Does Co Management works with this license Microsoft 365 Business Premium License?

Question

question

MuneerJahangeer-4853 asked Jan 31, '22 saldana-msft edited 3 days ago

Does Co Management works with this license Microsoft 365 Business Premium License?

We have recently purchased a license "MS 365 Business premium " for Intune configuration in my organization (around 300 users).

I am planning to synchronize all existing windows 10 devices from On premise to Intune so i am trying to configure Co Management.

Could you please help to let me know whether co-management works with this current license? or do we need to purchase the enterprise license (E3/E5) for this activity? Please confirm.

Note:

I have followed the steps as given in the technical forum but co-management is not working as expected,

AADSTS700016: Application with identifier '02e5356b-fbe5-451a-92f1-454ade4c2405' was not found in the directory 'Owens Group UK'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant. Trace ID: deda7a38-4fff-4ed0-a698-5d4e8bf28000 Correlation ID: 21f14bee-1e8a-4918-ae0b-0ba6f7560589 Timestamp: 2022-01-31 15:10:57Z SMS_SERVICE_CONNECTOR_CMGatewayNotificationWorker 31/01/2022 15:10:15 144 (0x0090) Exception details: SMS_SERVICE_CONNECTOR_CMGatewayNotificationWorker 31/01/2022 15:10:15 144 (0x0090) [Critical][CMGatewayNotificationWorker][0][Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException][0x80131500] AADSTS700016: Application with identifier '02e5356b-fbe5-451a-92f1-454ade4c2405' was not found in the directory 'Owens Group UK'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant. Trace ID: deda7a38-4fff-4ed0-a698-5d4e8bf28000 Correlation ID: 21f14bee-1e8a-4918-ae0b-0ba6f7560589 Timestamp: 2022-01-31 15:10:57Z at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Http.AdalHttpClient.d_22`1.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Http.AdalHttpClient.d21`1.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Flows.AcquireTokenHandlerBase.d72.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Flows.AcquireTokenHandlerBase.d69.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Flows.AcquireTokenHandlerBase.d59.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Flows.AcquireTokenHandlerBase.d57.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext.d33.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext.d61.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.ConfigurationManager.ServiceConnector.Utility.d50.MoveNext() SMS_SERVICE_CONNECTOR_CMGatewayNotificationWorker 31/01/2022 15:10:15 144 (0x0090) [Critical][CMGatewayNotificationWorker][1][System.Net.Http.HttpRequestException][0x80131500] Response status code does not indicate success: 400 (BadRequest). SMS_SERVICE_CONNECTOR_CMGatewayNotificationWorker 31/01/2022 15:10:15 144 (0x0090) [Critical][CMGatewayNotificationWorker][2][Microsoft.IdentityModel.Clients.ActiveDirectory.AdalException][0x80131500] {"error":"unauthorized_client","error_description":"AADSTS700016: Application with identifier '02e5356b-fbe5-451a-92f1-454ade4c2405' was not found in the directory 'Owens Group UK'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.\r\nTrace ID: deda7a38-4fff-4ed0-a698-5d4e8bf28000\r\nCorrelation ID: 21f14bee-1e8a-4918-ae0b-0ba6f7560589\r\nTimestamp: 2022-01-31 15:10:57Z","error_codes":[700016],"timestamp":"2022-01-31 15:10:57Z","trace_id":"deda7a38-4fff-4ed0-a698-5d4e8bf28000","correlation_id":"21f14bee-1e8a-4918-ae0b-0ba6f7560589","error_uri":"https://login.microsoftonline.com/error?code=700016"}: Unknown error SMS_SERVICE_CONNECTOR_CMGatewayNotificationWorker 31/01/2022 15:10:15 144 (0x0090) ADAL exception SMS_SERVICE_CONNECTOR_CMGatewayNotificationWorker 31/01/2022 15:10:15 144 (0x0090) Exception details: SMS_SERVICE_CONNECTOR_CMGatewayNotificationWorker 31/01/2022 15:10:15 144 (0x0090) [Critical][CMGatewayNotificationWorker][0][Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException][0x80131500] Exception of type 'Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException' was thrown. at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Http.AdalHttpClient.d22`1.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Http.AdalHttpClient.d21`1.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Flows.AcquireTokenHandlerBase.d72.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Flows.AcquireTokenHandlerBase.d69.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Flows.AcquireTokenHandlerBase.d59.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Flows.AcquireTokenHandlerBase.d57.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext.d33.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext.d61.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.ConfigurationManager.ServiceConnector.Utility.d50.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.ConfigurationManager.ServiceConnector.ServiceConnectorWorkerBase.d86.MoveNext() SMS_SERVICE_CONNECTOR_CMGatewayNotificationWorker 31/01/2022 15:10:15 144 (0x0090) [Critical][CMGatewayNotificationWorker][1][System.Net.Http.HttpRequestException][0x80131500] Exception of type 'System.Net.Http.HttpRequestException' was thrown. SMS_SERVICE_CONNECTOR_CMGatewayNotificationWorker 31/01/2022 15:10:15 144 (0x0090) [Critical][CMGatewayNotificationWorker][2][Microsoft.IdentityModel.Clients.ActiveDirectory.AdalException][0x80131500] Exception of type 'Microsoft.IdentityModel.Clients.ActiveDirectory.AdalException' was thrown. SMS_SERVICE_CONNECTOR_CMGatewayNotificationWorker 31/01/2022 15:10:15 144 (0x0090) Unexpected exception for worker CMGatewayNotificationWorker SMS_SERVICE_CONNECTOR_CMGatewayNotificationWorker 31/01/2022 15:10:15 144 (0x0090) Exception details: SMS_SERVICE_CONNECTOR_CMGatewayNotificationWorker 31/01/2022 15:10:15 144 (0x0090) [Critical][CMGatewayNotificationWorker][0][Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException][0x80131500] Exception of type 'Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException' was thrown. at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Http.AdalHttpClient.d22`1.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Http.AdalHttpClient.d21`1.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Flows.AcquireTokenHandlerBase.d72.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Flows.AcquireTokenHandlerBase.d69.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Flows.AcquireTokenHandlerBase.d59.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Flows.AcquireTokenHandlerBase.d57.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext.d33.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext.d61.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.ConfigurationManager.ServiceConnector.Utility.d50.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.ConfigurationManager.ServiceConnector.ServiceConnectorWorkerBase.d86.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.ConfigurationManager.ServiceConnector.ServiceConnectorWorkerBase.d85.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.ConfigurationManager.ServiceConnector.ExtensionMethods.d9.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at Microsoft.ConfigurationManager.ServiceConnector.AadServiceConnectorWorker.d24.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.ConfigurationManager.ServiceConnector.AadServiceConnectorWorker.d15.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.ConfigurationManager.ServiceConnector.AccountOnboardingWorker.d19.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.ConfigurationManager.ServiceConnector.AadServiceConnectorWorker.d_16.MoveNext() --- En7867

