intune-conflict-detectorlisted

Find true Microsoft Intune configuration conflicts and duplicates across every policy type, including custom OMA-URI and cross-policy-type cases the native admin center hides. Use when an Intune device shows a conflict status, before assigning a new configuration profile, or to audit a tenant's exported policy set. Operates offline on a Graph export.
aharwelik/intune-conflict-detector · ★ 0 · Data & Documents · score 70

Install: claude install-skill aharwelik/intune-conflict-detector

# Intune Conflict Detector Use this skill to locate and explain Microsoft Intune policy conflicts that the native admin center either summarizes without detail or does not surface at all (custom OMA-URI settings, and the same setting named differently across policy types). ## When to use - A device or the dashboard reports a "Conflict" configuration status. - Before you assign a new configuration profile to a group, to check it will not collide with an existing assignment. - As a periodic audit of an exported tenant policy set, in CI on a committed export. ## Inputs `$ARGUMENTS` should be the path to an Intune configuration export JSON (see docs/COLLECTOR.md in this repo for how to produce one from Microsoft Graph with Policy.Read.All). If no path is given, ask the user for the export, or offer to walk them through the collector. ## Workflow 1. Confirm the export path exists. If the user has not exported yet, point them to docs/COLLECTOR.md and stop; do not invent data. 2. Run the analyzer and show the evidence, do not summarize from memory: ```bash python -m intuneconflict scan "$ARGUMENTS" ``` Add `--json` when you need to reason over the findings programmatically, and `--strict` to also fail on duplicates. 3. Read the output. For each CONFLICT, report: the canonical setting id, the two (or more) policies and their differing values, the assignment overlap (which groups or devices receive both), and whether it is a cross-policy-type or a