Skip to content

Commit 1ba6093

Browse files
mestewmestew
committed
ta-scope-INADO-12698965
1 parent b802a71 commit 1ba6093

3 files changed

Lines changed: 19 additions & 18 deletions

File tree

memdocs/configmgr/core/plan-design/changes/whats-new-in-version-2107.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -82,7 +82,7 @@ United States Government customers can now use the following Microsoft Endpoint
8282
- Device sync to Intune
8383
- Device actions in the Microsoft Endpoint Manager admin center
8484

85-
For more information, see [Microsoft Endpoint Manager tenant attach: Prerequisites](../../../tenant-attach/device-sync-actions.md#prerequisites).
85+
For more information, see [Microsoft Endpoint Manager tenant attach: Prerequisites](../../../tenant-attach/prerequisites.md).
8686

8787
### Renamed Co-management node to Cloud Attach
8888
<!--10158821, 10115058-->

memdocs/configmgr/tenant-attach/device-sync-actions.md

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
---
2-
title: Microsoft Endpoint Manager tenant attach
2+
title: Enable Microsoft Endpoint Manager tenant attach
33
titleSuffix: Configuration Manager
44
description: Upload your Configuration Manager devices to the cloud service and take actions from the admin center.
55
ms.date: 03/21/2022
@@ -13,15 +13,15 @@ ms.localizationpriority: high
1313
ms.collection: highpri
1414
---
1515

16-
# <a name="bkmk_attach"></a> Microsoft Endpoint Manager tenant attach: Device sync and device actions
16+
# <a name="bkmk_attach"></a> Enable Microsoft Endpoint Manager tenant attach: Device sync and device actions
1717
<!--3555758 live 3/4/2020 Configuration Manager version 2002 min-->
1818
*Applies to: Configuration Manager (current branch)*
1919

20-
Microsoft Endpoint Manager is an integrated solution for managing all of your devices. Microsoft brings together Configuration Manager and Intune into a single console called **Microsoft Endpoint Manager admin center**. You can upload your Configuration Manager devices to the cloud service and take actions from the **Devices** blade in the admin center. Before you enable tenant attach, verify that the [prerequisites for tenant attach](prerequisites.md) have been met.
20+
Microsoft Endpoint Manager is an integrated solution for managing all of your devices. Microsoft brings together Configuration Manager and Intune into a single console called **Microsoft Endpoint Manager admin center**. You can upload your Configuration Manager devices to the cloud service and take actions from the **Devices** blade in the admin center.
2121

2222
## <a name="bkmk_edit"></a> Enable device upload when co-management is already enabled
2323

24-
If you have co-management enabled currently, you'll use the co-management properties to enable device upload. When co-management isn't already enabled, [Use the **Cloud Attach Configuration Wizard**](#bkmk_config) to enable device upload instead.
24+
If you have co-management enabled currently, you'll use the co-management properties to enable device upload. When co-management isn't already enabled, [Use the **Cloud Attach Configuration Wizard**](#bkmk_config) to enable device upload instead. Before you enable tenant attach, verify that the [prerequisites for tenant attach](prerequisites.md) have been met.
2525

2626
When co-management is already enabled, edit the co-management properties to enable device upload using the instructions below:
2727

@@ -44,7 +44,7 @@ When co-management is already enabled, edit the co-management properties to enab
4444

4545
## <a name="bkmk_config"></a> Enable device upload when co-management isn't enabled
4646

47-
If you don't have co-management enabled, you'll use the **Cloud Attach Configuration Wizard** to enable device upload. You can upload your devices without enabling automatic enrollment for co-management or switching workloads to Intune. All Devices managed by Configuration Manager that have **Yes** in the **Client** column will be uploaded. If needed, you can limit upload to a single device collection. If co-management is already enabled in your environment, [Edit co-management properties](#bkmk_edit) to enable device upload instead.
47+
If you don't have co-management enabled, you'll use the **Cloud Attach Configuration Wizard** to enable device upload. You can upload your devices without enabling automatic enrollment for co-management or switching workloads to Intune. All Devices managed by Configuration Manager that have **Yes** in the **Client** column will be uploaded. If needed, you can limit upload to a single device collection. If co-management is already enabled in your environment, [Edit co-management properties](#bkmk_edit) to enable device upload instead. Before you enable tenant attach, verify that the [prerequisites for tenant attach](prerequisites.md) have been met.
4848

