Forum Discussion
Solved
After Removing GPO, Intune Policies Not Applying
Part of our fleet remains Entra Hybrid Join (as computers are refreshed, they are Entra Joined instead). We apply Windows Security Baselines through both Group Policy and Intune. Recently, we evaluat...
Hi
1. to be honest... targetting the device with intune policies and gpo is bad... there are different solutions to make sure the device wasn't targetted in the first place with the intune policies or making sure the gpo wasn't targeting those devices.
2. Are you 100% sure the gpo isn't any longer on those devices? what happens with a gpresult on those devices, what does it mention?
3.DId you manually checked a device to find out if the policies are still there in the registry
Could you tell us a bit more what you checked?
1. to be honest... targetting the device with intune policies and gpo is bad... there are different solutions to make sure the device wasn't targetted in the first place with the intune policies or making sure the gpo wasn't targeting those devices.
2. Are you 100% sure the gpo isn't any longer on those devices? what happens with a gpresult on those devices, what does it mention?
3.DId you manually checked a device to find out if the policies are still there in the registry
Could you tell us a bit more what you checked?
I agree that targeting the devices with both Intune and GPO enforcing the same policy is a bad idea. The purpose of removing the GPO baselines was to make it so we're no longer doing this.
I am 100% sure the policies are not applying. They do not appear in the registry and do not show up in gpresult. Most importantly. when using the device, I can see tell the settings are not applying based on the behavior of the computer (no UAC prompts when there should be, settings enabled and working that should not be, etc...).
I am 100% sure the policies are not applying. They do not appear in the registry and do not show up in gpresult. Most importantly. when using the device, I can see tell the settings are not applying based on the behavior of the computer (no UAC prompts when there should be, settings enabled and working that should not be, etc...).