How to Migrate Group Policies into Microsoft Intune!
ฝัง
- เผยแพร่เมื่อ 7 ก.ค. 2024
- In this session I’ll walk you through everything you need in order to Migrate your current Active Directory group policies into Microsoft Intune. So all that effort in configuring your on premise workstations, doesn’t have to go to waste. After a brief discussion on Group Policy, I’ll provide a full demo on how to not only back up your group policy settings, but also how to generate a report using the new Microsoft Intune Group Policy Analytics & Migration tool. But also how to perform a migration and deal with any troubleshooting issues along the way. Enjoy!
For more on me visit Andymalone.org
Timecodes
00:00 Introductions
02:08 Active Directory Group Policies Explained
05:07 Exploring Group Policies Report files
05:51 Importing Group Policies into Microsoft Intune
07:16 Configuring Imported Settings for Intune Device Profiles
10:29 Migrating Group Policy Settings into Device Profiles
12:50 Viewing The results
13:58 Session Review
![[FULL EP.14] เซียนหรั่ง สอน มาร์ชจุ จับปูนา ฮากระจาย | เฮ็ดอย่างเซียนหรั่ง | One Playground](http://i.ytimg.com/vi/M8mPjd_T2lo/mqdefault.jpg)
Great video!! Been looking for this capability!
Thanks for the content Andy. Also I just subscribed so keep enlightening us with your vast knowledge.
Welcome aboard! I’m delighted to hear from you. Enjoy and all the best 👍🤗
Congrats with your 25 years!!!
Thanks so much :-)
That is Awesome!!
Another Amazing video :)
Thanks again!
This is very educative content, I always love it. You have lots of experience in Microsoft with 25 years as a trainer.
Mashallah brother! Once again very good content selection and brilliantly explained. 👍
Can you show us how to create the group policies from scratch in Server Manager?
Great video. Wished i would have known this with my previous role. But will have this for the future. Thanks.
I do have a question for you on a future topic? What are tags and how they help manage devices and applications?
Thanks again.
Great suggestion 🙂
Hey Andy, thanks for this video! The first thing I would like to know is can you tell us or show us how do we get to the very first portal you presented, the "Server Manager"?
Actually, that’s a good idea. I’ll see what I can do. 👍
I am on board, Andy! Keep these fantastic videos coming! Thank you, Sir. ❤
Andy,
Always enjoy your videos. Quick question, can we migrate our GPO Password Policy as well? We know the password policy for Azure AD does not meet compliance for certain industries.
Thanks!
You know what I’m don’t think so. I’d need to research that one. As I’ve said many times though, with MFA passwords are so 90s try and move beyond them.
Waited for this one! 🎉 What about assigning device policies from origine to an user group or user policies assigning to device groups or perhaps a mix of them.
I think I did that in an earlier video, but sure :-)
@@AndyMaloneMVP I mean when you previously set up computer config in an group policy and now you migrate this to Intune and assign this to an usergroup?
@@patrick__007 Patrick has I’ll do my best but I’m sure you’ll understand that I can’t put a video up on every setting. I have to make a living as well. You could always put yourself on a course😊 Also MS has a complete document library online that you can find this information. Learn.Microsoft.com check it out and good luck.
@@patrick__007 I believe it is the same steps
Thanks for you nice video explanation about this topic. Strange thing is that I tried to follow your actions but I cant find the configurations option (at 12:50) while I'm logged in as global admin? The menu structure looks very different than what you are showing in your video?
It could be a licence issue. I have an E5 & EM&S
Thanks again for these.
Would you recommendation be that if you were already an on-prem AD-joined setup, that we should Migrate policies, test/fix, Un-join the device from the domain, make it Entra-Joined, then deploy policies?
I would yes 👍😊
@@AndyMaloneMVP my only concern then, a big one really, is that it seems InTune does not cover all the GPO controls an on-prem does. I tested 1 policy import and only 22% showed as supported. I searched but could not yet find if you have any video that tackles the case of such unsupported GPO settings...alternatives, how to best resolve... got anything like that ?
Thanks for the video! We are in the process of this migration. There are more than 1000 settings to migrate! How can we evaluate them one by one? Can we use any automated service or we should migrate all of them at the same time?
Yes. This was my demo. First export to File, then import. There are a number of 3rd party tools out there. You will probably not manage all, but the report will show you which can be migrated. Check docs at learn.microsoft.com and via the Microsoft Tech Community
I really wish this tool was able to handle multiple imports better. I can export (backup) all GPO's but importing I need to select each one individually. I would love to be able to point the import to the folder where the GPO's were backed up to.
Agreed
Hi Andy,
Great vid! :)
Question: Why I can't find the "Manage Devices" under "Devices" of my Microsoft Intune admin center?
Thanks in advance.
It’s because the user is not licensed for insurance and you have not enabled the Intune function. At the moment it sounds like it’s hybrid Azure AD joint. Below details check out the article learn.microsoft.com
Hi Andy! great video! Does this work with password policies?
I believe so but use MFA for best practice.
Great video thanks! :) ... I'm in the process of configuring new on premise servers, will Group Policies in Intune make it possible to remove AD on premise?
Absolutely!
@@AndyMaloneMVP 👍... but if I don't have on premise AD, will it be possible to set on premise NTFS for users on folders and files?
@@MrMorajo NTFS file permissions are normally set locally. You can control sharing, but I don’t believe you can control NTFS permissions. The solution is simple. Don’t use local files, ensure your users store their data. In cloud storage, the security, compliance and manageability features, much better. This also insures that your data remains under your control. In terms of Microsoft 365, look forwards, not backwards.
cna you import the policy into intune and get intune to kick a restart off once import has been completed?
For specific settings and operations I recommend you to consult the accompanying documentation on the Learn.microsoft.com
How schould i handel the policys that are not compatible ? Is there any way to get them in to Intune ?
You’ll probably find that most of the components are compatible. However, as it’s a different platform, some features may not and you may just have to adapt and select an alternative.
@@AndyMaloneMVP thanks for the fast answer. I will find a way
I would like to know how to step by step, migrate and configure Windows Defender and Anitimalware policies from SCCM to 365 Defender and Intune. Please!
I’ll add it too my list 👍
Sir,We waiting for content regarding Terraform
I’m sorry, but I do not cover that topic on this channel
please make video series of CO-Management SCCM. @AndyMaloneMVP