Navigating the Migration to Microsoft Intune with Netwoven   - Netwoven

Navigating the Migration to Microsoft Intune with Netwoven  

By Sumit Kumar Mahajan  |  Published on April 12, 2024


In the intricate process of migrating to Microsoft Intune, a successful communication and support strategy, coupled with a robust implementation plan, is crucial for facilitating user adoption. However, it’s common in most migrations to encounter a subset of users resistant to change. Proactively devising strategies to minimize or eliminate resistance is a critical component of the planning phase. 

Addressing Migration Challenges

Several strategies can be employed to address migration challenges, each varying in applicability based on the company’s context: 

Establishing Cut-off Dates

We should set clear dates for each migration phase or overall, so that users know when the old service will stop. This could involve remote wiping of devices or restricting access to enterprise data. Clear communication about this process is vital.

Rolling Refresh of Older Devices

For devices where migration is complex or impossible, a strategy of replacing them with new devices pre-configured with the target Mobile Device Management (MDM) can be effective. 

Identifying Inactive Users

Active users typically migrate over time, but those who seldom use their devices might overlook migration communications. Identifying such users on the previous MDM and targeting them with specific communication or actions can be beneficial. 

A combination of these strategies, tailored to the company’s needs, often yields the best results. 

Coexistence Strategy During Transition

Migration to Intune doesn’t happen overnight. Managing both the old and new environments during the transition is crucial. This includes: 

Operations Management

Ensuring that teams like helpdesk and administrators can operate both systems efficiently with clear processes for handling incidents and requests.

New Device Enrollment

Deciding which platform to use for new enrollments during the transition, which could vary based on different organizational units or roles. 

Resource Access Management

Ensuring systems like Conditional Access, Wi-Fi networks, and VPN solutions can accommodate both Intune-managed and third party-managed devices. 

Each aspect requires careful consideration and planning to ensure a smooth transition and uninterrupted access to corporate resources.

In summary, the migration to Microsoft Intune is a multifaceted process requiring strategic planning, effective communication, and a thorough understanding of both technological and human factors. Addressing these elements proactively ensures a smoother transition and higher user adoption rates. Let’s now take a closer look at the different stages of migration and the approaches associated with each stage.

Preparing Current Microsoft Intune & Entra ID State

Before migrating, evaluate your existing Intune and Entra ID setups to understand their current utilization and configuration. 

Key Points to Review:
  1. Entra ID Accounts: Checking the setup and status. 
  2. Terms and Conditions: Reviewing terms set within the system. 
  3. Apple Push Certificate Configuration: Ensuring correct configuration. 
  4. Apple Business Manager and Apple VPP Integration: Verifying integration. 
  5. Managed Google Play Integration: Checking the integration status. 
  6. Company Portal Customizations: Reviewing any customizations. 
  7. Enrollment Restrictions: Assessing restrictions on device enrollments. 
  8. Policies: Examining all configuration, compliance, and conditional access policies. 
  9. Licensing: Ensuring proper licensing for Intune. 
  10. Conditional Access Policies: Reviewing the policies in place.

Migration Approach and Roadmap

The Phases of the Migration Process to Microsoft Intune

Migrating to a new management solution like Microsoft Intune is a significant undertaking for any organization. This technical guide delves into the structured process of migration, ensuring a smooth transition for device and application management. We’ll explore the key phases of the migration process, review the current state of Microsoft Intune & Entra ID, and outline the specific steps for migrating both Windows and mobile devices. 

Phase 1: Assess

The assessment phase lays the foundation for a successful migration. It involves a comprehensive review of your current deployment, focusing on various inventories and operational requirements.

Key Activities:
  1.  Device Inventory: Cataloging all devices, their types, models, and operating systems. 
  2. Application Inventory: Listing all applications, including custom and third-party apps. 
  3. Content Distribution: Reviewing the current distribution methods across the network. 
  4. Configuration Inventory: Documenting existing configurations and settings. 
  5. Users and Groups Review: Analyzing the setup of users and groups. 
  6. Report Inventory: Gathering existing reports and monitoring tools. 
  7. Integration Inventory: Identifying integrations with other systems and services. 
  8. Operations Review: Examining current operational processes. 
  9. Entra ID and Intune Tenant Review: Assessing the readiness of your Intune tenant and Entra ID. 
Phase 2: Design & Plan

Using the information from the assessment phase, you’ll begin planning your deployment, focusing on setting up your Intune tenant and developing a migration strategy.

