Microsoft Intune Integration to Servicenow,

ajeet vishwakar
Tera Contributor

1-Can you tell me all the features of Microsoft Intune if we integrate with Servicenow.

2-Can we do Discovery with Microsoft Inutne.

3-Can we access Software Usage data with help of Microsoft Intune.

4-List Pros and cons comparison between SCCM & Servicenow Integration and Intune and Servicenow Integration

 

8 REPLIES 8

Hi Ken, any update on this from the ServiceNow ITAM team?  We can see that the last used date still ins't coming through in our instance.

Thanks

ccorbett
Mega Contributor

Does anyone have a functional example of pagination in Intune? I currently cannot get more than 1,000 records. I'm trying to get the mavembry example cited above to work and am having problems.

Bugner
Tera Contributor

Is there an update on the SG-InTune connector limitiations mentioned here?

  1. Is the software usage data and last used date returned by InTune for EUC assets?

  2. Does InTune update the cmdb_sam_sw_install and remove software records when software is uninstalled from assets?

Thanks

Rachel Gomez
Giga Expert

DSM provides the option of using a Microsoft Intune connector to upload the DSM client MSI and NCP files into Intune. This action enables new endpoints to automatically register into DSM when an end user starts using their device for the first time. You can configure the Intune connector directly in the DSMC settings (ICDB). This feature leverages the Autopilot, Intune, and Azure AD infrastructure from Microsoft.

Without this feature, for a new endpoint to be registered in DSM, it must be connected to the company network for DSM to push the DSM client package and/or be auto-inserted in DSM.

A single-click action menu (DSM Settings > Upload DSM Client To Intune) enables you to upload the current DSM agent (MSI file, NCP file, as well as two batch files to install/uninstall the MSI) as a package to Intune.

Once the DSM agent is installed on endpoint devices via Intune, the following registry key is automatically set that identifies all Intune installed devices: HKLM\SOFTWARE\netsupport\netinstall\Intune.

Prerequisites
•Install Microsoft .NET Framework 4.8 on the BLS server and other endpoints where the DSM Settings > Upload DSM Client To Intune menu is used.

•Activate TLS 1.2 on both the BLS server and the HTTP depot. See this article for details: TLS 1.2 enforcement for Azure AD Connect

•Configure a hybrid Azure AD join for managed domains. See this article for details: Configure hybrid Azure AD join. Note that Azure AD needs to be synced with the local domain that DSM is using.

•Have a Microsoft 365 subscription for Microsoft Endpoint Manager, with this configuration:

•Activate MDM: Go to the Azure portal (portal.azure.com) and select Azure Active Directory > Microsoft Intune > All to enable the MDM user scope and MAM user scope.

•Activate enrollment: Go to the Azure portal (portal.azure.com) and select Azure Active Directory > Mobility (MDM and MAM) > Microsoft Intune Enrollment > All to enable the MDM user scope.

•Create an Azure application (a tenant) manually, 

•Assign application permissions in Intune for the Microsoft Graph API. The list of required permissions is:

•Group – Read, Write

•Directory – Read, Write

•DeviceManagementApps – Read, Write

•DeviceManagementConfiguration – Read, Write

•DeviceManagementServiceConfig – Read, Write

•DeviceManagementManagedDevices – Read, Write

•Applications – Read, Write

Configuring DSM
DSM has three new text fields in Infrastructure (advanced mode) used to connect to your Azure environment. Select the created app:

•Tenant ID – “Directory (tenant) ID”

•Application ID – “Application (client) ID”

•Client Secret (stored encrypted in DSM) – found in “Certificates & secrets”

The DSM Infrastructure tab with the new Intune Integration settings looks like this:

 

Integrating with Intune
To integrate with Intune, use the single-click-action menu DSM Settings > Upload DSM Client To Intune to automate several steps:

•Package the DSM client MSI and NCP files into .intune file format, as required by Intune. This is performed using a tool from Microsoft that is included in the iso. 

•Upload the package to Azure storage.

•Assign the new application to all endpoints.

The new menu calls a new tool, C:\DSM\DSMIntuneConnector.exe. The produced log is located at C:\Program Files (x86)\Common Files\enteo\NiLogs\BLS\bls_DSMIntune.log.

 

Regards,

Rachel Gomez