Event details
Our organization is trying to transition from ConfigManager/SCCM to Intune. We are currently using Hybrid with a large (many domain) ADFS AAD setup. We currently harden via GPO on each domain. My goal is to be able to deploy policy via Intune instead of domain GPO, but it seems Intune is still in Preview and lacking policy support in MDM. As an example, CIS is our Organizations security standard, 70-90 policies are not supported in Intune MDM when importing a CIS benchmark. Word is you can setup OMA-URI custom, manual settings. Is there a way to confirm the accuracy of these strings? Is Intune still being expanded for MDM to cover all of the unsupported/missing policies? Thanks!
Joe_Lurie
Microsoft
MicrosoftWithout knowing what the 70-90 settings are, I can't give a recommendation on using OMA-URI to set them. But Settings Catalog is in GA (no Preview), and we are constantly adding settings to it. But again, without know what settings you're looking for, I can't really give more advice.
Note that some of those settings may never be translated to Intune - settings that include the word "Domain" or "Kerberos" as these are on-prem domain terms, and cloud-only devices are managed differently. Or some may be in a different spot in Intune - Firewall settings are not in Settings Catalog, but are in the Security node; Password policies are in Azure, since that's where user accounts live.
So, it's possible that at least some of these settings are there but in a different spot than you'd expect, or aren't necessary on a cloud-first device.