After the addition of App support using Winget, I had a few requests for the policy backup/restore to also support assignments.
It turns out, it is not as easy as I was expecting. Within Graph, the assignments are based on group ID and obviously the group ID won’t be the same between tenants so I’ve had to add some extra functions to switch names and IDs when restoring (plus all of the functions to actually get assignments in the first place).
It also handles All Users/All Devices, including filters, but only if the filter exists and has the same name.
If the group can not be found in the destination tenant, the assignment will be skipped, it is an exact name match so no concerns about mis-assigning policies etc.
To grab the assignments, both the backup and restore functionality has been significantly amended so you will need to take new backups to use the functionality.
It works within and cross-tenant and yes, works with Gold tenants as well and of course you don’t have to restore assignments either.
Also included is the ability to deploy a simple set of curated policies for a security baseline to any tenant to quickly get you started.
A list of policies can be found here:
New feature updates and suggestions are always welcome! You can add them via the bugs and feature requests here: