Hello,

I am looking for a way to be sure that there will be no security gapbridge in the following scenario: there are windows 10 machines which are hybrid domain join – both AD and Azure connected managed by Intune and GPO. There is still a lot of security settings configured by GPO (not configured in Intune at all). We plan to use Intune feature upgrade to perform upgrade to Windows 11. It can happen for users which are working from home that they will receive Intune feature upgrade and will be upgraded to windows 11. After this as they are working from home if no VPN is established there is no AD connectivity so GPO will not be applied. This can lead to missing security configuration (which is done via GPO) and security bridge. Is there any way to handle it (except creating all GPO settings in Intune)?

​Hello,I am looking for a way to be sure that there will be no security gapbridge in the following scenario: there are windows 10 machines which are hybrid domain join – both AD and Azure connected managed by Intune and GPO. There is still a lot of security settings configured by GPO (not configured in Intune at all). We plan to use Intune feature upgrade to perform upgrade to Windows 11. It can happen for users which are working from home that they will receive Intune feature upgrade and will be upgraded to windows 11. After this as they are working from home if no VPN is established there is no AD connectivity so GPO will not be applied. This can lead to missing security configuration (which is done via GPO) and security bridge. Is there any way to handle it (except creating all GPO settings in Intune)?  Read More

​