Unified Endpoint Management: Intune Policies and Configurations

Unified Endpoint Management: Intune Policies and Configurations

This article discusses how to manage assignments for compliance policies, configuration profile policies, and security policies through Nerdio Manager.

Assign Policies and Profiles in Nerdio Manager

In order to configure policies and profiles on devices, you need to assign policies and profiles to security groups and then manage Intune devices through security groups.

To include or exclude groups to an assigned policy or profile:

  1. Navigate to EndpointsPolicy Management.

  2. Navigate to the desired tab -- Compliance Policies, Configuration Profiles, Security Baselines, Intune App Policies, or Windows Update Rings.

    For example:

  3. Locate the policy or profile you wish to work with and select Assignments.

  4. Enter the following information:

    Note: Ensure that no group memberships overlap among the included and excluded groups. See the Microsoft article for more information.

    • Included Groups: From the drop-down list, select the groups to include.

      • All users: Select this option to create an assignment for all Intune licensed users in your organization.

        Note: You can only use the All users and All devices options for one type of assignment.

      • All devices: Select this option to create an assignment for all Intune enrolled devices.

    • Excluded Groups: From the drop-down list, select the groups to exclude.

  5. Once you have made the desired selections, select Confirm.

    The assignment task starts.

  6. Track the assignment task's progress in the Tasks section.

  7. Once the task completes, you can view the number of assigned and excluded groups.

Remove Assigned or Excluded Groups

Nerdio Manager allows you to remove assigned or excluded groups from policies and profiles.

To remove assigned or excluded groups from policies and profiles:

  1. Navigate to EndpointsPolicy Management.

  2. Select the desired tab.

  3. Locate the policy or profile you wish to work with.

  4. Select Assignment.

  5. Locate the group you wish to remove and select X.

  6. Once you have removed all the desired groups, select Confirm.

Manage Conditional Access Policies

Nerdio Manager allows you to manage conditional access policies.

Note: Conditional access policy management requires the additional permission Policy.ReadWrite.ConditionalAccess (application) to be assigned from the Settings > Azure environment > Intune tile. Assigning this permission requires the logged in user to have Privileged Role Administrator or Global Administrator permissions.

To manage Conditional Access policies:

  1. Navigate to EndpointsPolicy Management.

  2. In the Conditional Access tab, locate the policy you wish to work with and select Assignments.

  3. Enter the following information:

    • All users: Select this option to create an assignment for all Intune licensed users in your organization.

    • Select users and groups: Select this option to select specific users and groups.

    • Included Users and Groups: From the drop-down list, select the users and groups to include.

    • Excluded Users and Groups: From the drop-down list, select the users and groups to exclude.

    • Enable policy: Select whether the policy should be enabled, disabled, or for reporting only.

  4. Once you have entered all the desired information, select Confirm.

Edit Policies and Profiles

Nerdio Manager allows you to edit policies and profiles configurations using a JSON editor.

To edit policies and profiles:

  1. Navigate to EndpointsPolicy Management.

  2. Select the desired tab.

  3. Locate the policy or profile you wish to work with.

  4. From the action menu, select Edit.

  5. Optionally, from the Backups drop-down list, select the backup to restore.

  6. Make all the desired changes and select Confirm.

Bulk Actions on Policies and Profiles

Nerdio Manager allows you to perform bulk actions on policies and profiles.

To perform bulk actions on policies and profiles:

  1. Navigate to EndpointsPolicy Management.

  2. Select the desired tab.

  3. Select the various policies or profiles you wish to perform a bulk action on.

  4. From the Bulk actions menu, select the bulk action you wish to perform. For example:

Backup and Restore Policies and Profiles

Nerdio Manager allows you to backup and restore policies and profiles configurations. You are able to backup policies and profiles to a known-good configuration. You can then restore policies and profiles without the need to document all the settings. You may test policy and profile changes quickly, with the confidence that you can revert to a previous version. You may also recover from policy and profile change mistakes or corruption.

To create a backup of policies and profiles:

  1. Navigate to EndpointsPolicy Management.

  2. Select the desired tab.

  3. Locate the policy or profile you wish to work with.

  4. From the action menu, select Backup.

  5. Enter the following information:

    • Change Log: Type the change log message.

    • Tags: Optionally, select or type any desired tags.

  6. Once you have entered all the desired information, select Create.

To restore a backup of policies and profiles:

  1. Navigate to EndpointsPolicy Management.

  2. Select the desired tab.

  3. Locate the policy or profile you wish to work with.

  4. From the action menu, select Edit.

  5. From the Backups drop-down list, select the backup to restore.

  6. Once you have made all the desired changes, select Confirm.

To delete backups of policies and profiles:

  1. Navigate to EndpointsPolicy Management.

  2. Select the desired tab.

  3. Locate the policy or profile you wish to work with.

  4. From the action menu, select Manage Backups.

  5. Select the backup(s) to delete.

  6. Type CONFIRM and then select Delete selected backups.

Was this article helpful?

0 out of 0 found this helpful
Have more questions? Submit a request

Comments (0 comments)

Please sign in to leave a comment.