Configuration Profile Policy Creation

This guide will provide background information on creating a configuration profile that will push specified security settings to the specific onboarded device group.

Configuration Profiles

Device profiles allow you to add and configure settings, and then push these settings to managed devices in your organization.

Role Requirements

Procedure Scope: Administrators

Required Group Membership: Admin.Security

Handbook Reference

Package: TBD

Domain: TBD

Modifies: TBD

Creating a Device Configuration Profile

  1.  Navigate to the Configuration Profiles – Intune portal, locate and select the Create dropdown followed by New Policy. A pop-up will be generated where you will be able to specify an Operating System Platform scope and a Profile Type that fits the needs of your security scope. The common profile types are Setting catalog which will display all possible configurable settings on the platform, or Templates which will categorize specific settings depending on the listed security objective it is trying to achieve. Select Create when complete.
  2. You will supply basic identification information such as the Name and Description for the policy. Select Next to proceed.
  3. You will be directed to the settings catalog which has every conceivable setting for the platform that you are interfacing with. Select Add Settings, this will display the Settings Picker which will allow you to search or browse the catalog for applicable settings, selecting the settings under Setting Name will display them in the main area where you can configure the setting using the Radio Button or Value Field Select Next to proceed.
  4. Scope tag selection can be utilized if desired, it is mainly leveraged with RBAC. Select Next to continue.
  5. You will be able to configure Group Assignments or Exclusion for the policy. Locate and select the Add groups action. A pop-up will be displayed where you will supply the name of the group in the provided search bar, make sure to select the Group from the list. If done correctly they will be generated in the Selected Items section, finalize the addition by clicking Select. Select Next to proceed to revisions.
  6. The review page will allow you to see all configured settings for the profile type creation process, if you detect a discrepancy at this stage make note of the section and select Previous to go back to make the necessary alterations before finalization. If everything checks out, select Create to publish the rule.
  7. Upon successful creation the rule will show up in the list of all configuration profiles managed through Intune.

Need Assistance?

Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.