Custom OMA-URI policies are encrypte

Question

Custom OMA-URI policies are encrypte

abulgatz opened this issue 3 years ago · 0 comments

Custom OMA-URI policies are now being exported as encrypted.

The isEncrypted and the secretReferenceValueId need to be used to decrypt the policies, or they cannot be re-imported.

Example of encrypted policy:

{
  "omaSettings": [
    {
      "value": "****",
      "displayName": "Chrome ADMX Ingestion",
      "isEncrypted": true,
      "omaUri": "./Device/Vendor/MSFT/Policy/ConfigOperations/ADMXInstall/Chrome/Policy/ChromeAdmx",
      "@odata.type": "#microsoft.graph.omaSettingString",
      "secretReferenceValueId": "REDACTED-FOR-GITHUB"
    }
  ],
  "createdDateTime": "2020-01-13T07:47:15.2300703+00:00",
  "description": "",
  "displayName": "Chrome ADMX",
  "lastModifiedDateTime": "2020-11-02T23:11:30.218262+00:00",
  "roleScopeTagIds": [
    "0"
  ],
  "supportsScopeTags": true,
  "version": 13,
  "id": "REDACTED-FOR-GITHUB",
  "@odata.type": "#microsoft.graph.windows10CustomConfiguration"
}

Here is a blog post about this issue with a function you may be able to adapt to this app for decryption: Do you backup/export your Intune policies – encrypted? – DeployWindows.