Forum Discussion
Windows 10/11 22h2 Security Baseline missing in Intune
Hi, can you please enlighten when the Windows 10/11 Security Baseline will be updated to 22H2? The current baseline is of November 2021, I am sure that there are new recommedations in the new baselin...
I am also having a very difficult time getting all of the 'missing' settings discovered using the PolicyAnalyzer tool configured via Intune.
Also the PolicyAnalyzer does not account for how Intune and Defender is configuring some settings. As the usual GPO registry keys are not configured in the same location, at least for Defender. So I have spent the last 3 days going through the missing settings, to find some are actually configured.
So 3 issues really.
1 - missing native security baselines in Intune
2 - missing the settings in Intune to actually configure the s new settings
3 - Policy Analyzer tool is presuming GPO is used to configure the settings
Also the PolicyAnalyzer does not account for how Intune and Defender is configuring some settings. As the usual GPO registry keys are not configured in the same location, at least for Defender. So I have spent the last 3 days going through the missing settings, to find some are actually configured.
So 3 issues really.
1 - missing native security baselines in Intune
2 - missing the settings in Intune to actually configure the s new settings
3 - Policy Analyzer tool is presuming GPO is used to configure the settings
ThomasOReilly - re #3, that is accurate. Policy Analyzer ingests GPO backups and compares against those settings. It has no knowledge of configuration setting via MDM/CSP.
- Is there any better tool to verify if a Cloud Only manage Azure AD Joined Intune managed device is compliant with the recommended MS security Baselines? Because sifting through each 'missing' setting is unbelievably tedious.
