Intune Settings catalog are new way of managing settings through Intune. Settings catalog lists all the settings you can configure, and all in one place. This feature simplifies how you create a policy, and how you see all the available settings.
We can export Microsoft Intune policies using PowerShell scripts in JSON file. The exported configuration can be imported to different tenants. Intune policies are mostly fall under two categories – Configuration and Compliance. Theses policies are further organized in sub categories such as Device Configuration Profiles, Setting Catalog etc. Each of these required different PowerShell Script to export / import data from Intune. The PowerShell Intune Samples script includes these scripts and it can be downloaded from here.
In this blog post, we will understand how to export settings catalog policies from Intune tenants. The settings for each profile will be exported in separate JSON file. The settings can be then imported to different tenants one by one. We will use SettingCatalog_Export.ps1 script from above repository to export the settings.
Export Settings Catalog Policy Configurations in JSON File
Since we are going to export Settings Catalog, let’s understand which policies will be exported. We have selected the Configuration Profiles tab and can see different profile types listed there. These includes Settings Catalog, Kiosk , Device Restriction , Administrative Templates etc. Only Settings Catalog profile type will be exported by the script.
Another configuration profiles which we have created for Windows LAPS and located under Endpoint Security / Account Protection , are also following under Settings catalog. While the Policy type columns doesn’t show that information, that can be verified when editing the policy.
While editing the policy, you can notice Settings catalog label at top left. It doesn’t matter at which blade the Settings catalog policies are created, all of them will be exported by this script.
Follow the below steps to export Settings catalog in JSON file.
- Download the Intune PowerShell scripts from PowerShell Intune Samples and extract all files to local drive.
- Run PowerShell as an Administrator
- Set PowerShell execution Policy to ByPass ( Set-ExecutionPolicy bypass )
- Install PowerShell AzureAD and Microsoft Graph Module if not already installed
- Change the location to the “SettingsCatalog” under “powershell-intune-samples-master”
- Run the script .\SettingsCatalog_Export.ps1
Note: If you encounter below error at this stage then follow this reddit post to fix the issue.
Exception calling “LoadFrom” with “1” argument(s): “Could not load file or assembly ‘file:///C:\Program Files\WindowsPowerShell\Modules\AzureAD\22.214.171.124\Microsoft.IdentityModel.Clients.ActiveDirectory.dll’ or one of its dependencies. The system cannot find the file specified.”
- Sign-in using your Intune administrator account. Select the checkbox to consent on behalf of your organization and click Accept.
- Provide the folder path to export the data. The folder will be created if it’s not exists. All of Settings catalog will be exported here in separate JSON files.
You can see progress on PowerShell window while data export is in progress.
All Settings catalog profiles are now exported. You can check the same from File Explorer. As you see, each Settings catalog profiles are exported in separate JSON file.
Here is the snapshot of one of JSON file.
Import Settings Catalog Policy from JSON File
Now the Settings catalog profiles have been exported in separate JSON files. We can import them in another tenant one by one using SettingsCatalog_Import_FromJSON.ps1 script.
Follow the below steps to import the settings using script. If you trying this from different machines where you exported the files then you may need to repeat the initial steps we followed for export. Please note that importing the policy will not place them in production. The policy will remain unassing and you need to assign them manually or through a script.
- Change the directory to “SettingsCatalog” folder and run the script .\SettingsCatalog_import_FromJSON.ps1
- Specify the JSON file name with full path which you want to import.
The settings will be imported. You can see the status on PowerShell window.
You can now see the new policy created in the portal. Since, we have imported the settings in same tenant for testing, the previous policy was renamed.
- How To Export Serial number of Multiple Devices using PowerShell SDK for Intune Graph API
- How to Export Managed Device Details from Intune
- Export Device Configuration Profiles List in Intune
- How to Export Settings Catalog Policy in Intune
- Export and Import Device Compliance Policies in Intune
Subscribe to Techuisitive Newsletter
Be the first to know about our new blog posts. Get our newsletters directly in your inbox and stay up to date about Modern Desktop Management technologies & news.