Group policy Analytics (Intune) shows some policies are not supported and some other settings are missing

Question

Group policy Analytics (Intune) shows some policies are not supported and some other settings are missing

HM 66

We are in processing of Rolling out Intune and during the import of On-prem GPOs to Group policy Analytics shows below: -

Some of the settings are unsupported - How can i do about missing settings; how can I implement those policies? I've been trying to check in Configuration policy - I found some, but few others are still missing. Do I need to use OMA-URI? For ex, Account lockout policies are listed as not supported. I found the settings under Device restrictions (Configuration) but not all settings are listed.
Some settings did not even show up as supported or unsupported. For ex: "Store passwords using reversible encryption"
It shows some settings are deprecated, i see the count but i cannot see the settings, is there a way to see it?
Is there a tool or some list which shows equivalent settings of on prem group policies vs Intune group?
I found below link and is it correct approach to find the OMA-URI from below and set the path to the one listed in below link. Some policies contain more than 1 setting for ex: ./Device/Vendor/MSFT/Policy/Config/DeviceLock/AccountLockoutPolicy contains "Account lockout threshold" , "Account lockout duration" & "Reset account lockout counter after". After I mention the path , how will it know which setting its applying, will it pick up the setting from name ?
:- https://learn.microsoft.com/en-us/windows/client-management/mdm/policy-csp-admx-kerberos

Accepted answer

0 additional answers

Your answer

Answer 1

ZhoumingDuan-MSFT 17,165 Microsoft External Staff

@HM, Thanks for posting in Q&A.

Based on my research, Not all GPO settings have a direct equivalent in Intune. For settings that are unsupported or missing in Intune, you might need to use OMA-URI settings, so, without knowing exactly which settings you are referring to here, no concrete help can be provided except to go search the Settings Catalog. @Joost Gelijsteen posted a couple of great links.

And finally, if you want to still some analysis and conversion, there is a tool called Group Policy Analytics that will help you with this: https://learn.microsoft.com/en-us/mem/intune/configuration/group-policy-analytics

Hope above information can be helpful.

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

ZhoumingDuan-MSFT 17,165 Reputation points Microsoft External Staff

2024-07-12T06:21:43.7033333+00:00

@HM, Hope things going well.

If there is any update, feel free to let me know.
ZhoumingDuan-MSFT 17,165 Reputation points Microsoft External Staff

2024-07-23T09:01:35.3033333+00:00

@HM, Hope you have a good day.

I am currently standing by for further update from you and would like to know how things are going. If you have any questions or concerns on the recent information I've provided you, please don't hesitate to let me know.
ZhoumingDuan-MSFT 17,165 Reputation points Microsoft External Staff

2024-07-25T08:54:32.47+00:00

@HM, Hope you have a good day.

If the answer is helpful, please click "Accept Answer" and kindly upvote it to help others with the same problem as soon as possible.

Share via

Group policy Analytics (Intune) shows some policies are not supported and some other settings are missing

0 additional answers

Your answer