Analyze the local Group Policy Objects (GPOs) using Group Policy Analytics in Microsoft Intune!

%3CLINGO-SUB%20id%3D%22lingo-sub-2799094%22%20slang%3D%22en-US%22%3EAnalyze%20the%20local%20Group%20Policy%20Objects%20(GPOs)%20using%20Group%20Policy%20Analytics%20in%20Microsoft%20Intune!%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2799094%22%20slang%3D%22en-US%22%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EDear%20Microsoft%20Intune%20Friends%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EMany%20companies%20are%20looking%20to%20cloud%20solutions%20to%20support%20the%20growing%20number%20of%20field%20workers.%20But%20how%20can%20field%20workers'%20systems%20be%20managed%20with%20a%20cloud%20solution%3F%20Until%20now%2C%20these%20systems%20have%20been%20managed%20with%20the%20group%20policies%20from%20the%20local%20infrastructure.%20Can%20these%20group%20policies%20also%20be%20used%20in%20the%20cloud%20solution%3F%3C%2FP%3E%0A%3CP%3EMy%20customer%20scenario%20involved%20the%20following.%20The%20customer%20was%20considering%20re-managing%20the%20systems%20with%20Microsoft%20Intune.%20The%20majority%20of%20systems%20(both%20in-house%20and%20off-site)%20were%20managed%20with%20group%20policies.%20For%20this%20reason%2C%20I%20wanted%20to%20get%20an%20overall%20view%20first.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThis%20is%20exactly%20where%20the%20Group%20Policy%20Analytics%20tool%20from%20Microsoft%20Intune%20comes%20into%20play.%20The%20tool%20is%20still%20in%20preview%20(maybe%20not%20by%20the%20time%20you%20read%20this%20article)%2C%20but%20it%20can%20still%20be%20used%20very%20well%20for%20a%20first%20assessment.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWe%20start%20in%20the%20local%20infrastructure%20and%20launch%20Group%20Policy%20Management.%20We%20navigate%20to%20the%20Group%20Policy%20Objects%20and%20select%20a%20GPO.%20To%20examine%20the%20GPO%20in%20Intune%2C%20we%20need%20a%20GPO%20report%20file.%20Either%20we%20can%20create%20a%20report%20file%20directly%20or%20(and%20this%20is%20how%20I%20will%20do%20it)%20we%20create%20a%20backup%20of%20a%20Group%20Policy%20object.%20This%20will%20contain%20the%20report%20.xml%20file.%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22_GPO_1.PNG%22%20style%3D%22width%3A%20591px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F313935iFDD72018AAF9EF12%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22_GPO_1.PNG%22%20alt%3D%22_GPO_1.PNG%22%20%2F%3E%3C%2FSPAN%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22_GPO_2.PNG%22%20style%3D%22width%3A%20667px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F313936i4053A42DEFEF1C42%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22_GPO_2.PNG%22%20alt%3D%22_GPO_2.PNG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ENow%2C%20let's%20got%20to%20the%20Microsoft%20Intune%20Portal.%20%3CA%20href%3D%22https%3A%2F%2Fendpoint.microsoft.com%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fendpoint.microsoft.com%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EClick%20on%20Devices.%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22_GPO_3.PNG%22%20style%3D%22width%3A%20759px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F313938i83DF8B4C60D998DB%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22_GPO_3.PNG%22%20alt%3D%22_GPO_3.PNG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3ENow%20in%20the%20menu%20we%20navigate%20to%20Group%20Policy%20Analytics.%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22_GPO_4.PNG%22%20style%3D%22width%3A%20641px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F313939iAB06A861E2BFA499%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22_GPO_4.PNG%22%20alt%3D%22_GPO_4.PNG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EClick%20the%20Import%20button.%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22_GPO_5.PNG%22%20style%3D%22width%3A%20729px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F313940iBF035B23C1727BAE%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22_GPO_5.PNG%22%20alt%3D%22_GPO_5.PNG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3ELocate%20the%20gpreport.xml%20file.%20We%20have%20generated%20this%20file%20with%20the%20GPO%20backup.%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22_GPO_6.PNG%22%20style%3D%22width%3A%20831px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F313941i86C7EE8617C257AB%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22_GPO_6.PNG%22%20alt%3D%22_GPO_6.PNG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EThe%20import%20is%20quickly%20completed%2C%20close%20the%20blade%20and%20click%20on%20the%20percent%20number.%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22_GPO_7.PNG%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F313942i1163B64A3B72A407%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22_GPO_7.PNG%22%20alt%3D%22_GPO_7.PNG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EIn%20this%20example%2C%20there%20is%20no%20support%20in%20Intune%20for%20the%20lcal%20GPO%20settings.%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22_GPO_8.PNG%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F313943i90CC6F20E50922E5%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22_GPO_8.PNG%22%20alt%3D%22_GPO_8.PNG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EHere's%20another%20example%2C%20where%20we%20see%20the%20support%20from%20Intune%20is%20there.%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22_GPO_9.PNG%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F313944i8788B8FA69DCC897%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22_GPO_9.PNG%22%20alt%3D%22_GPO_9.PNG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EWe%20can%20look%20at%20some%20more%20details.%20In%20the%20menu%20select%20Reports%20on%20and%20click%20Group%20Policy%20Analytics.%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22_GPO_10.PNG%22%20style%3D%22width%3A%20497px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F313945i591DC74DF1A35721%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22_GPO_10.PNG%22%20alt%3D%22_GPO_10.PNG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EClick%20Refresh%20below%20Summary.%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22_GPO_11.PNG%22%20style%3D%22width%3A%20791px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F313947i2D4729E8BA821A1C%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22_GPO_11.PNG%22%20alt%3D%22_GPO_11.PNG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EClick%20Reports%20to%20the%20right%20of%20Summary.%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22_GPO_12.PNG%22%20style%3D%22width%3A%20695px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F313948i0D8CD72DF08CB81F%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22_GPO_12.PNG%22%20alt%3D%22_GPO_12.PNG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EClick%20on%20the%20blue%20%22Generate%20again%22%20button.%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22_GPO_13.PNG%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F313949i1E33279A3050874F%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22_GPO_13.PNG%22%20alt%3D%22_GPO_13.PNG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ENow%20you%20get%20the%20detailed%20information%20about%20the%20individual%20settings%20in%20the%20group%20policies%20and%20see%20right%20away%20whether%20they%20are%20also%20supported%20by%20Intune%20or%20not.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EMaybe%20I%20could%20help%20you%20a%20bit%20when%20it%20comes%20to%20the%20decision%20to%20manage%20devices%20with%20Microsoft%20Intune%20in%20the%20future.%20Sure%20this%20wasn't%20super%20exciting%2C%20but%20I%20still%20wanted%20to%20share%20this%20information%20with%20you.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EI%20hope%20this%20article%20was%20helpful%20for%20you%3F%20Thank%20you%20for%20taking%20the%20time%20to%20read%20this%20article.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EBest%20regards%2C%20Tom%20Wechsler%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2799094%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EIntune%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMobile%20Device%20Management%20(MDM)%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESoftware%20Management%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
MVP

