Contact Us

Contact Us
Select Page

Change Manager for Group Policy/Intune®

Modern change control for Group Policy and Intune: governance, security, and operational scale

Change Manager for Group Policy and Intune delivers modern configuration governance for both Group Policy and Intune profiles. Our web-based platform provides role-based change control for GPOs, AD containers, and Intune profiles, with roles for editors, approvers, and deployers. Scheduled deployments ensure smooth change implementation. Automatic detection of out-of-band changes helps prevent policy tampering and detect suspicious activity.

Whether you are seeking change control for your configuration management environment or getting ready to migrate from the retiring Advanced Group Policy Management (AGPM) tool, Change Manager for Group Policy/Intune will help you to:

 

  • Ensure business continuity by preventing misconfigurations from becoming incidents and reducing the risk of operational disruption.
  • Reinforce security with strict change control and object delegation that reduces the risk of policy changes being maliciously exploited.
  • Recover quickly by rolling back and restoring capabilities to limit the impact of risky changes.
  • Scale operations with streamlined workflows and safe delegation so teams can move faster without sacrificing governance.

Microsoft AGPM is End of Life -- April 14 2026!

Switch to Change Manager before AGPM Goes Away!

Learn More
Request Quote
Download Free Trial
  • Web-based change control of GPO and container (site, domain, OU) changes, as well as Intune Configuration Profiles
  • Unified dashboard with a bird’s-eye view of all GPOs, containers, and Intune profiles, with status captured
  • Ability to delegate editors, approvers, and optionally, deployers, at the GPO, container, and profile level
  • Virtual “Admin containers” allow for grouping of associated GPOs, containers, and profiles for delegation
  • Ability to quickly compare differences across versions
  • Restore deleted GPOs
  • Ability to search for settings across GPOs or Intune profiles
  • Approval-based workflow with immediate or scheduled deployment
  • Role-based access control of product administration
  • Ability to restrict editing of GPO policy areas to specific users and groups
  • Ability to enforce GPO naming standards
  • Single sign-on (SSO) and delegation using Entra ID users and groups
  • “Break Glass” role for emergency changes
  • PowerShell module for automation of most CMGPI tasks
  • Email & MS Teams alerting of changes, approvals, and deployments
  • Automatic detection of out-of-band changes
  • History of changes for each object
  • Modern, web-based architecture
  • Support for HA deployment

Datasheet: Change Manager for Group Policy 1.9

Webinar: June 2025 Webinar on Preparing for Microsoft AGPM end-of-life

Webinar: May 2023 Webinar on Group Policy Objects: Active Directory’s Hidden Security Trap

Product Video: CMGPI 1.9 Walkthrough

FAQ: SDM Software Governance FAQ

  • Operating Systems Supported for Installation: Microsoft® Windows® Server 2016, 2019, 2022 & 2025
  • Memory: Recommended 1GB free RAM
  • Hard Disk: Minimum 100MB free disk space
  • SQL Server 2017+, Azure SQL or LocalDB for evaluation installations
  • Microsoft .NET Framework 4.7.2+, Microsoft GPMC and Microsoft Windows PowerShell 5.x for PowerShell module
  • Chrome or Edge client browsers supported

 

  • Product is licensed on an annual subscription basis, based on the number of active computer accounts in all domains/tenants under management. Contact sales@sdmsoftware.com to get a quote.

 

FAQ

What is Change Manager for Group Policy/Intune, and how does it help with GPO management?

Change Manager for Group Policy/Intune is a web-based configuration change control platform for Group Policy and Intune profiles. It centralizes GPO management with role-based delegation, version history, scheduled deployments, fast rollback, and automatic detection of out-of-band changes so teams can govern policies at scale.

Is Change Manager for Group Policy/Intune an AGPM alternative?

Yes. Change Manager for Group Policy/Intune is a practical AGPM alternative for teams that need modern change control and governance. It supports the same core workflows many expect from Advanced Group Policy Management while extending support to Intune profiles and adding features such as scheduled deployments, out-of-band change detection, and richer role models.

How does Change Manager for Group Policy/Intune address AGPM retirement and migration planning?

Change Manager for Group Policy/Intune provides migration-friendly capabilities for organizations preparing for AGPM retirement. The product lets you export and compare GPO backups, preserve version history, and run staged or scheduled deployments to minimize risk during the transition.

What configuration change control features does Change Manager for Group Policy/Intune provide?

Change Manager for Group Policy/Intune delivers approval-based change control, GPO version comparison, export of checked-out objects, recycle bin restore, and fine-grained control over security filtering, WMI filters, and container linking. These configuration change control features reduce policy drift and help prevent misconfigurations from becoming incidents.

Can Change Manager for Group Policy/Intune handle both on-premises Group Policy and Intune profile management?

Yes. Change Manager for Group Policy/Intune provides unified management for GPOs, AD containers, and Intune Configuration Profiles in a single web-based dashboard. That unified approach simplifies hybrid GPO management, enables consistent policy governance across environments, and reduces operational friction for administrators.