Forum Discussion

TomWechsler's avatar
Sep 30, 2021

Analyze the local Group Policy Objects (GPOs) using Group Policy Analytics in Microsoft Intune!

 

Dear Microsoft Intune Friends,

 

Many companies are looking to cloud solutions to support the growing number of field workers. But how can field workers' systems be managed with a cloud solution? Until now, these systems have been managed with the group policies from the local infrastructure. Can these group policies also be used in the cloud solution?

My customer scenario involved the following. The customer was considering re-managing the systems with Microsoft Intune. The majority of systems (both in-house and off-site) were managed with group policies. For this reason, I wanted to get an overall view first.

 

This is exactly where the Group Policy Analytics tool from Microsoft Intune comes into play. The tool is still in preview (maybe not by the time you read this article), but it can still be used very well for a first assessment.

 

We start in the local infrastructure and launch Group Policy Management. We navigate to the Group Policy Objects and select a GPO. To examine the GPO in Intune, we need a GPO report file. Either we can create a report file directly or (and this is how I will do it) we create a backup of a Group Policy object. This will contain the report .xml file.

 

Now, let's got to the Microsoft Intune Portal. https://endpoint.microsoft.com

 

Click on Devices.

 

Now in the menu we navigate to Group Policy Analytics.

 

Click the Import button.

 

Locate the gpreport.xml file. We have generated this file with the GPO backup.

 

The import is quickly completed, close the blade and click on the percent number.

 

In this example, there is no support in Intune for the lcal GPO settings.

 

Here's another example, where we see the support from Intune is there.

 

We can look at some more details. In the menu select Reports on and click Group Policy Analytics.

 

Click Refresh below Summary.

 

Click Reports to the right of Summary.

 

Click on the blue "Generate again" button.

 

Now you get the detailed information about the individual settings in the group policies and see right away whether they are also supported by Intune or not.

 

Maybe I could help you a bit when it comes to the decision to manage devices with Microsoft Intune in the future. Sure this wasn't super exciting, but I still wanted to share this information with you.

 

I hope this article was helpful for you? Thank you for taking the time to read this article.

 

Best regards, Tom Wechsler

No RepliesBe the first to reply

Resources