Forum Discussion
Hybrid AAD - Intune feature upgrade - security gap before GPO will be applied when no AD connectivit
Hello, I am looking for a way to be sure that there will be no security gap\bridge in the following scenario: there are windows 10 machines which are hybrid domain join - both AD and Azure connected...
GPO's are already applied to the device before the upgrade right? Why do you need to receive them after the upgrade, are there any Win11 specifics? Not sure if I follow you here.
If you need to receive the GPO's, when not on the internal network, than indeed only option is to Tunnel the device to the internal network (VPN) or get the setting over the internet via MDM, there is no alternative..
These GPOs are not only specific for win11, e.g. there is a configuration of local admin account or startup of OS services etc.
Plus one more question: will user be able to login at all to new OS without line of sight to AD DC?
