Configuring Intune MDM polices sometimes is tricky. Especially when you are migrating baseline Group Policies. First of all, do not migrate everything AS IS š£. Take a look at the Microsoft Security Baseline, tweak it to your needs, apply it to some pilot group and then build-up.
But whatās about Settings catalog limitation?
I want to configure Allow cookies on specific sites
and with help of Settings catalog it seems fairly easy! š
There you can enter desired sites or import whole bunch of them. In my case Iām going to import over 100 dummy sites š.
Click Next, assign, create!
Wait what!? š¤Ø
As you may guess now I know whatās the issue but it was not so obvious from the startā¦ There is a limit of 100 items on that listā¦
Alright letās create one policy with 100 and then another policy with the rest! š”
Nopeā¦as soon as policies are digested by the device it reports with Conflict
status!
What now? š¤
It must be possible to implement such long and probably even longer list!
Iāve started to search for OMA-Uri for that setting.
And found it - ./Vendor/MSFT/Policy/Config/microsoft_edge~Policy~microsoft_edge~ContentSettings/CookiesAllowedForUrls
Now for creating custom policy
Enter desired name for policy and continue
Now what should I do with Value
??
Iāve created policy with a few urls using Settings catalog
and applied them to the device.
Then I took a look at the events from DeviceManagement-Enterprise-Diagnostics-Provider and found out that value
should look like
<enabled/><data id="CookiesAllowedForUrlsDesc" value="1 [*.]cemLT.pl 2 [*.]asdrW.pl"/>
Not bad.
But!
This separation between number, link and another item is not SPACE BAR āā
It is special character encoded as 
, and with that it all should be glued
<enabled/><data id="CookiesAllowedForUrlsDesc" value="1[*.]cemLT.pl2[*.]asdrW.pl"/>
Knowing that, finally I can create my policy with 100 and more items!
For my dev environment Iāve created this teeny-tiny script to generate some dummy urls for this policy:
$String = for($i=1;$i-lt 104;$i++){
"$i[*.]$(-join ((65..90) + (97..122) | Get-Random -Count 5 | ForEach-Object {[char]$_})).pl"
}
$String -join ''
I hope that Iāve helped you with this tip! You wonāt find any information in MS Docs about such limitationā¦
See you in next! š š§