After the addition of App support using Winget, I had a few requests for the policy backup/restore to also support assignments.
Assignments
It turns out, it is not as easy as I was expecting. Within Graph, the assignments are based on group ID and obviously the group ID won’t be the same between tenants so I’ve had to add some extra functions to switch names and IDs when restoring (plus all of the functions to actually get assignments in the first place).
It also handles All Users/All Devices, including filters, but only if the filter exists and has the same name.
If the group can not be found in the destination tenant, the assignment will be skipped, it is an exact name match so no concerns about mis-assigning policies etc.
To grab the assignments, both the backup and restore functionality has been significantly amended so you will need to take new backups to use the functionality.
It works within and cross-tenant and yes, works with Gold tenants as well and of course you don’t have to restore assignments either.
Baselines
Also included is the ability to deploy a simple set of curated policies for a security baseline to any tenant to quickly get you started.
A list of policies can be found here:
https://intunebackup.com/policies.pdf
New feature updates and suggestions are always welcome! You can add them via the bugs and feature requests here:
I may be missing something but where would you actually create the base config to deploy.
Or is it just selecting what you would want when you restore?
You run a backup on your gold tenant and then select the policies to deploy to any new tenants