That's a wrap for today. Want to stay engaged and informed?  https://aka.ms/JoinIntuneCommunity

how is the best method to group devices based on software needs.  Something that was easily done in SCCM

Is there (or will there be) a published list of URLs for Intune and Windows Autopilot that are not allowed to be SSL inspected? I find different bits of guidance for some URLs that just happen to be explicitly called out in some notes here and there in various Learn articles, but would be great if there was a consolidated "do not perform SSL inspection on these URLs" list. We regularly encounter issues with this on-prem, and it can be difficult to ID what URLs can and can not be inspected.

Hi team,

Do you see a future roadmap for replacing the current mobile access approach to on-prem / enterprise applications through Microsoft Tunnel (Per-App VPN) with a solution that is simpler to operate and maintain?

For example, platforms like VMware Workspace ONE / AirWatch provide a more streamlined UEM experience around app access, tunneling, and policy management.

Is Microsoft planning improvements in this area to reduce operational complexity for admins managing large-scale mobile environments?

During Group Policy to Intune migration, how should we think about policy precedence and configuration profile design?

In Group Policy, we had link order, inheritance, enforcement, and policy priority, so if the same setting existed in multiple GPOs there was a predictable winning policy. In Intune, when the same setting is configured in multiple profiles, it appears to report a conflict instead of applying a clear priority model.

What is Microsoft’s recommended approach for structuring Intune configuration profiles to avoid these conflicts? For example, should we organize profiles by security baseline, setting category, device role, user group, or application/workload? And if different teams need to manage overlapping settings, what design pattern is recommended for ownership, exceptions, and conflict prevention?

Without OUs how can Intune policies be applied to different geographic locations? Can devices be tagged with the country or office they're in?

How do you replicate group policy preferences in Intune?

Will it be possible in the future to allow multiple MDMs? We would love to centrally manage our MDE configs from Intune, but we can't on MacOS because compliance is established by JAMF. Soon as we try to enforce MDE configs on MacOS, Intune takes over establishing compliance for the device incorrectly, breaking other processes we have/need  Had a case with Microsoft that determined Intune doesn't support multiple MDMs. :( 

Hello,

SCCM out Intune IN...is there any checklist to analyze GPOs in AD/SCCM to help do the "same" in intune. Templates, bases lines github readay to deploy repository ?

Our org has just recently enabled the 90-day Intune Suite trial, to kind of "get in" early to the E3/E5 upgrades in July. Are there any gotchas to be aware of when the trial ends and the features become included in our licensing? (Especially for E3 customers that would "lose" features when the trial ends)