Should I leave the GPOs in the local Active Directory? #M365AMA
In this episode, the #M365AMA panel discusses the following community question:
“Hi I am wondering what you guys do. We have an VDI based organization and moving forward to Laptops managed by intune. All have to build up from scratch ( yah! 🙂 ). The laptops will be hybrid AD joined. Qiestion is where to put the settings (GPO). A lot of existing GPO’s do not apply or only partly apply. Meaning I can not just bind them to the new lapptops that easy. I intent to build most of the GPO settings in intune. Export, import and analyse to see what I need. Is there any reason to leave GPO’s in the local AD? How did you do this? Moved all to intune or leave a lot of stuff local in the AD”
Check out the discussion here:
Participating in this discussion were:
- Christian Buckley, RD+MVP @buckleyplanet
- Mike Nelson, MVP @mikenelsonIO
- Hal Hostetler, MVP @TVWizard
- Dan Rey, MVP+MCT @stilldrey
Some relevant notes/links shared by the team:
- Import and analyze your on-premises GPOs using Group Policy analytics in Microsoft Intune, via Microsoft Learn [https://learn.microsoft.com/en-us/mem/intune/configuration/group-policy-analytics]
- Windows 365 Cloud PCs and Microsoft Intune for VDI administrators, via Microsoft Tech Community [https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-365-cloud-pcs-and-microsoft-intune-for-vdi/ba-p/3972675]