Last January, Microsoft released an update for Intune standalone environment in which you can import international mobile equipment identity (IMEI) numbers for mobile device platforms that have an IMEI number to help identify corporate-owned mobile devices. Once enrolled in Intune, devices with imported IMEI numbers are tagged as Corporate, which can be used for applying policies that are different than those applied to Personal devices.
What happens if you use an Intune hybrid environment? SCCM has no built in tool to add a list of IMEI numbers and switch device owners from Personal to Company when devices are enrolled. In this post, we will configure SCCM to identify devices based on a list of IMEI numbers and change their ownership from Personal to Company.
Before starting, you can read the difference between both ownership attributes.
Preparing the Collection
The first step is to extract all IMEI numbers of your corporate-owned devices. The idea is to create a list of IMEI numbers and use it to create membership rules for a devices collections in SCCM.
Follow below format and repeat for each additional numbers:
[su_note note_color=”#cbcbcb” radius=”8″](“SCCM Intune IMEI Numbers 01”, “SCCM Intune IMEI Numbers 02”)[/su_note]
The IMEI number of iOS mobile devices is displayed differently of Android devices in SCCM.
- Android = 123456789012345
- iOS = 12 123456 123456 1
Make sure you have the correct format otherwise your collection will not work correctly. You are now ready to create the device collection based on your IMEI number list.
[su_highlight background=”#daf1fe”]Take note that if you have more than 600-700, you will need to split the collection membership in multiple rules. There’s a maximum characters limit that can be used into WQL query. [/su_highlight]
- From the console, navigate to Assets and Compliance / Device Collections
- Right click and click on Create Devices Collection
- At the General tab, choose a collection Name and limit the collection membership to All Mobile Devices by clicking on Browse
- In the Membership Rules tab, click on Add Rule and Query Rule
- In the Query Rule Properties, choose a query rule Name and click on Edit Query Statement to modify the query rule
- In the Query Language tab, click in the Query Statement and copy paste this query
- Modify all SCCM Intune IMEI Numbers with your list of numbers
[su_box title=”Collection Membership Query Rule” style=”glass” title_color=”#F0F0F0″]SELECT * FROM SMS_R_System INNER JOIN SMS_G_System_Device_ComputerSystem ON SMS_G_System_Device_ComputerSystem.ResourceID = SMS_R_System.ResourceID WHERE SMS_G_System_Device_ComputerSystem.IMEI in (“SCCM Intune IMEI Numbers 01”, “SCCM Intune IMEI Numbers 02”)[/su_box]
- Click Ok and Ok again
- Configure the update membership based on your needs and click Next
- In the Summary tab, confirm and click Next
- The device collection is now created, click Close
The devices that matches the IMEI number provided in the query will start to populate the collection.
Take note that this collection won’t change the attribute device ownership from Personal to Company. However you will be able to apply specific policies or deploy applications to these devices.
Modify Device Ownership to Company
Each enrolled devices in Microsoft Intune are automatically tagged as Personal, this is by design. The only situation where you will see your devices tagged as Company, is by using DEP program from Apple.
Use the collection you just created in conjunction with one of the following method to change the attribute of your devices from Personal to Company.
- Manually
- Automatically with a PowerShell script
- Automagically set the mobile device owner to company
The 3 ways are appropriate depending on the amount of mobile devices you manage.
Using Reporting with Device Ownership Company
If your management team ask you to list all Company mobile devices, you can use our mobile devices inventory report and using search parameter Company.
Take a look to our Mobile Device Management Guide for more details about Microsoft Intune.
Only authorized users can leave comments
Log In