Close Menu
    Facebook X (Twitter) Instagram
    Sunday, June 22
    X (Twitter) LinkedIn
    All about Endpoint Management
    • Home
    All about Endpoint Management
    Home»Intune»App protection policies»How to export Intune MAM policy settings using powershell ?

    How to export Intune MAM policy settings using powershell ?

    Eswar KonetiBy Eswar KonetiJuly 08, 5:35 pm2 Mins Read App protection policies 9,943 Views
    Share
    Facebook Twitter LinkedIn Reddit

     

    I had request from security asking for updated intune App protection (MAM) policies . When the request come, i was trying to look for document in SharePoint portal if there any created .As part of intune implementation policy ,there should be a document that refers app protection policies according to the security requirement. In this case ,i don't have any document to provide to them (it was not created earlier).

    How to create document with all Intune app protection policy settings configured ? Well ,you can go the intune app protection policies ,click on the policy and start noting down the policy settings .

    Follow the TechNet guide below for iOS and Andriod  app protection policy settings :

    https://docs.microsoft.com/en-us/intune/app-protection-policy-settings-ios

    https://docs.microsoft.com/en-us/intune/app-protection-policy-settings-android

    If you have only 2 policies created then it wouldn’t take long time to capture it manually but if you have more  ,manually going through the policy and start noting down is not good practice.

    So the only way (at the time of writing this blog post) is using powershell that can automate for us . I started searching for API /powershell.

    There is also user voice created for this request https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/9802914-there-needs-to-be-a-way-to-export-all-policies-to

    While searching online ,found the intune powershell sample scripts by davefalkus on https://github.com/microsoftgraph/powershell-intune-samples/tree/master/AppProtectionPolicy.

    Script name ManagedAppPolicy_Export.ps1

    this script will export all intune app protection policies and export to JSON file  and then import to same tenant or different tenant.

    Following are the settings ,script will export to .

    image

    Download the script .

    run the powershell script ,it prompt for authentication (make sure your Global admin approve your request to run the scripts on the tenant).

    It also ask for to create folder to store the settings.

    image

    After the script complete, it export al settings , which we will use get required information for us.

    following are the app protection policies exported by script.

    image

    If you open the file using notepad,you will see all policy settings.

    All the period /time mentioned in the file is seconds ( S ), minutes ( M ),Hours ( H ) and days ( D ) .

    image

    Description of each settings  that is exported  is available in github https://github.com/microsoftgraph/microsoft-graph-docs/blob/master/api-reference/beta/api/intune_mam_androidmanagedappprotection_create.md

    Copy the information to excel and do some formatting and you are good with it.

    You can tweak the script to export the settings into CSV file to read more appropriate and less formatting compared to JSON file.

    app protection policies export all policies export mam policies github intune intune powershell samples Powershell
    Share. Twitter LinkedIn Email Facebook Reddit

    Related Posts

    Optimize Your Intune Workflow with a Powerful Browser Extension

    March 22, 10:39 am

    Troubleshooting Windows Hello for Business PIN Reset Issues – Something went wrong

    March 06, 9:48 pm

    Migrate Microsoft 365 Updates from SCCM/MECM to Intune for Co-Managed Devices

    February 11, 9:50 pm

    Leave a ReplyCancel reply

    This site uses Akismet to reduce spam. Learn how your comment data is processed.

    Sign Up

    Get email notifications for new posts.

    Author

    I’m Eswar Koneti ,a tech enthusiast, security advocate, and your guide to Microsoft Intune and Modern Device Management. My goal? To turn complex tech into actionable insights for a streamlined management experience. Let’s navigate this journey together!

    Support

    Awards

    Archives

    © Copyright 2009-2024 Eswar Koneti, All rights reserved.

    Type above and press Enter to search. Press Esc to cancel.