Thanks for you nice video explanation about this topic. Strange thing is that I tried to follow your actions but I cant find the configurations option (at 12:50) while I'm logged in as global admin? The menu structure looks very different than what you are showing in your video?
Hi Andy, not sure if this is still the case but what a stupid MS Design choice, "Select all on this page" will only select items on the page you on and you need to go to each page and click that. For instance 90% of 30 is 27 and you only selected 18 of those 27, so nothing on page 2 was targeted. I learnt my lesson there and I had to migrate GPO's that some were over 20 pages, so need to click every page manually and click target, then next and click target, then next and click target. This annoyed the shit out of me!!! Great Video BTW!!! ❤❤
Hey Andy, thanks for this video! The first thing I would like to know is can you tell us or show us how do we get to the very first portal you presented, the "Server Manager"?
Thanks again for these. Would you recommendation be that if you were already an on-prem AD-joined setup, that we should Migrate policies, test/fix, Un-join the device from the domain, make it Entra-Joined, then deploy policies?
@@AndyMaloneMVP my only concern then, a big one really, is that it seems InTune does not cover all the GPO controls an on-prem does. I tested 1 policy import and only 22% showed as supported. I searched but could not yet find if you have any video that tackles the case of such unsupported GPO settings...alternatives, how to best resolve... got anything like that ?
It’s because the user is not licensed for insurance and you have not enabled the Intune function. At the moment it sounds like it’s hybrid Azure AD joint. Below details check out the article learn.microsoft.com
I can not get past the select scope option. It just hangs there even though the NEXT button is highlighted. I click it and it won't advance. Do I need a particular license on my global admin to perform these actions?
Thanks for the video! We are in the process of this migration. There are more than 1000 settings to migrate! How can we evaluate them one by one? Can we use any automated service or we should migrate all of them at the same time?
Yes. This was my demo. First export to File, then import. There are a number of 3rd party tools out there. You will probably not manage all, but the report will show you which can be migrated. Check docs at learn.microsoft.com and via the Microsoft Tech Community
Andy, Always enjoy your videos. Quick question, can we migrate our GPO Password Policy as well? We know the password policy for Azure AD does not meet compliance for certain industries. Thanks!
You know what I’m don’t think so. I’d need to research that one. As I’ve said many times though, with MFA passwords are so 90s try and move beyond them.
Waited for this one! 🎉 What about assigning device policies from origine to an user group or user policies assigning to device groups or perhaps a mix of them.
@@AndyMaloneMVP I mean when you previously set up computer config in an group policy and now you migrate this to Intune and assign this to an usergroup?
@@patrick__007 Patrick has I’ll do my best but I’m sure you’ll understand that I can’t put a video up on every setting. I have to make a living as well. You could always put yourself on a course😊 Also MS has a complete document library online that you can find this information. Learn.Microsoft.com check it out and good luck.
I really wish this tool was able to handle multiple imports better. I can export (backup) all GPO's but importing I need to select each one individually. I would love to be able to point the import to the folder where the GPO's were backed up to.
Great video. Wished i would have known this with my previous role. But will have this for the future. Thanks. I do have a question for you on a future topic? What are tags and how they help manage devices and applications? Thanks again.
Great video thanks! :) ... I'm in the process of configuring new on premise servers, will Group Policies in Intune make it possible to remove AD on premise?
@@MrMorajo NTFS file permissions are normally set locally. You can control sharing, but I don’t believe you can control NTFS permissions. The solution is simple. Don’t use local files, ensure your users store their data. In cloud storage, the security, compliance and manageability features, much better. This also insures that your data remains under your control. In terms of Microsoft 365, look forwards, not backwards.
You’ll probably find that most of the components are compatible. However, as it’s a different platform, some features may not and you may just have to adapt and select an alternative.
I would like to know how to step by step, migrate and configure Windows Defender and Anitimalware policies from SCCM to 365 Defender and Intune. Please!
Thanks for the content Andy. Also I just subscribed so keep enlightening us with your vast knowledge.
Welcome aboard! I’m delighted to hear from you. Enjoy and all the best 👍🤗
Great video!! Been looking for this capability!
Can you show us how to create the group policies from scratch in Server Manager?
Congrats with your 25 years!!!
Thanks so much :-)
This is very educative content, I always love it. You have lots of experience in Microsoft with 25 years as a trainer.
Mashallah brother! Once again very good content selection and brilliantly explained. 👍
Thanks for you nice video explanation about this topic. Strange thing is that I tried to follow your actions but I cant find the configurations option (at 12:50) while I'm logged in as global admin? The menu structure looks very different than what you are showing in your video?
