Microsoft Intune Settings Catalog policy duplicator

Since publishing the Intune policy duplicator, migrator, and lifecycle management blogs, I’ve received a few questions about duplicating policies created within Settings Catalog.

Settings catalog provides a simple interface to select and configure multiple settings all from one list and currently supports Windows and macOS settings. However because settings catalog is based off a different API, when queried from Microsoft Graph the JSON is different than standard Intune policies as are the methods to create, delete, etc. Additionally, the API for Settings Catalog offers a method to create a copy of a settings catalog policy so this streamlines automation greatly.

Like the previous three posts, much of the framework is based off of the Intune policy duplicator post, however because Settings Catalog utilizes a separate API we need to change a few items. I will say working with the Settings Catalog API is much simpler than with standard policies in Intune as there’s a built-in copy method to call. If you’ve created the policy duplicator I recommend creating a new screen within the app and copy and pasting what you have from the duplicator screen to the new screen and modify from there. Otherwise, if you haven’t created the Intune policy duplicator, I recommend starting there and adding this on.

Let’s get started!

Requirements

  • Power Apps
  • Power Automate
  • Microsoft Graph
  • Microsoft Endpoint Manager – Intune

Summary

We’ll continue to build on past blog posts specifically the policy duplicator and create a simple Power App and Power Automate Flow leveraging the createCopy action in Graph.

For reference the Settings Catalog configuration policy API is located here: deviceManagementConfigurationPolicy resource type – Microsoft Graph beta | Microsoft Docs

Power Automate

We’ll utilize three flows for the app:

  • Get settings catalog profiles
  • Duplicate settings catalog profiles
  • Delete settings catalog profiles

Get Settings Configuration policies

Not much to describe here as I utilize my standard Power Automate format for getting data from Graph and parsing it to return to Power Apps, however I’ve added the schema for the Parse JSON and Response actions.

 Parse JSON action

{
    "type": "object",
    "properties": {
        "@@odata.context": {
            "type": "string"
        },
        "@@odata.count": {
            "type": "integer"
        },
        "value": {
            "type": "array",
            "items": {
                "type": "object",
                "properties": {
                    "createdDateTime": {
                        "type": "string"
                    },
                    "creationSource": {},
                    "description": {
                        "type": "string"
                    },
                    "lastModifiedDateTime": {
                        "type": "string"
                    },
                    "name": {
                        "type": "string"
                    },
                    "platforms": {
                        "type": "string"
                    },
                    "roleScopeTagIds": {
                        "type": "array",
                        "items": {
                            "type": "string"
                        }
                    },
                    "settingCount": {
                        "type": "integer"
                    },
                    "technologies": {
                        "type": "string"
                    },
                    "id": {
                        "type": "string"
                    },
                    "templateReference": {
                        "type": "object",
                        "properties": {
                            "templateId": {
                                "type": "string"
                            },
                            "templateFamily": {
                                "type": "string"
                            },
                            "templateDisplayName": {},
                            "templateDisplayVersion": {}
                        }
                    }
                },
                "required": [
                    "createdDateTime",
                    "creationSource",
                    "description",
                    "lastModifiedDateTime",
                    "name",
                    "platforms",
                    "roleScopeTagIds",
                    "settingCount",
                    "technologies",
                    "id",
                    "templateReference"
                ]
            }
        }
    }
}

 Response action



Duplicate Settings Configuration policies

To duplicate settings catalog settings we need to send over the config policy, not the settings though as we’ll make the call to graph to copy using the createcopy method.

{
    "type": "array",
    "items": {
        "type": "object",
        "properties": {
            "id": {
                "type": "string"
            },
            "description": {
                "type": "string"
            },
            "lastModifiedDateTime": {
                "type": "string"
            },
            "name": {
                "type": "string"
            },
            "createdDateTime": {
                "type": "string"
            },
            "platforms": {
                "type": "string"
            },
            "settingCount": {
                "type": "integer"
            },
            "technologies": {
                "type": "string"
            }
        },
        "required": [
            "createdDateTime",
            "description",
            "id",
            "lastModifiedDateTime",
            "name",
            "platforms",
            "settingCount",
            "technologies"
        ]
    }
}


Delete Settings Catalog policies

For deleting settings catalog policies all we need is to pass over the ID of the policy to Graph.

https://graph.microsoft.com/beta/deviceManagement/configurationPolicies/@{items('Apply_to_each')['id']}

{
    "type": "array",
    "items": {
        "type": "object",
        "properties": {
            "id": {
                "type": "string"
            }
        },
        "required": [
            "id"
        ]
    }
}


Power Apps

Either create a new Power App or simply add another screen to the existing duplicator app.

Search items is identical to the duplicator app, please follow those steps to recreate.

Prefix value is identical to the duplicator app, please follow those steps to recreate.

Description is a new field, however we’ll collect this information if populated via a variable from Power Automate.

Refresh List button

ClearCollect(SettingsCatalog,'SettingsCatalog-Getdeviceconfigurations'.Run())

Gallery is identical to the duplicator app, please follow those steps to recreate.

Duplicate button

'SettingsCatalog-Copyconfigurationprofile'.Run(JSON(SelectedPolicy,JSONFormat.IndentFour),'TextInput-Prefix'.Text,'TextInput-Description'.Text);Clear(SelectedPolicy);UpdateContext({ClearCheckbox:true});UpdateContext({ClearCheckbox:false});UpdateContext({CheckCheckbox:true});UpdateContext({CheckCheckbox:false})

Delete config button

'SettingsCatalog-Deleteconfigurations'.Run(JSON(SelectedPolicy.id,JSONFormat.IndentFour))

Conclusion
That’s it! We’ve updated the Intune policy duplicator app to add a Settings Catalog duplicator. If you have any ideas about creating a tool with Power Apps and/or Power Automate you can find me @mscloudinfa or on LinkedIn.

Author: Courtenay Bernier

Courtenay is a technology professional with expertise in aligning traditional software and cloud services to strategic business initiatives. He has over 20 years of experience in the technology field as well as industry experience working with distribution centers, call centers, manufacturing, retail, restaurant, software development, engineering, and consulting. I am a Principal PM on the Microsoft Endpoint Management Engineering Team, all posts, opinions, statements are my own.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.