Windows Intune offers policy management functionality in the Policy workspace. Policy management, as implemented in this release of Windows Intune, is not connected to Group Policy. Although the two policy management systems serve the same purpose, their scopes of management vary, and they operate independently in this release of Windows Intune.
Domain-level Group Policy typically takes precedence over Windows Intune policy, unless a domain-joined client computer cannot connect to the domain controller. If connectivity to the domain controller is unavailable, Windows Intune policy is applied to the client computer.
To ensure that Windows Intune computers receive the Updates that have been approved by the admin in the Windows Intune administrator console, the follow Windows Server Update Services (WSUS) Group Policy settings, Specify Intranet Microsoft update service location do not get applied to the computers that have been registered with Windows Intune.
To avoid policy conflicts that can occur from having competing policy management systems, we recommend that administrators who deploy the Windows Intune client software make sure that client computers that are managed by Windows Intune policy are not also receiving direction from Group Policy for the same configuration settings.
The following three deployment options can help you prevent policy management problems on client computers that you want to manage by using Windows Intune.