Today it’s a great day, because we make one of our Syntaro tools available as Open Source to the whole community. GPO to MSI is an easy to use PowerShell script, which allows you to convert the local policy with the help of lgpo.exe or an exported Group Policy to an MSI file. This MSI file can then be deployed with Intune to your clients. Why have we created such a solution? The modern workplace can only be controlled over OMA-MDM policies which do not provide the same settings as a GPO. Because they lack a lot of settings it’s a huge problem in all of the projects. It’s already an issue to configure the security relevant settings which Microsoft defines in their Security Baseline. We know, that OMA-URI provides a way to deploy ADMX settings, but the configuration has to be done per setting with an XML file and overall this is very complicated. And you know me, I like it simple and light.
Imagine if you have domain joined devices and some cloud only devices. With my script you can deploy the same settings to both systems, without doing a reengineering and analysis about how to set a specific setting over OMA-URI.
The usage is simple and can be done in a few minutes by following these checklists. But first of all you have to decide, if you will use an existing GPO Export or if you would like the current local policy. Then download the respective folder from our Modern & Secure Workplace Github Repository.
I hope you like it and it makes your live simpler. We have even more solutions which help in a modern managed environment. Like deploying all types of Win32/Desktops Apps, without limitations to devices over Intune or monitor Windows Defender without SCCM/WDATP.