- Docker logs tail: Troubleshoot Docker containers with real-time logging - Wed, Sep 13 2023
- dsregcmd: Troubleshoot and manage Azure Active Directory (Microsoft Entra ID) joined devices - Thu, Aug 31 2023
- Ten sed command examples - Wed, Aug 23 2023
Active Directory Domain Services usually handles traditional client policy management in on-premises environments. However, without VPN, a hybrid workforce no longer has the line-of-sight network access they require to a domain controller.
What is Group Policy Analytics?
Microsoft has been working on bringing feature parity to Intune's cloud-based mobile device management policy settings so companies can shift policy management to the cloud. In addition, the new Group Policy Analytics tool provides easy lift-and-shift migration for on-premises GPOs.
From the imported GPOs, you can then create a Settings Catalog policy. You can use the settings policy to deploy settings to users and devices managed in the organization.
Export an on-premises GPO
First, we must export a GPO as an XML file to import the settings into the Group Policy Analytics tool. Then, in the Group Policy Management tool, right-click the Group Policy and select Save Report.
Choose XML File in the Save as type field.
Log in to Intune as an administrator or a user with the Security Baselines permissions. Then, navigate to Devices > Policy > Group Policy analytics (preview) > Import.
Choose the XML file you saved from the Group Policy Management Console. It will automatically import the file.
Next, you will see a measurement of MDM support in the dashboard, as it is not yet 100% supported. There will currently be limitations in specific Group Policy settings that can be migrated. However, the presently available Intune MDM settings contain many standard policy settings.
The dashboard displays the migration readiness analysis.
If you drill into the MDM support, you will see a granular list of settings from the Group Policy Object that will migrate and those that won't. Then, if you click the Migrate button, it will launch the "Migrate Group Policy Settings to the cloud" wizard.
Select the settings you want to migrate, or click the Select all on this page button.
The Configuration page shows the settings included in the migration.
Name the new configuration profile on the Profile info page.
You can add Scope tags on the scope tags page if needed. On the Assignments page, you can scope the configuration profile to all users or specific users in your organization. Click the Add groups button to choose your Microsoft 365 groups.
Finally, review and deploy the new configuration profile containing the migrated Group Policy Object settings.
After you deploy, the new configuration profile appears in the Devices > Configuration profiles section.
Organizations are transitioning to a cloud-focused strategy, including remote client management. The Group Policy Analytics tool helps migrate seamlessly from on-premises GPOs to the CSP-based Microsoft MDM platform.
Subscribe to 4sysops newsletter!
However, it is worth noting that there are still limitations in the number of MDM settings at present. As a result, many businesses may opt to utilize a combination of GPOs and cloud-based MDM management through solutions such as Microsoft Intune.