Closed AADAutomatisering closed 3 days ago
This already works that way. You can set any unique settings at the tenant level.
@KelvinTegelaar
I just tried it, and when i change a setting in the standard of a customer, it shows as just 3 items, not the 46 I'd expect (AllTenants 45 + cipptest 1):
Or is the AllTenants standard applied to all tenants, even if they have their own standard? And in order not to receive the AllTenants standard you need to remediate the Do not apply All Tenants Standard to this tenant
setting?
If so, then this indeed works, but is unclear (to me at least) in the interface, and the design as shown in the proposal would still be useful.
Description of the new feature - must be an in-depth explanation of the feature you want, reasoning why, and the added benefits for MSPs as a whole.
Background
I wanted to deploy Intune for a customer, so i thought I'd try to use CIPP for this. However, I found that the only way to deploy the Intune and Group template standards for the single tenant is to create a new standard for this tenant and use the
Do not apply All Tenants Standard to this tenant
setting which means that none of the AllTenants standards won't be applied to this tenant anymore, which is not what I want. NinjaOne has a system with their policy overrides that works well, and something like that in CIPP would be a powerful addition to CIPP.Proposal
The current standards system can stay, including the![image](https://github.com/KelvinTegelaar/CIPP/assets/147389004/d8a6edf2-f9d3-4a54-872c-0dfed2b96cfd)
Do not apply All Tenants Standard to this tenant
setting. But in addition to this I would love the following: Whenever I'm in theEdit Standards
menu and I select a customer, instead of creating a new standard, I can add overrides to the AllTenants standard in the selected customer's scope. Whenever you change a setting in the standard in the tenant scope CIPP could mark that setting as an override, I can imagine it looking something like below:This override would then only affect the current tenant (Contoso.com in the above example) and that tenant would still receive all standards set in the AllTenants standard but ignore the overridden setting and use the overridden settings for that.
Benefits
This will allow MSPs to maintain a Standard across all their managed tenants, but still add customized settings for specific tenants. That tenant would then still benefit from any new settings in the AllTenant standard, while also having its own custom settings. The
Do not apply All Tenants Standard to this tenant
setting will still be useful for tenants that need a completely custom standard, and you could even add overrides to these standards so that you could, for example have the followingIn the above example the following would apply:
Do not apply All Tenants Standard to this tenant
PowerShell commands you would normally use to achieve above request
No response