Key Steps:
  1. Initial Tenant Configuration: Setting up your Intune tenant for deployment. 
  2. Scenario Design and Planning: Developing plans for each platform (iOS, Android, Windows, etc.). 
  3. Platform Enablement or Restriction: Deciding which platforms to enable or restrict. 
  4. Automated Enrollment Configuration: Configuring automated enrollment for each platform. 
  5. Configuration Engineering: Developing new configurations needed for Intune. 
  6. Migration Scenario Validation: Ensuring that your migration scenarios are feasible and effective. 
Phase 3: Test

Testing is essential to validate your migration plan, involving setting up test tenants to simulate the migration and validate various scenarios. 

Essential Testing Activities:
  1. Enrollment Validation: Testing the enrollment process for new devices. 
  2. Migration Validation: Ensuring smooth migration of existing devices. 
  3. Scenario Validation: Testing each planned scenario. 
  4. Operations Validation: Validating operational procedures and processes. 
  5. Device Decommission Validation: Testing the process for decommissioning old devices.
Phase 4: Deploy

The deployment phase is where the migration plan is executed in the production environment, typically done in stages to minimize disruptions.

Deployment Steps:
  1. Initial Production Validation Groups: Starting with small groups to validate the deployment. 
  2. Phased Expansion: Gradually increasing the size of the deployment groups. 

Migration Steps for Windows to Microsoft Intune

Migrating Windows devices involves several critical steps, each with its own considerations.

Key Steps:
  1. Wiping the Device: Resetting the device to its factory state. 
  2. Unenrolling from Existing Management Platform: Ensuring data preservation while changing management platforms. 
  3. Pre-Migration Preparations: Including assumptions, functioning PBR, and in-place upgrades. 
  4. Migration Considerations: Covering user communications, power management policy changes, and blocking enrollment in legacy environments. 
  5. Technical Preparations: Deploying persistent provisioning packages and harvesting Autopilot hardware hashes. 
  6. Post-Reset Actions: Cleaning up legacy device objects and importing Autopilot hardware hashes. 
  7. Enrollment and Post-Migration: Enrolling devices using Autopilot and conducting mop-up activities.

Migration Steps for Mobile Devices to Microsoft Intune

Migrating mobile devices also involves distinct scenarios.

Key Scenarios:
  1.   Deploy Company Portal App: Use your current management solution to push the Company Portal application to devices. Ensure it remains installed after unenrollment. 
  2. Enable User-Initiated Unenrollment: Allow users to unenroll their devices from the current management system. 
  3. Implement Conditional Access Policy (Optional but Recommended): Set up a policy requiring device compliance for accessing corporate resources. Carefully select the user groups for this policy. 
  4. Manual Device Enrollment by Users: Instruct users to enroll their devices in Intune using the Company Portal, like new or unmanaged devices. 
  5. Provide Setup Guidance: Offer instructions to users for reconfiguring their applications, such as email clients and collaboration tools, post-enrollment. 


In the rapidly evolving landscape of device and application management, enterprises seeking to transition from their existing Mobile Device Management (MDM) systems to Microsoft Intune can find a robust and reliable partner in Netwoven. Netwoven plays a pivotal role in guiding enterprises through the complexities of migration, ensuring a seamless and efficient transition to Microsoft Intune.

Expertise and Customized Strategies

Netwoven brings to the table deep expertise in Microsoft technologies, offering tailored strategies that align with the unique needs of each enterprise. Our approach is not one-size-fits-all. Instead, we meticulously assess the current MDM environment of an enterprise and devise a migration plan that minimizes disruptions and maximizes efficiency.

Comprehensive Assessment and Planning

Netwoven begins the migration journey with a thorough assessment phase, where they catalog and review the existing device and application infrastructure. This detailed analysis forms the foundation for a well-structured migration plan, ensuring that every aspect of the current system is considered and appropriately transitioned to Intune.

Streamlined Migration and Testing

With a clear plan in place, Netwoven expertly navigates enterprises through the migration process. They ensure that each step, from initial tenant configuration to scenario validation, is executed with precision. Our rigorous testing phase is particularly crucial, as it validates the migration strategy and ensures that all systems function optimally in the new Intune environment. Feel free to contact us for an Endpoint Management Workshop.  

By Sumit Kumar Mahajan

Mr Sumit Kumar Mahajan is a Senior Cloud Infrastructure Engineer at Netwoven and responsible for managing and designing Cloud and Infrastructure platforms. Expertise in Azure, Microsoft 365 Messaging, Security & Compliance, Exchange, MDM, Windows Server, and Active Directory.

Leave a comment

Your email address will not be published. Required fields are marked *

Unravel The Complex
Stay Connected

Subscribe and receive the latest insights

Netwoven Inc. - Microsoft Solutions Partner

Get involved by tagging Netwoven experiences using our official hashtag #UnravelTheComplex