[GH-ISSUE #4261] [Feature Request]: Ability to rename CAPs, Intune policies, and groups in CIPP (Copy of stale #3924) #1928

New issue

Closed

opened 2026-03-02 13:48:14 +03:00 by kerem · 6 comments

kerem commented 2026-03-02 13:48:14 +03:00

Owner

Copy link

Originally created by @HappyEarthDay on GitHub (Jun 11, 2025).
Original GitHub issue: https://github.com/KelvinTegelaar/CIPP/issues/4261

Originally assigned to: @rvdwegen on GitHub.

Please confirm:

• I have searched existing feature requests (open and closed) and found no duplicates.
• **me or my organization is currently an active sponsor of the product at the $99,- level.

Problem Statement

Copy of #3924 and this FR for the PS module is waiting on this as well https://github.com/BNWEIN/CIPPAPIModule/issues/43

As an MSP, we rely on CIPP’s Standards policy templates to efficiently deploy Conditional Access policies, Intune templates, and Groups across client tenants. However, a key limitation is the inability to programmatically rename existing tenant objects to match the standardized naming conventions used by CIPP. This creates duplicate policies and groups when the existing ones serve the same purpose but have non-standard names.

For example, if a tenant already has an Intune policy called “BitLocker Enforcement,” deploying the CIPP standard “MSP Standard - BitLocker Enforcement” results in two similar policies instead of updating or aligning the existing one. This forces us to manually log in via GDAP and rename the policy before using CIPP, slowing down onboarding and standardization.

The same issue applies to Groups—if a functionally correct group exists with a non-standard name, we must manually rename it to prevent duplication.

Exposing an API endpoint to handle renaming of existing policies and groups would be a significant improvement. It would allow us to automate naming standard enforcement via the CIPP PowerShell module, enabling bulk renaming and seamless alignment with MSP standards at scale.

Benefits for MSPs

Enabling the ability to rename existing policies directly within the CIPP interface—or via exposed API endpoints—would drastically improve operational efficiency for MSPs managing multiple tenants. This functionality would allow us to align existing tenant policies and groups with CIPP-deployed standards without duplication or manual rework.

One of the key reasons we can’t simply delete and replace old policies is the need to preserve manually configured exclusions (e.g., for specific users or groups). Since CIPP doesn’t currently modify exclusions during deployment, removing a policy would require us to manually rebuild those exceptions. A rename function would retain those critical configurations while ensuring consistency in naming and standards compliance.

In addition, exposing API endpoints for renaming policies and groups in bulk would allow us to script mass updates across tenants using the PowerShell module—saving time, reducing human error, and enabling true scalability of policy standardization efforts across our client base.

Value or Importance

This feature is critically important for MSPs managing dozens—or hundreds—of tenants with varying configurations. Consistent policy naming is essential for enforcing standards, maintaining clarity across environments, and enabling efficient automation through tools like CIPP and PowerShell.

Without the ability to rename existing policies and groups, we’re forced to choose between duplicating policies (leading to confusion and potential misconfiguration) or manually renaming them via GDAP access—an inefficient and error-prone process. This severely limits the scalability and effectiveness of CIPP in multi-tenant environments.

Even beyond the interface, exposing API endpoints for policy renaming would unlock automation opportunities that are currently impossible. It would allow MSPs to perform tenant-wide or even org-wide standardization tasks with a single script, enhancing both speed and consistency.

While the feature may seem like a convenience at first glance, it actually removes a critical blocker to full automation and reinforces CIPP’s role as a centralized, scalable policy management tool for MSPs.

PowerShell Commands (Optional)

No response

Originally created by @HappyEarthDay on GitHub (Jun 11, 2025). Original GitHub issue: https://github.com/KelvinTegelaar/CIPP/issues/4261 Originally assigned to: @rvdwegen on GitHub. ### Please confirm: - [x] **I have searched existing feature requests** (open and closed) and found no duplicates. - [x] **me or my organization is currently an active sponsor of the product at the $99,- level. ### Problem Statement Copy of #3924 and this FR for the PS module is waiting on this as well https://github.com/BNWEIN/CIPPAPIModule/issues/43 As an MSP, we rely on CIPP’s Standards policy templates to efficiently deploy Conditional Access policies, Intune templates, and Groups across client tenants. However, a key limitation is the inability to programmatically rename existing tenant objects to match the standardized naming conventions used by CIPP. This creates duplicate policies and groups when the existing ones serve the same purpose but have non-standard names. For example, if a tenant already has an Intune policy called “BitLocker Enforcement,” deploying the CIPP standard “MSP Standard - BitLocker Enforcement” results in two similar policies instead of updating or aligning the existing one. This forces us to manually log in via GDAP and rename the policy before using CIPP, slowing down onboarding and standardization. The same issue applies to Groups—if a functionally correct group exists with a non-standard name, we must manually rename it to prevent duplication. Exposing an API endpoint to handle renaming of existing policies and groups would be a significant improvement. It would allow us to automate naming standard enforcement via the CIPP PowerShell module, enabling bulk renaming and seamless alignment with MSP standards at scale. ### Benefits for MSPs Enabling the ability to rename existing policies directly within the CIPP interface—or via exposed API endpoints—would drastically improve operational efficiency for MSPs managing multiple tenants. This functionality would allow us to align existing tenant policies and groups with CIPP-deployed standards without duplication or manual rework. One of the key reasons we can’t simply delete and replace old policies is the need to preserve manually configured exclusions (e.g., for specific users or groups). Since CIPP doesn’t currently modify exclusions during deployment, removing a policy would require us to manually rebuild those exceptions. A rename function would retain those critical configurations while ensuring consistency in naming and standards compliance. In addition, exposing API endpoints for renaming policies and groups in bulk would allow us to script mass updates across tenants using the PowerShell module—saving time, reducing human error, and enabling true scalability of policy standardization efforts across our client base. ### Value or Importance This feature is critically important for MSPs managing dozens—or hundreds—of tenants with varying configurations. Consistent policy naming is essential for enforcing standards, maintaining clarity across environments, and enabling efficient automation through tools like CIPP and PowerShell. Without the ability to rename existing policies and groups, we’re forced to choose between duplicating policies (leading to confusion and potential misconfiguration) or manually renaming them via GDAP access—an inefficient and error-prone process. This severely limits the scalability and effectiveness of CIPP in multi-tenant environments. Even beyond the interface, exposing API endpoints for policy renaming would unlock automation opportunities that are currently impossible. It would allow MSPs to perform tenant-wide or even org-wide standardization tasks with a single script, enhancing both speed and consistency. While the feature may seem like a convenience at first glance, it actually removes a critical blocker to full automation and reinforces CIPP’s role as a centralized, scalable policy management tool for MSPs. ### PowerShell Commands (Optional) _No response_

