Configuring Intune MDM polices sometimes is tricky. Especially when you are migrating baseline Group Policies. First of all, do not migrate everything AS IS 😣. Take a look at the Microsoft Security Baseline, tweak it to your needs, apply it to some pilot group and then build-up.

But what’s about Settings catalog limitation?

List of items

I want to configure Allow cookies on specific sites and with help of Settings catalog it seems fairly easy! 😎




There you can enter desired sites or import whole bunch of them. In my case I’m going to import over 100 dummy sites 😏.


Click Next, assign, create!

Wait what!? 🤨


As you may guess now I know what’s the issue but it was not so obvious from the start… There is a limit of 100 items on that list…

Alright let’s create one policy with 100 and then another policy with the rest! 💡

Nope…as soon as policies are digested by the device it reports with Conflict status!

What now? 🤔

Custom policy

It must be possible to implement such long and probably even longer list! I’ve started to search for OMA-Uri for that setting. And found it - ./Vendor/MSFT/Policy/Config/microsoft_edge~Policy~microsoft_edge~ContentSettings/CookiesAllowedForUrls

Now for creating custom policy


Enter desired name for policy and continue


Now what should I do with Value ??

I’ve created policy with a few urls using Settings catalog and applied them to the device. Then I took a look at the events from DeviceManagement-Enterprise-Diagnostics-Provider and found out that value should look like

<enabled/><data id="CookiesAllowedForUrlsDesc" value="1 [*.] 2 [*.]"/>

Not bad.


This separation between number, link and another item is not SPACE BAR ❗❗ It is special character encoded as &#xF000;, and with that it all should be glued

<enabled/><data id="CookiesAllowedForUrlsDesc" value="1&#xF000;[*.];2&#xF000;[*.]"/>

Knowing that, finally I can create my policy with 100 and more items!

Dummy items

For my dev environment I’ve created this teeny-tiny script to generate some dummy urls for this policy:

$String = for($i=1;$i-lt 104;$i++){
 "$i&#xF000;[*.]$(-join ((65..90) + (97..122) | Get-Random -Count 5 | ForEach-Object {[char]$_})).pl&#xF000;"
$String -join ''


I hope that I’ve helped you with this tip! You won’t find any information in MS Docs about such limitation…

See you in next! 😉 🧠