In this post, I would like to share about the various settings available for Windows 10 & later devices in Intune. In a traditional environment where devices are joined to Active directory domain, we used to configure the Group policies to allow/restrict the settings for the end users. In Intune, we can make use of Settings catalog profile for the configurations and assign it to the devices. This Settings catalog covers most of the settings similar to Group policies.
We also have an option to create policies matching the Active directory GPO by using the Group Policy analytics. We will now see the walkthrough of the configuration profiles,
- Navigate to Endpoint Manager admin centre -> Devices -> Windows -> Configuration Profiles -> Create Profile
- Select the platform “Windows 10 and later” and select “Settings catalog”
- We will now see the different settings/configurations available
- Click on “Add settings”
- This provides a list of categories like device level (camera, wifi, Bluetooth, etc), application level (Microsoft office, Windows Hello for Business, etc), also administrative templates (LAPS, Event forwarding, etc)
- Once you select any of the settings from the picker, you can provide the details like below,
Once done, we can assign to the groups.
Another feature is the Group Policy Analytics tool which helps to analyse the on-premises GPOs and translate to the cloud using Intune. This can be achieved by using the export & import method as of now. With that said, we must export the on-premises GPO to the XML file and import it to the Group policy analytics. Summary provides the ready for migration, not supported, deprecated policies. For more information, please visit here for pre-requisites, known issues, etc.
I hope I have covered the settings, configurations available in Intune for Windows 10 & later devices including the features in preview.