One-Time Publish Option for Intune Policies (Answered)

Avatar
Bernhard Vreugdenhil

Hi Nerdio Team,

I would like to request a new feature for the Intune policy management. Currently, the available options for publishing policies are manual and automatic, but both options overwrite the policy when republishing. This can be problematic when we need to ensure that a policy remains unchanged after its initial publication.

I propose adding an option to publish an Intune policy just once. This feature would allow us to publish a policy without the risk of it being overwritten during subsequent republishing processes. It would greatly enhance our ability to maintain stable and consistent policy settings across our environment.

Additionally, some policies are highly customer-specific, such as the onboarding for Microsoft Defender for Endpoint (MDE) policy for Mac devices. These policies cannot be managed effectively with variables or similar methods, making a one-time publish option even more critical.

2

Comments (1 comment)

Sort by
0
Avatar
Dave Stephenson

That's an interesting idea.
You have some very great use-cases for it.
Instead of deploying a Policy, you want to deploy a Template and then customize it at the Account (Intune) level.

My brain is stuck on the reporting/updating piece of this though. (and maybe this will ultimately be a “Nerdio problem to figure out” 😂)

Playing devil's advocate for a minute, let's say we implement this and you push-out Intune templates to your customers.
You then notice a problem and need to go back and update the template for all of the customers where you deployed the template. Or, you forgot to apply the template to a particular customer (assuming you weren't able to put this in a Policy Baseline) and now they are having issues.

  • Would you want some kind of “deployment report” that would show you all of the accounts where you deployed that template?
  • If you do need to make a change, would you need/want it to be like a Global FSLogix Profile where you could choose which settings to include/don't include? 
    (I don't think this is technically possible right now, but curious if that's a need)
  • If you forgot to assign the template to a customer, would you want that to show-up on some kind of drift or exception report?

 

Please sign in to leave a comment.