risk of errors and simplifying the migration process.
Smooth Laptop Reconfiguration: Azure AD joined and registered computers are smoothly disjoined from the source tenant, enabling hassle-free integration into the target environment.
Office License Management: Office licenses are uninstalled and automatically reassigned upon login to the target tenant, ensuring a seamless transition for end users.
OneDrive Synchronization: OneDrive reconfiguration ensures that data synchronization is maintained during migration, minimizing data loss or disruption.
Flexible Scheduling: The scheduling feature empowers you to choose the most suitable time for laptop migrations, optimizing resource utilization and minimizing user impact.
Reduced Downtime: By automating complex tasks and minimizing manual intervention, the solution reduces downtime during the migration process.
User Experience: With smoother transitions and minimal disruptions, end users experience enhanced satisfaction and productivity during and after the migration.
Technical Expertise: Leverage the platform’s technical capabilities without requiring an in-depth understanding of intricate migration processes.
Cost-Effectiveness: By streamlining processes and reducing manual efforts, the solution optimizes resource allocation, resulting in cost savings.
Minimized Complexity: The platform simplifies the complexity of Intune migration, enabling your IT team to focus on strategic initiatives rather than intricate technical tasks.
Proven Solution: Cloudiway’s track record of successful migrations and their expertise in the field instills confidence in the effectiveness of the solution.
4. Intune Migration Features
The Cloudiway Intune Migration platform effectively tackles these challenges through its comprehensive set of vital functionalities:
The discovery process identifies all existing Intune configuration settings and policies.
Migration of Configuration Settings and Policies:
Configuration settings and policies are seamlessly replicated at the target location. Assignments are automatically recreated and aligned with corresponding groups.
Determine the optimal timing for executing the laptop migration.
The platform supports delta passes, which means that whenever you restart the migration , only new or modified settings since the last pass will be migrated to eliminate duplicated content.
The Cloudiway dashboard allows the administrator of the migration to monitor their migration and have oversight of the progress of the migration.
SAAS instance/dedicated instance hosted by Cloudiway or on the customer side
Cloudiway migration is a SAAS platform.
For security reasons, you may not want to have your data shared or mixed with other customer data. To address this, Cloudiway offers 3 ways of working:
Migration can be fully automated through the use of the Cloudiway rest APIs.
We take your privacy and security seriously at Cloudiway, and have invested significant effort into securing our platform and your data.
Cloudiway infrastructure is fully hosted in Microsoft Azure, and leverages Azure Security certifications. We work closely with Microsoft and are fully involved in large migrations managed by Microsoft. As such, Cloudiway passed the Microsoft SSPA (Supplier Security & Privacy Assurance Program) certification ( Supplier Security & Privacy Assurance ) .
More information about Cloudiway security is available here: About Cloudiway Security
6. What is migrated
- Device | Clean-up rules
- Device | Compliance Policies
- Policies (all platform Android, Linux, iOS, Windows, macOS)
- Devices | Conditional access policies
- Named Location
- Term Of Use
- Devices | Scripts
- Devices | Update rings for Windows 10 and later
- Devices | Feature updates for Windows 10 and later
- Devices | Quality updates for Windows 10 and later
- Devices | Update policies for iOS/iPadOS
- Devices | Update policies for macOS
- Devices | Enrollment device limit restrictions
- Devices | Enrollment device platform restrictions
- Devices | Policy sets
- Devices | Device categories
- Devices | Filter
6.2 EndPoint Security
- Endpoint security | Antivirus
- Endpoint security | Disk encryption
- Endpoint security | Firewall
- Endpoint security | Endpoint Privilege Management
- Endpoint security | Endpoint detection and response
- Endpoint security | Attack surface reduction
- Endpoint security | Account protection
- Apps | All Apps
- Apps | App categories
- eBooks | eBook categories
- Apps | App protection policies
- Apps | App configuration policies
- Apps | iOS app provisioning profiles
7. Intune Migration Prerequisites
Before you being your migration, there are several key steps that need to be completed first. Make sure that you follow these steps in order, or there may be obstacles when running the migration itself.
An Azure Active Directory application needs to be installed on the Microsoft 365 tenant. Administrator credentials are required for this setup.Target Prerequisites
An Azure Active Directory application needs to be installed on the Microsoft 365 tenant. Administrator credentials are required for this setup.
Intune Migration requires 2 kind of Cloudiway licenses:
Licenses for migrating Intune
Licenses for migrating User Laptops
Please reachout Cloudiway Sales to request for pricing and quote.
8. Intune Migration Process
The migration is a five step process.
Create the connectors for connecting to the source and the target .
Run a Discovery to discover the Intune policies and settings.
Select what to migrate.
Create your mapping table to map source and target accounts and groups
Run the migration.
8.1 Create your connectors
To facilitate the migration, the Cloudiway platform needs to be able to communicate with both your source and target domains. To do this, Cloudiway uses connectors. You will need to set up a connector for each source tenant and each target tenant.
To configure your Microsoft 365 connector, proceed with the steps in the following article : Microsoft 365 connector configuration.
8.3 Select what to migrate
8.4 Mapping table
Assignment are groups and users assigned to a policy.
A mapping needs to be established between the source and target groups.
To help you in this task, Cloudiway uses a mapping table to link source and target groups.
Furthermore, after the discovery, it helps you find and report the broken links (assigned groups that are not found at the target).
For this, switch to the flat view, and click on ASSIGNMENTS.
Any group that does not exist in the mapping table is reported.
To fix the missing assignment group, you can do it in 2 ways, manually using your own process or through the Cloudiway platform.
Using the Cloudiway paltform:
- Navigate to the Mapping Group tab, run a Get Mapping et select the option to automatically Provision the missing entries.
- Create the missing group entry manually from your Microsoft 365 tenant, then navigate to the Mapping Group tab and rediscover the entries without selecting the option to autoprovision.
8.5 Intune Migration
When you are ready to migrate, click on MIGRATE.
Select the source and target connector and click OK.
This will schedule the migration job.
You can monitor and see the migration logs under Migration Logs.
Cloudiway provides an extensive knowledge base with many resources, including common error messages, video guides, and downloads.
Support tickets are opened through the platform.
Once logged in, go to your project and select Help, then Support. The chatbot will ask you a couple of questions and then open a support ticket. You will receive an email response to your ticket, and you can continue the support by email.