Should I leave the GPOs in the local Active Directory? #M365AMA

In this episode, the #M365AMA panel discusses the following community question:

“Hi I am wondering what you guys do. We have an VDI based organization and moving forward to Laptops managed by intune. All have to build up from scratch ( yah! 🙂 ). The laptops will be hybrid AD joined. Qiestion is where to put the settings (GPO). A lot of existing GPO’s do not apply or only partly apply. Meaning I can not just bind them to the new lapptops that easy. I intent to build most of the GPO settings in intune. Export, import and analyse to see what I need. Is there any reason to leave GPO’s in the local AD? How did you do this? Moved all to intune or leave a lot of stuff local in the AD”

Check out the discussion here:

 

Participating in this discussion were:

• Christian Buckley, RD+MVP @buckleyplanet 
• Mike Nelson, MVP  @mikenelsonIO
• Hal Hostetler, MVP  @TVWizard
• Dan Rey, MVP+MCT  @stilldrey

Some relevant notes/links shared by the team:

• Import and analyze your on-premises GPOs using Group Policy analytics in Microsoft Intune, via Microsoft Learn [https://learn.microsoft.com/en-us/mem/intune/configuration/group-policy-analytics]
• Windows 365 Cloud PCs and Microsoft Intune for VDI administrators, via Microsoft Tech Community [https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-365-cloud-pcs-and-microsoft-intune-for-vdi/ba-p/3972675]