Intune – Use the Group Policy Analytics report to prepare the migration of your GPO to Endpoint Configuration Manager MDM

For years, IT administrators have been using group policy objects (GPO) – and still continue today – to manage/configure devices, both clients and servers.

With the move to a cloud-based devices management, the need to replicate as much as possible settings set using GPO is more and more relevant.

To help you prepare moving from GPO based to MDM policies based, you can use the Group Policy Analytics report available from the Intune/Endpoint Configuration Manager portal.

To start analyzing your GPO settings to find which settings can be implemented using Endpoint Configuration Manager MDM start by logging on on a device with the Group Policy Management console to export the GPO report and save it as XML file

image_thumb

Then connect to your Endpoint Configuration Manager portal (https://endpoint.microsoft.com/) and access the Devices\Group Policy Analytics blade to import the XML file generated above

NOTE the XML file to be imported can not be bigger than 1 Mb

image_thumb[1]  image_thumb[2]  image_thumb[3]  image_thumb[4]

You can import more than one XML file by repeating the above steps as many times as you need.

Once the import is completed, refresh the blade to view the list of imported GPO, showing the name of the GPO, percentage of coverage with MDM

image_thumb[5]

Then by hitting the MDM percentage support you will get details about what is supported or not by Endpoint Configuration Manager MDM, when supported you will get the minimum OS version and the Configuration Service Provider (CSP) mapping (either policy, Bitlocker, Passport for Works (aka Windows Hello), Firewall or AppLocker CSP)

image_thumb[6]

If you have imported more than one GPO report, you can have a global report by accessing the Reports\Group Policy Analytics blade

image_thumb[7]

Benoit Hamet
Benoit Hamet
Benoit is working on Microsoft collaborative technologies He has been awarded as MVP for more than 12 years Currently MVP on Office 365 after being awarded on SharePoint (2011-2012) and Windows client & server (2002-2007) Speaker at various Microsoft events (TechDays, TechNet seminars) and Quest Software He works on on-premises (Active Directory, RADIUS/NPS, Exchange, Skype for Business, SharePoint, SQL, Terminal Server, Windows client and Windows Server) or online (Azure, Intune, Office 365, Exchange Online, SharePoint Online, Skype for Business Online, Teams) technologies