How to Export Endpoint Security Policies in Intune

Microsoft Intune Endpoint security policies can be exported to JSON file using PowerShell Intune Samples script available on GitHub. These scripts are straightforward to use and come as a rescue when option to export the policy from Intune admin center is not available as of now. The option to Export Settings catalog policies are available in Microsoft admin center and Microsoft may add this for other policy types as well in future.

You can import the policies back to same tenant to create another profile or to a different tenants for testing or migration purpose. You can also use this to create a base policy with most common settings. This can be used as a template when setting up a new Intune tenant to save the efforts.

In this blog post, we will understand how to export the Endpoint security policies using PowerShell sample script and then import the policy to other tenant.

Export Endpoint Security Policies in JSON File

Follow the below steps to export Endpoint security policies in JSON file using PowerShell script. Please note that below steps will export all Endpoint security policies in the folder path you provides.

  • Download the   Intune PowerShell scripts from PowerShell Intune Samples and extract all files to local drive.
  • Run PowerShell as an Administrator.
  • Set PowerShell execution Policy to ByPass ( Set-ExecutionPolicy bypass )
  • Install PowerShell AzureAD and Microsoft Graph Module if not already installed.
  • Change the location to the “DeviceConfiguration” under “Powershell-intune-samples-master”
  • Run the script .\EndpointSecurityPolicy_Export.ps1
  • If prompted, login with your Azure AD / Entra ID credential.
  • Specify a path to export the policy data.

EndpointSecurityPolicy_Export.ps1

The script will exports all Endpoint security policies in the folder path you provided. The script export each policy in separate JSON file. The current date and time appended to each file name.

EndpointSecurityPolicy_Export.ps1

You can open File explorer and browse to the folder to see all exported policies in JSON file.

File explorer Windows 11 / Windows 11

Import Endpoint Security Policies in Intune

You can now import the policy in different tenant or same tenant to create another policy and then modify as per your requirement. If you are importing the policy in same tenant then its recommended to change the policy name. You can quickly do that by opening the JSON file in notepad and updated the policy name.

When you imports the policy, it’s remain unassigned. You must assign the policy to a device or user group as per your requirements.

Follow the below process to import the policy in Microsoft Intune.

  • Follow the initial steps provided to export the policies.
  • Run the script .\EndpointSecurityPolicy_Import_FromJSON.ps1
  • If prompted, login with your Azure AD / Entra ID credential.
  • Specify a path to export the policy data.

Import Endpoint security policy | Intune | PowerhShell script

The script will read the policy and show information on the screen.

Import Endpoint security policy | Intune | PowerhShell script

Later, you will see the message that policy in being imported to Intune. The script return to prompt once imports completes.

Import Endpoint security policy | Intune | PowerhShell script

You can also verify the imported policy from Intune admin center. In our case, we can see two policy with same name. The one original policy which was there and another one imported from JSNON file. You can see the policy is remain unassigned.

Export Endpoint Security Policies | Intune


Related Posts

Subscribe to Techuisitive Newsletter

Be the first to know about our new blog posts. Get our newsletters directly in your inbox and stay up to date about Modern Desktop Management technologies & news.


Scroll to Top