Good Morning Everyone 🕵️ Deep within the digital infrastructure, a high-stakes mission is being prepped. Five mobility experts have been deployed to solve a massive puzzle: migrating tens of thousands of smartphones to Microsoft Intune. The Goal: Ensure a fluid, secure, and uninterrupted transition for thousands of users. The Battlefront: A complex landscape filled with legacy policies, mixed configurations, and strict deadlines. It’s a race against the clock where one wrong move could start a domino effect. From scripts to security protocols—nothing is left to chance. Failure is not an option. Following Broadcom’s acquisition of VMware in 2023, the Workspace ONE product is now owned by Omnissa. Broadcom’s commercial strategy, which has influenced its spin-off companies, had become highly aggressive toward all customers. Consequently, we have decided to migrate the management of our Android and iOS tertiary fleet to Microsoft Intune.. While we are familiar with Intune, several limitations should be noted: Reporting: Intune offers basic reporting through Microsoft Endpoint Manager and Power BI integration, but lacks the advanced, customizable dashboards available in Workspace ONE. Deployment Performance: Application and configuration deployments can be slow, with status updates often delayed due to Intune’s reliance on periodic device check-ins rather than real-time communication. iOS Management: Intune provides full functionality only for devices enrolled via Apple Business Manager (ABM). Non-ABM devices have restricted supervision capabilities, limiting advanced configuration and app deployment. Error Handling: Intune does not display granular error codes in its console. Troubleshooting often requires log collection from the device or use of Microsoft Support tools, increasing diagnostic complexity. Conditional Access & Compliance: Intune integrates tightly with Azure AD for conditional access policies, which is a strength, but requires additional configuration and licensing for advanced scenarios. App Protection Policies: Strong for Microsoft 365 apps, but less flexible for third-party apps compared to Workspace ONE. Migration Strategy Overview The project aims to migrate the entire mobile fleet—a few tens of thousands Android and some iOs devices—between September 2023 and December 2024. Cybersecurity requirements mandate a shift from COBO (with personal Google accounts allowed) to COPE, reinforcing corporate control and reducing exposure to security risks. Key Challenges Technical Constraints: Devices incompatible with Android 13 require hardware replacement. For most employees, migration involves full device reset and Intune re-enrollment—a complex, time-consuming process. Security Limitations: Backup tools cannot be authorized, increasing the risk of data loss and user errors. A recurring issue is failure to remove Microsoft Authenticator configurations, creating significant support overhead. Performance Impact: The Samsung Galaxy A32, previously adequate under COBO, performs poorly under COPE, affecting user experience. Status and Strategic Decision By June 2024, progress is far below target. To mitigate operational disruption and support overload, the strategy shifts: forced migrations are discontinued. Migration now occurs only during: Hardware replacement (obsolescence, failure, or breakage) Voluntary device reset This approach prioritizes stability and resource optimization while maintaining compliance with security standards. We’ve been with Intune for almost two years, we make do with it and we are hardly surprised anymore when something doesn’t work. If you have any questions, don't hesitate to reach out via the comments below Kris

Nice article and again a statement which we see here so often: Intune is not a real "goto" solution but more like a "have to" solution when forced by procurement as it's cheaper than other solutions (which also work way better from my experience and what i read here from others). I'm not a fan of calling any product bad but Intune really made it through a lot of hands with same opinions. Never heard of someone telling "Intune is nice" or so.

I love this. Intune is not a "go to" it is a "have to". I've made it a personal mission to put as much content out as possible to warn others of the perils of Intune and am glad to hear similar horror stories being shared.

Nice article! The last part made me a bit sad, "we make do with Intune". It doesn't seem like Intune is a good fit for you, and you shouldnt have to be forced to migrate to Intune. But its a reality I hear way to often. Moombas is right, its a have to solution. It works for the average company with just basic management, but anything more than that is just not going to work very well.

Great article, funny and interesting. I keep as far away from Intune as possible, but slightly surprised Google published this, hopefully a wakeup call to Microsoft.

Forum Discussion

Kris

Level 2.3: Gingerbread

2 months ago

[Day 2] Mission Intune : When Migration Becomes a Mission (Almost) Impossible

Good Morning Everyone 🕵️

Deep within the digital infrastructure, a high-stakes mission is being prepped. Five mobility experts have been deployed to solve a massive puzzle: migrating tens of thousands of smartphones to Microsoft Intune.

The Goal: Ensure a fluid, secure, and uninterrupted transition for thousands of users.

The Battlefront: A complex landscape filled with legacy policies, mixed configurations, and strict deadlines.

It’s a race against the clock where one wrong move could start a domino effect. From scripts to security protocols—nothing is left to chance.

Failure is not an option.

Following Broadcom’s acquisition of VMware in 2023, the Workspace ONE product is now owned by Omnissa. Broadcom’s commercial strategy, which has influenced its spin-off companies, had become highly aggressive toward all customers. Consequently, we have decided to migrate the management of our Android and iOS tertiary fleet to Microsoft Intune..

