Event banner
Event details
64 Comments
- While moving to the cloud using Autopilot, we have two issues the 1st is accessing multiple Network share servers using full entra-id joined devices. the 2nd is follow-me printing with working on-prem printing solution. what do you recommand to fix those two issues ?
- If you have hybrid identity (active directory user accounts that are synced to entra), those users will have no issues accessing fileshares or printers from their entra joined device. If these employees are using windows hello, you just need to setup "cloud Kerberos trust" first. can you elaborate on what issues you are seeing?
in on-prem scenario the network drives are mapped in explorer and working without any additional credentials prompt from the user as the user is using the , but on autopilot case we configured a script to mount the drive with creds prompt for the user's domain logon and not the UPN which is not a simple from the UX view and not working on everytime !. and for the network printer installation we were unable to get the print queues, btw the direct printing was successful. and i suspect it has something with identiying the device which is not having a device certifcate.
- I need real-world examples of mapping drives based on job codes like we do in logon scripts in the On-Premise world. Also mapping on-premise printers. I have seen the powershell script applied to user groups but what if a user changes jobs as happens here often?
- We tried this but in the end we have too many variations of drive maps out there now. We are pushing users to onedrive/sharepoint/teams vs local drive mappings.
- Have a look at: https://intunedrivemapping.azurewebsites.net/
- Hi Donna, You might use this for example, to get you started with a solution for drive mappings https://www.inthecloud247.com/map-network-drives-on-cloud-managed-windows-devices/ It's a pretty basic solution, but might need to be expanded with checking group membership.
Welcome to On-premises to cloud native in Intune: expert tips and key considerations and the second annual Microsoft Technical Takeoff for Windows + Intune! Have a question? Post here in the Comments so we can help. Let’s make this an active Q&A!
- One thing that would be super helpful going from On-Prem to Cloud would be the ability to migrate my user profiles as part of the AzureAD/Intune onboarding process.
- Native would be nice. That was a big hold up for us too. There is a very good 3rd party tool called forenIT Profile Wizard that got us out of that. We used a bulk enrollment package and kicked off the migration on each device manually through profwiz. Worked great.
- you mean besides what enterprise state roaming https://learn.microsoft.com/en-us/entra/identity/devices/enterprise-state-roaming-enable and onedrive known folder move https://learn.microsoft.com/en-us/sharepoint/redirect-known-folders can do?
- We are working on implementing cloud management in an environment with a significant number of GPOs and GPO settings. GPO Analytics is helpful and has migrated about 75% of the required policy settings, but it leaves A LOT to be desired. We are not finding good documentation or guides for the settings that don't migrate in a "next, next, next, finish!" fashion. What's the best path to getting expert, in-depth, experienced guidance and tips for dealing with policies that don't easily migrate?
- To expand on Chad's statement that GPO Analytics has a lot to be desired we have experienced areas where it falls short of expectations. Here are some examples: Settings from custom ADMX files that have been imported into Intune are not reported on or converted by GPO analytics; GPO analytics does not account for all settings that might be available in CSPs (We got 0% conversion for Chrome GPOs even though many of those settings are in native CSPs); The GPO Analyzer does not look at GPP settings; Deprecated or unknown settings don't factor into the conversion calculation (We had some GPOs report 100% conversion even though there were deprecated or unknown settings). Given this it seems that GPO Analytics is one tool in a tool set to get you started on the road to moving towards cloud-based management. If you are looking to simply lift and shift GPOs to CSPs it is not going to get you there. Perhaps that is why the guidance is to start over and ask what the requirements are today and build CSPs from the ground up.
- Hi Chad, I’m curious what you are exactly looking for and maybe somebody from the community can share his/ her experience on it. We have used Group Policy Analytics only for checking if Intune had all the settings from our Windows, M365 and Edge baseline (this was already a few years ago). We made an overview what GP Analytics showed as not available and checked Settings Catalog if the settings which were shown as not available, if these could be managed with SC. We found out that we could build our security baselines with Intune, even completely in Setting Catalog. For all the other settings, we only moved the settings from which we knew it could cause issues for our end users if we didn’t manage these. For all the others, we used this move to the cloud as a cleanup for our GPO settings. For example the firewall rules, we started completely greenfield in Intune. And guess what, we only have a handful left. It turned most of the settings were not needed anymore.
- I have found some policies that GPO Analytics says are not supported but I am still able to upload the ADMX files to Intune and use them just fine. Making me feel like the report is inaccurate.
