question

Sim1S-3143 avatar image
0 Votes"
Sim1S-3143 asked LuDaiMSFT-0289 edited

Intune policy to enforce a system restore point creation

Hello everyone,

I've been trying to see how to configure a system restore point creation schedule for all the devices connected to our Intune.

From what I've seen, one of the most useful features of Intune is the possibility to create "Configuration profiles" in order to enforce specific group policies (and much more) to every device (or user, or group, or everything else), just like the way Configuration Manager did.

I've been searching all around Microsoft forums and documentation, but I couldn't find something of use.

This is what I've dug up until now:

105392-image.png

I found this in the "Configuration profiles" settings, but the problem with it is that it requires an MSD Antivirus scan in order to trigger it:

105401-image.png

Now, yes, I could set it this way, given the fact that every device runs a scheduled MSD Antivirus scan everyday, and it would work around the problem. But I don't know whether the org is going to stick with MS Defender Antivirus, plus I don't think it's the most appropriate way to configure a system daily restore point creation schedule, since it depends on the MSD Antivirus solely.

Another interesting thing I found out is this page from the policies CSP configuration page:

105393-image.png

The only policy CSP option I found for the creation of a policy CSP related to system restore, is a policy to disable it.

Am I searching on the wrong websites? What insights can you guys give me?

Thank you very much in advance to all of you.

Best regards,
Sim

mem-intune-device-configurations
image.png (24.9 KiB)
image.png (37.1 KiB)
image.png (81.8 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

LuDaiMSFT-0289 avatar image
0 Votes"
LuDaiMSFT-0289 answered LuDaiMSFT-0289 commented

@Sim1S-3143 Thanks for posting in our Q&A.

For this issue, I have done a lot of research. For this CSP, it just decides whether to allow the user to set it manually. If enable this policy setting, the settings button is grayed out.

Currently, there is no such built-in setting can be configurated to create a system restore point without MSD Antivirus. I also find someone has already post similar request in Intune UserVoice. We can vote and post our detailed request here. This is a place to collect customers' requirements and problems. With your efforts, we are committed to improving our products. Here is the link:
https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/41579569-system-restore-points-over-intune

Thanks for understanding.


If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello @LuDaiMSFT-0289 and thank you for taking your time to answer.

I figured as much, I wanted a second opinion though since I'm not an Azure expert.
Thank you very much for your help, I'll see what I can do with PowerShell and Scheduled Tasks. In the meantime, I'll surely check UserVoice out! Thanks a lot.

A kind regard,
Sim

0 Votes 0 ·

@Sim1S-3143 You're welcome. I'm glad to discuss with you. Hope you can do something via other method. If you have any problem in the future, welcome to post in our Q&A.

Thanks and have a nice day. : )

1 Vote 1 ·