It could be a licence issue. I have an E5 & EM&S
Hi Andy, not sure if this is still the case but what a stupid MS Design choice, "Select all on this page" will only select items on the page you on and you need to go to each page and click that. For instance 90% of 30 is 27 and you only selected 18 of those 27, so nothing on page 2 was targeted. I learnt my lesson there and I had to migrate GPO's that some were over 20 pages, so need to click every page manually and click target, then next and click target, then next and click target. This annoyed the shit out of me!!! Great Video BTW!!! ❤❤
Hey Andy, thanks for this video! The first thing I would like to know is can you tell us or show us how do we get to the very first portal you presented, the "Server Manager"?
Actually, that’s a good idea. I’ll see what I can do. 👍
Thanks again for these.
Would you recommendation be that if you were already an on-prem AD-joined setup, that we should Migrate policies, test/fix, Un-join the device from the domain, make it Entra-Joined, then deploy policies?
I would yes 👍😊
@@AndyMaloneMVP my only concern then, a big one really, is that it seems InTune does not cover all the GPO controls an on-prem does. I tested 1 policy import and only 22% showed as supported. I searched but could not yet find if you have any video that tackles the case of such unsupported GPO settings...alternatives, how to best resolve... got anything like that ?
Another Amazing video :)
Thanks again!
Hi Andy,
Great vid! :)
Question: Why I can't find the "Manage Devices" under "Devices" of my Microsoft Intune admin center?
Thanks in advance.
It’s because the user is not licensed for insurance and you have not enabled the Intune function. At the moment it sounds like it’s hybrid Azure AD joint. Below details check out the article learn.microsoft.com
I can not get past the select scope option. It just hangs there even though the NEXT button is highlighted. I click it and it won't advance. Do I need a particular license on my global admin to perform these actions?
Yes possibly or you do nit have Purview permissions
Thanks for the video! We are in the process of this migration. There are more than 1000 settings to migrate! How can we evaluate them one by one? Can we use any automated service or we should migrate all of them at the same time?
Yes. This was my demo. First export to File, then import. There are a number of 3rd party tools out there. You will probably not manage all, but the report will show you which can be migrated. Check docs at learn.microsoft.com and via the Microsoft Tech Community
Andy,
Always enjoy your videos. Quick question, can we migrate our GPO Password Policy as well? We know the password policy for Azure AD does not meet compliance for certain industries.
Thanks!
You know what I’m don’t think so. I’d need to research that one. As I’ve said many times though, with MFA passwords are so 90s try and move beyond them.
Waited for this one! 🎉 What about assigning device policies from origine to an user group or user policies assigning to device groups or perhaps a mix of them.
I think I did that in an earlier video, but sure :-)
@@AndyMaloneMVP I mean when you previously set up computer config in an group policy and now you migrate this to Intune and assign this to an usergroup?
@@patrick__007 Patrick has I’ll do my best but I’m sure you’ll understand that I can’t put a video up on every setting. I have to make a living as well. You could always put yourself on a course😊 Also MS has a complete document library online that you can find this information. Learn.Microsoft.com check it out and good luck.
@@patrick__007 I believe it is the same steps
I really wish this tool was able to handle multiple imports better. I can export (backup) all GPO's but importing I need to select each one individually. I would love to be able to point the import to the folder where the GPO's were backed up to.
Agreed
Great video. Wished i would have known this with my previous role. But will have this for the future. Thanks.
I do have a question for you on a future topic? What are tags and how they help manage devices and applications?
Thanks again.
Great suggestion 🙂
That is Awesome!!
Great video thanks! :) ... I'm in the process of configuring new on premise servers, will Group Policies in Intune make it possible to remove AD on premise?
Absolutely!
@@AndyMaloneMVP 👍... but if I don't have on premise AD, will it be possible to set on premise NTFS for users on folders and files?
@@MrMorajo NTFS file permissions are normally set locally. You can control sharing, but I don’t believe you can control NTFS permissions. The solution is simple. Don’t use local files, ensure your users store their data. In cloud storage, the security, compliance and manageability features, much better. This also insures that your data remains under your control. In terms of Microsoft 365, look forwards, not backwards.
How schould i handel the policys that are not compatible ? Is there any way to get them in to Intune ?
You’ll probably find that most of the components are compatible. However, as it’s a different platform, some features may not and you may just have to adapt and select an alternative.
@@AndyMaloneMVP thanks for the fast answer. I will find a way
Hi Andy! great video! Does this work with password policies?
I believe so but use MFA for best practice.
cna you import the policy into intune and get intune to kick a restart off once import has been completed?
For specific settings and operations I recommend you to consult the accompanying documentation on the Learn.microsoft.com
I would like to know how to step by step, migrate and configure Windows Defender and Anitimalware policies from SCCM to 365 Defender and Intune. Please!
I’ll add it too my list 👍
I am on board, Andy! Keep these fantastic videos coming! Thank you, Sir. ❤
please make video series of CO-Management SCCM. @AndyMaloneMVP