Microsoft Intune Endpoint security policies can be exported to JSON file using PowerShell Intune Samples script available on GitHub. These scripts are straightforward to use and come as a rescue when option to export the policy from Intune admin center is not available as of now. The option to Export Settings catalog policies are available in Microsoft admin center and Microsoft may add this for other policy types as well in future.
You can import the policies back to same tenant to create another profile or to a different tenants for testing or migration purpose. You can also use this to create a base policy with most common settings. This can be used as a template when setting up a new Intune tenant to save the efforts.
In this blog post, we will understand how to export the Endpoint security policies using PowerShell sample script and then import the policy to other tenant.
Export Endpoint Security Policies in JSON File
Follow the below steps to export Endpoint security policies in JSON file using PowerShell script. Please note that below steps will export all Endpoint security policies in the folder path you provides.
- Download the Intune PowerShell scripts from PowerShell Intune Samples and extract all files to local drive.
- Run PowerShell as an Administrator.
- Set PowerShell execution Policy to ByPass ( Set-ExecutionPolicy bypass )
- Install PowerShell AzureAD and Microsoft Graph Module if not already installed.
- Change the location to the “DeviceConfiguration” under “Powershell-intune-samples-master”
- Run the script .\EndpointSecurityPolicy_Export.ps1
- If prompted, login with your Azure AD / Entra ID credential.
- Specify a path to export the policy data.
The script will exports all Endpoint security policies in the folder path you provided. The script export each policy in separate JSON file. The current date and time appended to each file name.
You can open File explorer and browse to the folder to see all exported policies in JSON file.
Import Endpoint Security Policies in Intune
You can now import the policy in different tenant or same tenant to create another policy and then modify as per your requirement. If you are importing the policy in same tenant then its recommended to change the policy name. You can quickly do that by opening the JSON file in notepad and updated the policy name.
When you imports the policy, it’s remain unassigned. You must assign the policy to a device or user group as per your requirements.
Follow the below process to import the policy in Microsoft Intune.
- Follow the initial steps provided to export the policies.
- Run the script .\EndpointSecurityPolicy_Import_FromJSON.ps1
- If prompted, login with your Azure AD / Entra ID credential.
- Specify a path to export the policy data.
The script will read the policy and show information on the screen.
Later, you will see the message that policy in being imported to Intune. The script return to prompt once imports completes.
You can also verify the imported policy from Intune admin center. In our case, we can see two policy with same name. The one original policy which was there and another one imported from JSNON file. You can see the policy is remain unassigned.
Related Posts
- How To Export Serial number of Multiple Devices using PowerShell SDK for Intune Graph API
- How to Export Managed Device Details from Intune
- Export Device Configuration Profiles List in Intune
- How to Export Settings Catalog Policy in Intune
- Export and Import Device Compliance Policies in Intune
- How to Export Device Configuration Profiles in Intune
- How to Export Endpoint Security Policies in Intune
- How to Provision Windows 10 / Windows 11 Device using Intune and Windows Autopilot
Subscribe to Techuisitive Newsletter
Be the first to know about our new blog posts. Get our newsletters directly in your inbox and stay up to date about Modern Desktop Management technologies & news.