Contrary to everything I’ve mentioned above about this making the transition easier than ever, in 99% of cases I would never recommend this approach.
Why? Let’s start with the number one issue: Group Policy has been mainstream for well over 10 years. For some companies this means 10 years’ worth of policies that have been built up. Upon inspection most of these will have settings that are not remotely relevant anymore, or haven’t been since Windows XP. Even with modern tooling and analysis, we may be bringing over policy that isn’t even relevant anymore and generating more work for ourselves.
The term “best practice” is also used a lot when talking about group policy. This may be the case with some organizations, though, when challenged when the policies were last re-done to ensure they were still best-practice, the room can often fall silent. Thankfully this is another area where Microsoft has taken a lot of the work out of what would normally be a tiring annual review of policy. By utilizing the security baseline policies published in Endpoint Manager we can ensure that we have an up to date, best-practice configuration that is relevant to a modern endpoint estate. , Microsoft also takes over the heavy lifting by producing new versions of the baseline and publishing them to you for review before deployment.
I could list several other reasons why this is not the best approach to take, but instead let’s flip this around and say, what benefit does a fresh start give us?
A Clean Slate approach allows us to hit the reset button on our end user experience. , We start with vendor approved best practices and build policy as and when we need to. This can remove those “bugs in the system” where users are used to certain errors or issues due to legacy policy configuration, it also means all our configuration is relevant and up to date.
There are certain use cases for this tool, but in general, similar to the approach to other cloud migrations, re-architect is usually far superior to re-host.