While we are familiar with Intune, several limitations should be noted:

Reporting: Intune offers basic reporting through Microsoft Endpoint Manager and Power BI integration, but lacks the advanced, customizable dashboards available in Workspace ONE.
Deployment Performance: Application and configuration deployments can be slow, with status updates often delayed due to Intune’s reliance on periodic device check-ins rather than real-time communication.
iOS Management: Intune provides full functionality only for devices enrolled via Apple Business Manager (ABM). Non-ABM devices have restricted supervision capabilities, limiting advanced configuration and app deployment.
Error Handling: Intune does not display granular error codes in its console. Troubleshooting often requires log collection from the device or use of Microsoft Support tools, increasing diagnostic complexity.
Conditional Access & Compliance: Intune integrates tightly with Azure AD for conditional access policies, which is a strength, but requires additional configuration and licensing for advanced scenarios.
App Protection Policies: Strong for Microsoft 365 apps, but less flexible for third-party apps compared to Workspace ONE.

Migration Strategy Overview

The project aims to migrate the entire mobile fleet—a few tens of thousands Android and some iOs devices—between September 2023 and December 2024. Cybersecurity requirements mandate a shift from COBO (with personal Google accounts allowed) to COPE, reinforcing corporate control and reducing exposure to security risks.

Key Challenges

Technical Constraints: Devices incompatible with Android 13 require hardware replacement. For most employees, migration involves full device reset and Intune re-enrollment—a complex, time-consuming process.
Security Limitations: Backup tools cannot be authorized, increasing the risk of data loss and user errors. A recurring issue is failure to remove Microsoft Authenticator configurations, creating significant support overhead.
Performance Impact: The Samsung Galaxy A32, previously adequate under COBO, performs poorly under COPE, affecting user experience.

Status and Strategic Decision

By June 2024, progress is far below target. To mitigate operational disruption and support overload, the strategy shifts: forced migrations are discontinued. Migration now occurs only during:

Hardware replacement (obsolescence, failure, or breakage)
Voluntary device reset

This approach prioritizes stability and resource optimization while maintaining compliance with security standards.

We’ve been with Intune for almost two years, we make do with it and we are hardly surprised anymore when something doesn’t work.

If you have any questions, don't hesitate to reach out via the comments below

Kris

omnissa workspace one

stories

13 Replies

Moombas
Level 4.4: KitKat
2 months ago
Nice article and again a statement which we see here so often: Intune is not a real "goto" solution but more like a "have to" solution when forced by procurement as it's cheaper than other solutions (which also work way better from my experience and what i read here from others).

I'm not a fan of calling any product bad but Intune really made it through a lot of hands with same opinions. Never heard of someone telling "Intune is nice" or so.
- mattdermody
  Level 3.0: Honeycomb
  2 months ago
  I love this. Intune is not a "go to" it is a "have to". I've made it a personal mission to put as much content out as possible to warn others of the perils of Intune and am glad to hear similar horror stories being shared.
  - Kris
    Level 2.3: Gingerbread
    2 months ago
    Thank you mattdermody
- Kris
  Level 2.3: Gingerbread
  2 months ago
  Thank you Moombas
Emilie_B
Google Community Manager
2 months ago
What a great post Kris - it's so insightful and I like the humour with which this was written 😊

It's interesting to hear you share this opinion Moombas!
- Kris
  Level 2.3: Gingerbread
  2 months ago
  Thank you so much Emilie_B
Michel
Level 4.0: Ice Cream Sandwich
2 months ago
Nice article!

The last part made me a bit sad, "we make do with Intune". It doesn't seem like Intune is a good fit for you, and you shouldnt have to be forced to migrate to Intune. But its a reality I hear way to often.

Moombas is right, its a have to solution. It works for the average company with just basic management, but anything more than that is just not going to work very well.
- Kris
  Level 2.3: Gingerbread
  2 months ago
  Thank you Michel you are absolutly right !
davidguill
Level 2.0: Eclair
2 months ago
Great article, funny and interesting.

I keep as far away from Intune as possible, but slightly surprised Google published this, hopefully a wakeup call to Microsoft.
- Kris
  Level 2.3: Gingerbread
  2 months ago
  Thank you davidguill And i could say even more 😆
- Lizzie
  Google Community Manager
  2 months ago
  Hey davidguill,
  
  I hope you are doing well.
  
  Just to come back to you here, even though it is part of the festival - this piece was written entirely by Kris, so these thoughts are entirely his own.
  
  But in general, to add my own thoughts here, I want to encourage our community here to be a place where we can have constructive conversations and share different experiences and ideas. Some things that might not be working for one person, could be working for another, so hopefully we can help each other, learn from each other and make sure that everyone is having the best experiences using Android devices at work and the wider ecosystem.
  
  (Open for more ideas on how we can do more of this in the community).
  
  Thanks so much,
  
  Lizzie
Lizzie
Google Community Manager
2 months ago
Thank you, Kris , for taking the time to be part of the festival and sharing your experience with migrating to a new EMM. Migrating anything can be stressful, and I am sure this topic is of interest to many community members here.

I am sorry to hear your deployment has not been as straightforward as expected - there is some very useful feedback here. I know there are a few community members who are also using Intune, so I wonder if anyone reading this could offer any constructive tips or advice on any of the areas highlighted here that could help? Perhaps we can get a good conversation going around this?

Thanks again,

Lizzie
- Kris
  Level 2.3: Gingerbread
  2 months ago
  Thank You Lizzie and Emilie_B
  This article is a great opportunity to share our experience and to have feedback.
  Kris