This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 87%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
If I have a configuration profile with some administrative template settings set and assigned to a group. To remove those settings would I just move that group to the Excluded group? Or would I need to modify the settings in that config profile and then keep that group in the Included groups? Or would just removing the groups from that configuration profile set all of those settings back to their defaults?
If your exclude a group or remove the assignment, Intune doesn't remove the settings configured earlier by the polices. They stay on. To remove the settings, you will have to create another set of policy with desired configuration(revert in your case) and deploy that to the intended group of devices\users. The same group should either be added to the exclusions of existing policy containing the settings that you want to remove or the assignment itself will need to be removed. This is needed to avoid conflicts.
The Configuration profile is an "Administrative Templates" one. So if I had those set to enabled, would it be best to set those to Not Configured or Disabled on the new one that I create?
That will depend on what configuration you want. If you want to disable the setting then select that. If you want to leave it Not configured then select that. Either way the setting will change. Just take care of the conflicts and apply necessary exclusions.
@dj56 Thanks for posting in our Q&A and thanks RahulJindal for the valuable input.
For intune Configuration Profile Remove issue, whether the setting keeps the existing value or revert back to a default value, it depends on its CSP.
If we want to change a setting to a different value, it is suggested to create a new profile. For more detailed information, please refer to the following article:
https://learn.microsoft.com/en-us/mem/intune/configuration/device-profile-assign
Hope it will help.
@dj56 I am checking this thread, if you have a chance to review this thread, please check if the answer is helpful. If it is helpful, please accept the answer. It will make someone else who has the similar confusion easily find the direction.
Thanks for your kindness in advance.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 26%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVA%3C/text%3E%3C/svg%3E)
How would this work for trying to remove a custom profile from a MacOS device?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 15%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBE%3C/text%3E%3C/svg%3E)
What if I deleted the configuration policy before read this article? How can I remove this conf from client computers?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 60%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EB%3C/text%3E%3C/svg%3E)
Windows devices: After you remove or unassign the profile, have the Azure AD user sign in to the device, and sync with the Intune service.
Intune settings are based on the Windows configuration service provider (CSPs). The behavior depends on the CSP. Some CSPs remove the setting, and some CSPs keep the setting, also called tattooing.
Source: https://learn.microsoft.com/en-us/mem/intune/configuration/device-profile-troubleshoot
How would this work for trying to remove a custom profile from a MacOS device?