Intune – Policy Sets
From nhogarth.net by Nick Hogarth
The ability to create Policy Sets came out in Intune in October 2019. This nice new feature allows you to group together different policies and applications and assign them to an Azure AD group. This post will show an example of creating a Policy Set for Windows 10 with a few policies and an app, and deploying it to an Azure AD group.
You can include the following management objects in a policy set:
- App configuration policies
- App protection policies
- Device configuration profiles
- Device compliance policies
- Device type restrictions
- Windows autopilot deployment profiles
- Enrollment status page
At the time of writing this, you can see the Policy Sets in Intune in portal.azure.com but not in the M365 portal.
Click Create to create a policy set.
In my example, I am creating one for Windows 10.
If you look at the Known Issues link above, only these apps are supported for Policy Sets today:
iOS store app
iOS line-of-business app
Managed iOS line-of-business app
Android store app
Android line-of-business app
Managed Android line-of-business app
Office 365 ProPlus Suite (Windows 10)
Built-in iOS app
Built-in Android app
I have selected Office 365 then clicked Net.
I have selected some of my Device configuration profiles that I want to be applied:
I have assigned this to a group.
Once finished, click Review + create.
The device will apply the configurations from the Policy Set even if the individual apps and policies are not assigned to the group.
Policy Sets are still in preview at the moment and Microsoft will continue to improve them.