Introducing Config Refresh for mobile device management

A new Windows 11 feature is available to help you manage your company’s policies using mobile device management (MDM). Starting with the May 2024 non-security update, you can now use Config Refresh to configure policy refresh timing to be as short as 30 minutes or as long as 24 hours. This helps improve security and compliance as you monitor that settings don’t drift from your intent. Learn how you can use the Microsoft Intune Settings Catalog to manage Config Refresh and troubleshoot it in the Event Viewer. Find more details in Intro to Config Refresh – a refreshingly new MDM feature. 

 

When will this happen: 

This feature is available for Windows 11 beginning with the May 2024 non-security update. 

 

How this will affect your organization: 

Config Refresh can help you manage devices more securely and stop configuration drift.  

 

Note: Config Refresh is designed to work with MDM policies managed by the Policy CSP. Some policies, notably the BitLocker CSP, will also adhere to Config Refresh enablement. Other policies are outside of this scope, such as Firewall, AppLocker, PDE, and LAPS. 

 

What you need to do to prepare: 

To enable Config Refresh, your PCs must be running Windows 11, version 23H2 or version 22H2 with the June 2024 security update installed (or later). To get ready, please read the official announcement and additional information linked below.  

Additional information: