Provide a mapping between GPO and OMA-URI / ADMX-backed policies
We delivered on the mapping here: https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-authentication but not on the translation. We've split this into to parts, calling this one, the mapping, complete, and making a new one for "but we still want to translate", which is here
Using Intune on Azure to manage Windows 10 PCs thru the MDM channel works great. However, many policies that are available via traditional GPO are either not available, or are available via OMA-URI and ADMX-backed policies but using different names and using a different configuration interface.
Please continue rolling out MDM policies to catch up with GPO; and at the same time -- perhaps more importantly -- provide a way to translate GPO to OMA-URI, where those settings are already available thru a CSP (Configuration Service Provider). This would make MDM adoption much easier for orgs seeking to migrate from a GPO-based management model.
We delivered on the mapping here: https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-authentication but not on the translation. We’ve split this into to parts, calling this one, the mapping, complete, and making a new one for “but we still want to translate”, which is here
If you still want the translation, go vote it up!
Thank you so much for your suggestions, and for helping advance this as separate asks.
Uh, how does CSP Authentication have to do with the mapping between GPO and OMA-URI / ADMX-backed policies? I would have expected some sort of cross reference document showing OMA-URI = GPO. Am I missing something?
Splitting is okay for me, makes sense.
Agree with Thomas here.
Nope, I don't agree with closing. I'm waiting for the part "provide a way to translate GPO to OMA-URI", so I'd like to see some help to take any ADMX and generate corresponding OMA-URI files...
Yes, they are now names of the original names of GPO like "LetAppsAccessCellularData", but the path for GPO will be also great. Or published GPO templates as security baselines should have mapping done 1:1. Thanks.
If I'm not mistaken, this is now being provided, so maybe we can close this?
Not so much for Office, though.
Yes! This will be a nice improvement. For Windows 10 and for Office suite also!
Marius A. Skovli commented
When creating an web app in Intune, let us specify the Icon that will be visible from the Start Menu.