 

Dear Microsoft Intune Friends,

 

Many companies are looking to cloud solutions to support the growing number of field workers. But how can field workers' systems be managed with a cloud solution? Until now, these systems have been managed with the group policies from the local infrastructure. Can these group policies also be used in the cloud solution?

My customer scenario involved the following. The customer was considering re-managing the systems with Microsoft Intune. The majority of systems (both in-house and off-site) were managed with group policies. For this reason, I wanted to get an overall view first.

 

This is exactly where the Group Policy Analytics tool from Microsoft Intune comes into play. The tool is still in preview (maybe not by the time you read this article), but it can still be used very well for a first assessment.

 

We start in the local infrastructure and launch Group Policy Management. We navigate to the Group Policy Objects and select a GPO. To examine the GPO in Intune, we need a GPO report file. Either we can create a report file directly or (and this is how I will do it) we create a backup of a Group Policy object. This will contain the report .xml file.

_GPO_1.PNG_GPO_2.PNG

 

Now, let's got to the Microsoft Intune Portal. https://endpoint.microsoft.com

 

Click on Devices.

_GPO_3.PNG

 

Now in the menu we navigate to Group Policy Analytics.

_GPO_4.PNG

 

Click the Import button.

_GPO_5.PNG

 

Locate the gpreport.xml file. We have generated this file with the GPO backup.

_GPO_6.PNG

 

The import is quickly completed, close the blade and click on the percent number.

_GPO_7.PNG

 

In this example, there is no support in Intune for the lcal GPO settings.

_GPO_8.PNG

 

Here's another example, where we see the support from Intune is there.

_GPO_9.PNG

 

We can look at some more details. In the menu select Reports on and click Group Policy Analytics.

_GPO_10.PNG

 

Click Refresh below Summary.

_GPO_11.PNG

 

Click Reports to the right of Summary.

_GPO_12.PNG

 

Click on the blue "Generate again" button.

_GPO_13.PNG

 

Now you get the detailed information about the individual settings in the group policies and see right away whether they are also supported by Intune or not.

 

Maybe I could help you a bit when it comes to the decision to manage devices with Microsoft Intune in the future. Sure this wasn't super exciting, but I still wanted to share this information with you.

 

I hope this article was helpful for you? Thank you for taking the time to read this article.

 

Best regards, Tom Wechsler

0 Replies