mem-intune-enrollment mem-cm-co-management

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Answer 1 · 2022-02-01T01:20:00.827Z

Crystal-MSFT answered Feb 1, '22 Crystal-MSFT commented Apr 1, '22

@MuneerJahangeer-4853，For existing Configuration Manager-managed devices to enroll into Intune for co-management at scale without user interaction, co-management uses an Azure Active Directory (Azure AD) feature called Windows auto-enrollment. Auto-enrollment with co-management requires licenses for both Azure AD Premium (AADP1) and Intune. Here is a link for the reference:
https://docs.microsoft.com/en-us/mem/configmgr/core/understand/product-and-licensing-faq#what-changes-with-licensing-for-co-management-in-microsoft-endpoint-manager-

For Microsoft 365 Business Premium License, I find both Intune and Azure AD premium license are included.
https://docs.microsoft.com/en-us/microsoft-365/admin/misc/microsoft-365-business-faqs?view=o365-worldwide#does-azure-active-directory--azure-ad--premium-p1-come-with-microsoft-365-business-premium
https://docs.microsoft.com/en-us/mem/intune/fundamentals/licenses

So I think the license is OK for our scenario.

From your description, I know the co-management is not working. Could you let us know if the devices are not able to enroll to Intune? Could you let us know which path we used for co-management? Which step we get the error we posted?
https://docs.microsoft.com/en-us/mem/configmgr/comanage/quickstart-paths

As a note, to protect our environment, please ensure the sensitive information is hoiden when we post.

Hope it can help.

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

· 3

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Crystal-MSFT · Feb 03 at 01:44 AM

@MuneerJahangeer-4853，How's everything going? if there's anything unclear of the above post, feel free to let us know.

Thanks and have a nice day!

1 ·

MuneerJahangeer-4994 Crystal-MSFT · Mar 31 at 12:32 PM

Sorry for the late response as I was sick.

Thanks for your response. Yes, you are correct. I can enroll the devices into intune with our current license.

Also, I have exported hashID from sccm and imported it into Intune.

All sorted now. Thank you very much!

0 ·

Crystal-MSFT MuneerJahangeer-4994 · Apr 01 at 01:20 AM

@MuneerJahangeer-4853，Thanks for the response. Sorry to hear that you were sick. Hope everything is well now. I am glad to hear that all sorted now. If there's anything we can help in the future, feel free to post in our Q&A.

Thanks and have a nice day!

0 ·

question