Deploy the site exclusion key for users via Microsoft Intune

This method is used to deploy the site exclusion key to managed cloud devices. Before you begin, click here to download the PowerShell script template. We have provided you with this template so you can use it to add your text file to the Registry. Once downloaded, you will notice that the following file is available in the C:\Users\UserName\Downloads folder: Powershell_script_template.zip.

Show/Hide all imagesClosed

  1. Extract the contents of the Powershell_script_template.zip folder.

  2. Open the Exclude sites folder, followed by the PowerShell script in a Text Editor such as Notepad or Notepad++.

  3. Replace the INSERT_EXCLUDED_SITES_PATH_VALUE string with the location of the text file you created earlier within the quotation marks and save the PowerShell script.

  4. Log in to the Microsoft 365 admin center and select Admin from the App launcher. Closed

  1. Select Show all from the Navigation menu. Closed

  1. Select Microsoft Intune to open the Microsoft Intune admin center. Closed

  1. Select Devices from the Navigation menu, then Scripts and remediations on the Devices | Overview page. Closed

  1. Select the Platform scripts tab from the Devices | Scripts and remediations page, then Add > Windows 10 and later. The Add PowerShell script page appears.

  2. In the Basics section, type the name of the PowerShell script in the Name box, then select Next.

  3. In the Script settings section, click the Select a file icon to select the PowerShell script you edited earlier. Closed

The PowerShell script will add the text file to the Registry.

  1. Select Yes to run the PowerShell script using the logged on credentials.

  2. Leave all other settings as default and select Next.

  3. In the Assignments section, select Add groups (under Included groups) to display the Select groups to include blade. Closed

  1. Select the Microsoft Entra ID groups for which you want to deploy the site exclusion key, then click Select.

  2. Leave all other settings as default and select Next.

  3. Review the settings summary in the Review + add section and select Add to complete deploying the site exclusion key for users via Microsoft Intune.

When you deploy the site exclusion key via Microsoft Intune, your changes will not take effect immediately. Devices in the selected Microsoft Entra ID groups will sync automatically over a period (generally 30 minutes); you can also manually sync all the devices in the chosen groups via Bulk Device Actions or restart your computer to implement your changes immediately.

If you deploy the site exclusion key via Microsoft Intune to a device where CDM is already running, you must restart CDM on that device for your changes to take effect.

Related topics:

Deploy the site exclusion key to computers via Group Policy

Deploy the site exclusion key for users via Group Policy