What happened to hybrid MDM?
Applies to: Configuration Manager (current branch)
Microsoft retired the hybrid MDM service offering as of September 1, 2019. Any remaining hybrid MDM devices won't receive policy, apps, or security updates.
Remove hybrid MDM
If your Configuration Manager site had a Microsoft Intune Subscription, you need to remove it.
In the Configuration Manager console, go to the Administration workspace. Expand Cloud Services, and select the Microsoft Intune Subscription node. Delete your existing Intune Subscription.
In the Remove Microsoft Intune Subscription Wizard, select the option to Remove Microsoft Intune Subscription from Configuration Manager, and then click Next.
Complete the wizard.
The following note is the original deprecation announcement:
As of August 14, 2018, hybrid mobile device management is a deprecated feature. Starting with the 1902 Intune service release, expected at the end of February 2019, new customers can't create a new hybrid connection.
Since launching on Azure over a year ago, Intune has added hundreds of new customer-requested and market-leading service capabilities. It now offers far more capabilities than those offered through hybrid mobile device management (MDM). Intune on Azure provides a more integrated, streamlined administrative experience for your enterprise mobility needs.
As a result, most customers choose Intune on Azure over hybrid MDM. The number of customers using hybrid MDM continues to decrease as more customers move to the cloud. Therefore, on September 1, 2019, Microsoft will retire the hybrid MDM service offering.
This change doesn't affect on-premises Configuration Manager or co-management for Windows 10 devices. If you're unsure whether you're using hybrid MDM, go to the Administration workspace of the Configuration Manager console, expand Cloud Services, and select Microsoft Intune Subscriptions. If you have a Microsoft Intune subscription set up, your tenant is configured for hybrid MDM.
How does this affect me?
Microsoft will support your hybrid MDM usage for the next year. The feature will continue to receive major bug fixes. Microsoft will support existing functionality on new OS versions, such as enrollment on iOS 12. There will be no new features for hybrid MDM.
If you migrate to Intune on Azure before the end of the hybrid MDM offering, there should be no end user impact.
On September 1, 2019, any remaining hybrid MDM devices will no longer receive policy, apps, or security updates.
Licensing remains the same. Intune on Azure licenses are included with hybrid MDM.
The on-premises MDM feature in Configuration Manager isn't deprecated. Starting in Configuration Manager version 1810, you can use on-premises MDM without an Intune connection. For more information, see An Intune connection is no longer required for new on-premises MDM deployments.
The on-premises conditional access feature of Configuration Manager is also deprecated with hybrid MDM. If you use conditional access on devices managed with the Configuration Manager client, make sure they are protected before you migrate.
- Set up conditional access policies in Azure
- Set up compliance policies in Intune portal
- Finish hybrid migration, and set the MDM authority to Intune
- Enable co-management
- Move the compliance policies co-management workload to Intune
For more information, see Conditional access with co-management.
What do I need to do to prepare for this change?
Start planning your migration for MDM from the ConfigMgr console to Azure. Many customers, including Microsoft IT, have gone through this process. For more information, see this Microsoft case study.
Contact your partner of record or FastTrack for assistance. FastTrack for Microsoft 365 can assist in your migration from hybrid MDM to Intune on Azure.
For more information, see the Intune support blog post.
For more information on supported features for managing MDM devices, see the following articles:
Submit and view feedback for