Forum Discussion
Security baseline with Hyper-V default switch
Continued from old TechNet blog discussion... Thanks Aaron Margosis. I've figured out what is preventing clipboard file copying. It is the GPO setting "Do not allow drive redirection" (Computer C...
I ended up changing the following two settings that helped me to work (helped by David's replies)
1. "Connection security rules from group policy not merged" - NOT CONFIGURED
2. "Policy rules from group policy not merged" - NOT CONFIGURED
David mentioned creation of rules to open ports in the firewall, but when I looked locally there was already a rule existing (no doubt created when I enabled the Hyper-V role), so I didn't punch any additional holes through the firewall. I think the wording of these policies is probably poor, as I believe the intention is to say "don't acknowledge rules created in any other way - just do what Intune tells you". Could be wrong in my summary, but I'm certainly working happily now on the Default Switch with that change.
1. "Connection security rules from group policy not merged" - NOT CONFIGURED
2. "Policy rules from group policy not merged" - NOT CONFIGURED
David mentioned creation of rules to open ports in the firewall, but when I looked locally there was already a rule existing (no doubt created when I enabled the Hyper-V role), so I didn't punch any additional holes through the firewall. I think the wording of these policies is probably poor, as I believe the intention is to say "don't acknowledge rules created in any other way - just do what Intune tells you". Could be wrong in my summary, but I'm certainly working happily now on the Default Switch with that change.
Thank you sir. Will test this and come back with results. 🙂
Edit: It worked right away! Had a VM open, unassigned me from Security Baseline, synced with Company Portal, and suddenly the VM got a IP and all is good.