On-premises MDM in Configuration Manager

Applies to: System Center Configuration Manager (Current Branch)

Configuration Manager on-premises mobile device management (MDM) is a device management solution that relies on the built-in management capabilities of device OS. This feature is based on the Open Mobile Alliance (OMA) Device Management (DM) standard. It uses your organization's Configuration Manager infrastructure to manage and maintain the devices. On-premises MDM requires Microsoft Intune to set up the management capability, but it's only needed for the subscription. Intune is used at times to help notify devices to check in for policy changes, but it's not used to manage devices or store data about them.

On-premises conceptual

On-premises MDM differs from Microsoft Intune, which also relies on built-in OMA DM capabilities. All of the management functions in Intune are delivered through cloud services. On-premises MDM also differs from the client-based management solution traditionally offered by Configuration Manager. It relies on similar infrastructure but doesn't use separately installed client software on the devices it manages.

Note

Starting in version 1810, an Intune connection is no longer required for new on-premises MDM deployments. Your organization still requires Intune licenses to use this feature. You can't currently remove the Intune connection from existing on-premises MDM deployments. For more information, see the Intune support blog post.

The following table lists the advantages and disadvantages of on-premises MDM as compared to traditional client-based management:

Advantages Disadvantages
Simplified infrastructure - Fewer site system roles are required.

Easier to maintain - Because management functionality is built in to the device operating system, new versions of the client software are not required when new management features are introduced to the Configuration Manager system.

On-premises - All management and data kept on-premises.
Less client management functionality - No orchestration, software metering, third-party integration, task sequencing, or software center support.

Limited device support - currently on-premises MDM only supports devices running Windows 10 and Windows 10 Mobile.

The following articles provide information you can use to plan, prepare, and enroll devices for on-premises MDM:

  • Plan for on-premises MDM

    Learn about what to consider when setting up the Configuration Manager infrastructure and planning for device enrollment in on-premises MDM.

  • Preparation steps for on-premises MDM

    Get Configuration Manager ready for on-premises MDM. Set up the Microsoft Intune subscription, set up certificates, install site system roles, and set up device enrollment.

  • Enroll devices for on-premises MDM

    Learn about how enrollment occurs, how users can enroll their own devices, and how to bulk-enroll devices with an enrollment package.