Choose a device management solution for Configuration Manager

Applies to: Configuration Manager (current branch)

Configuration Manager offers different solutions for managing PCs, servers, and devices. Choose the solution that's right for your organization. Base your decision on the device platforms you need to manage and the management functionality you need.


This article covers the following four device management solutions:

You can use these device management solutions by themselves or in combination with each other. For example, you can use the client-based management approach to manage the computers and servers in your organization, and also use co-management to manage internet-based laptops. By combining approaches this way, you can cover all of your device management needs.

The article also includes two tables that compare the management solutions by the following factors:

Configuration Manager client

This option requires installation of the Configuration Manager client on devices. It provides the most features for managing PCs, servers, and other devices in your environment.

For more information, see Client installation methods.

On-premises MDM

This option uses the device management capabilities built into Windows 10. While not as full-featured as client-based management, on-premises mobile device management provides a lighter touch approach to management. It uses on-premises Configuration Manager resources to manage devices.

For more information, see Manage mobile devices with on-premises infrastructure.

Co-management with Microsoft Intune

Co-management is one of the primary ways to attach your existing Configuration Manager deployment to the Microsoft 365 cloud. It enables you to concurrently manage Windows 10 devices by using both Configuration Manager and Microsoft Intune. Co-management lets you cloud-attach your existing investment in Configuration Manager by adding new functionality.

For more information, see What is co-management?.

Microsoft Exchange

This option uses the Exchange Server connector to connect multiple Exchange servers to Configuration Manager. This centralizes management of devices that can connect to Exchange ActiveSync. You can configure Exchange mobile device management features from the Configuration Manager console. Example features include remote device wipe and the settings control for multiple Exchange servers.

For more information, see Manage mobile devices with Configuration Manager and Exchange.

Compare solutions by supported platforms

Platform Configuration Manager client On-premises MDM Configuration Manager with Exchange
Android Yes
iOS Yes
Mac OS X Yes Yes
UNIX/Linux Yes Yes
Windows 10 Yes Yes Yes
Windows 10 Mobile Yes Yes
Windows (previous versions) Yes Yes
Windows Server Yes Yes
Windows CE Yes (with mobile device legacy client) Yes
Windows Embedded Yes
Windows Mobile Yes

For a complete list of supported platforms, see Supported operating systems for clients and devices for Configuration Manager.

Microsoft recommends using Intune to manage Android, iOS, and Windows 10 mobile devices. For more information, see What is Microsoft Intune?

Compare solutions by management functionality

Management functionality Configuration Manager client On-premises MDM Configuration Manager with Exchange
Public key infrastructure (PKI) security between the mobile device and Configuration Manager (uses mutual authentication and SSL to encrypt data transfers) Yes Yes
Client installation Yes
Support over the internet Yes
Discovery Yes Yes
Hardware inventory Yes Yes Yes
Software inventory Yes Yes
Settings Yes Yes Yes
Software deployment Yes Yes
Monitor with fallback status point Yes
Connections to management points Yes Yes
Connections to distribution points Yes Yes
Block from Configuration Manager Yes Yes
Quarantine and block from Exchange Server (and Configuration Manager) Yes
Remote wipe Yes Yes