4949
When co-management isn't enabled, use the instructions below to enable device upload:
5050

memdocs/configmgr/tenant-attach/prerequisites.md

Lines changed: 13 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ Microsoft Endpoint Manager is an integrated solution for managing all of your de
2626

2727
## Prerequisites
2828

29-
- An account that is a *Global Administrator* for signing in when applying this change. For more information, see [Azure Active Directory (Azure AD) administrator roles](/azure/role-based-access-control/rbac-and-directory-admin-roles#azure-ad-administrator-roles).
29+
- An account that is a *Global Administrator* for signing in when applying this onboarding change. For more information, see [Azure Active Directory (Azure AD) administrator roles](/azure/role-based-access-control/rbac-and-directory-admin-roles#azure-ad-administrator-roles).
3030

3131
- Onboarding creates a third-party app and a first party service principal in your Azure AD tenant.
3232

@@ -45,21 +45,22 @@ Microsoft Endpoint Manager is an integrated solution for managing all of your de
4545

4646
- The [administration service](../develop/adminservice/overview.md) in Configuration Manager needs to be set up and functional. <!--1104776-->
4747

48-
- The user accounts triggering device actions have the following prerequisites:
49-
- The user account needs to be a synced user object in Azure AD (hybrid identity). This means that the user is synced to Azure Active Directory from Active Directory.
50-
- For Configuration Manager version 2103, and later: </br>
51-
Has been discovered with either [Azure Active Directory user discovery](../core/servers/deploy/configure/about-discovery-methods.md#azureaddisc) or [Active Directory user discovery](../core/servers/deploy/configure/about-discovery-methods.md#bkmk_aboutUser). <!--9089764-->
52-
- For Configuration Manager version 2010, and earlier: </br>
53-
Has been discovered with both [Azure Active Directory user discovery](../core/servers/deploy/configure/about-discovery-methods.md#azureaddisc) and [Active Directory user discovery](../core/servers/deploy/configure/about-discovery-methods.md#bkmk_aboutUser).
54-
.
55-
56-
- The **Initiate Configuration Manager action** permission under **Remote tasks** in the Microsoft Endpoint Manager admin center.
57-
- For more information about adding or verifying permissions in the admin center, see [Role-based access control (RBAC) with Microsoft Intune](../../intune/fundamentals/role-based-access-control.md#roles).
58-
5948
- If your central administration site has a [remote provider](../core/plan-design/hierarchy/plan-for-the-sms-provider.md), then follow the instructions for the [CAS has a remote provider](../core/servers/manage/cmpivot-changes.md#cas-has-a-remote-provider) scenario in the CMPivot article. <!--7796824-->
6049

6150
This feature supports all OS versions that Configuration Manager currently supports as a client. For more information, see [Supported OS versions for clients and devices](../core/plan-design/configs/supported-operating-systems-for-clients-and-devices.md).<!-- MEMDocs#545 -->
6251

52+
## Permissions
53+
54+
The user accounts performing device actions have the following prerequisites:
55+
56+
- The user account needs to be a synced user object in Azure AD (hybrid identity). This means that the user is synced to Azure Active Directory from Active Directory.
57+
- For Configuration Manager version 2103, and later: </br>
58+
Has been discovered with either [Azure Active Directory user discovery](../core/servers/deploy/configure/about-discovery-methods.md#azureaddisc) or [Active Directory user discovery](../core/servers/deploy/configure/about-discovery-methods.md#bkmk_aboutUser). <!--9089764-->
59+
- For Configuration Manager version 2010, and earlier: </br>
60+
Has been discovered with both [Azure Active Directory user discovery](../core/servers/deploy/configure/about-discovery-methods.md#azureaddisc) and [Active Directory user discovery](../core/servers/deploy/configure/about-discovery-methods.md#bkmk_aboutUser).
61+
- The **Initiate Configuration Manager action** permission under **Remote tasks** in the Microsoft Endpoint Manager admin center.
62+
- For more information about adding or verifying permissions in the admin center, see [Role-based access control (RBAC) with Microsoft Intune](../../intune/fundamentals/role-based-access-control.md#roles).
63+
6364
## Internet endpoints
6465

6566
[!INCLUDE [Internet endpoints for tenant attach](../core/plan-design/network/includes/internet-endpoints-tenant-attach.md)]

0 commit comments

Comments
 (0)