kerem 2026-03-02 13:48:14 +03:00

• closed this issue
• added the
  enhancement
  Planned
  labels

kerem commented 2026-03-02 13:48:15 +03:00

Author

Owner

Copy link

@rvdwegen commented on GitHub (Jun 13, 2025):

Added action to change displayname on CA policies. POST to EditCAPOlicy with the newDisplayName property.

<!-- gh-comment-id:2970308307 --> @rvdwegen commented on GitHub (Jun 13, 2025): Added action to change displayname on CA policies. POST to EditCAPOlicy with the newDisplayName property.

kerem commented 2026-03-02 13:48:15 +03:00

Author

Owner

Copy link

@rvdwegen commented on GitHub (Jun 13, 2025):

Groups can be done through EditGroup.

<!-- gh-comment-id:2970388378 --> @rvdwegen commented on GitHub (Jun 13, 2025): Groups can be done through EditGroup.

kerem commented 2026-03-02 13:48:15 +03:00

Author

Owner

Copy link

@rvdwegen commented on GitHub (Jun 13, 2025):

API support for Intune Policy displayname edits added. Note that the body will need to contain the type of policy ie configurationPolicies or windowsFeatureUpdateProfiles as the policyType property.

<!-- gh-comment-id:2970485418 --> @rvdwegen commented on GitHub (Jun 13, 2025): API support for Intune Policy displayname edits added. Note that the body will need to contain the type of policy ie configurationPolicies or windowsFeatureUpdateProfiles as the policyType property.

kerem commented 2026-03-02 13:48:15 +03:00

Author

Owner

Copy link

@rvdwegen commented on GitHub (Jun 13, 2025):

Note, front end policy name changes with the same wide support are a bit complicated because we currently use a hodgepodge of ListGraphRequest and policy specific functions.

<!-- gh-comment-id:2970500430 --> @rvdwegen commented on GitHub (Jun 13, 2025): Note, front end policy name changes with the same wide support are a bit complicated because we currently use a hodgepodge of ListGraphRequest and policy specific functions.

kerem commented 2026-03-02 13:48:16 +03:00

Author

Owner

Copy link

@HappyEarthDay commented on GitHub (Jun 16, 2025):

Groups can be done through EditGroup.

Just noting it here - I confirmed with @rvdwegen via Discord that this doesn't exist just yet

<!-- gh-comment-id:2977211989 --> @HappyEarthDay commented on GitHub (Jun 16, 2025): > Groups can be done through EditGroup. Just noting it here - I confirmed with @rvdwegen via Discord that this doesn't exist just yet

kerem commented 2026-03-02 13:48:16 +03:00

Author

Owner

Copy link

@swissbuechi commented on GitHub (Feb 16, 2026):

Groups can be done through EditGroup.

Just noting it here - I confirmed with @rvdwegen via Discord that this doesn't exist just yet

Is this still the case or did they eventually implement it?

<!-- gh-comment-id:3910661647 --> @swissbuechi commented on GitHub (Feb 16, 2026): > > Groups can be done through EditGroup. > > Just noting it here - I confirmed with @rvdwegen via Discord that this doesn't exist just yet Is this still the case or did they eventually implement it?

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

docs

dev

dependabot/npm_and_yarn/dev/uiw/react-json-view-2.0.0-alpha.42

dependabot/npm_and_yarn/dev/tanstack/react-query-persist-client-5.96.2

dependabot/npm_and_yarn/dev/mui-tiptap-1.30.0

dependabot/npm_and_yarn/dev/tanstack/react-query-devtools-5.96.2

dependabot/npm_and_yarn/dev/recharts-3.8.1

dependabot/github_actions/dev/actions/setup-node-6.4.0

copilot/add-alert-for-report-only-ca

release/beta

release/nightly

docs-maintenance

v10.4.0

v10.3.0

v10.2.0

v10.1.0

v10.0.0

v8.8.0

v8.7.0

v8.6.0

v8.5.0

v8.4.0

v8.3.0

v8.2.0

v8.1.0

v8.0.0

v7.5.0

v7.4.0

v7.3.0

v7.2.0

v7.1.0

v7.0.1

v6.4.0

v6.3.0

v6.2.0

v6.1.0

v6.0.0

v5.9.0

v5.8.5

v5.8.0

v5.7.0

v5.6.0

v5.5.0

v5.4.0

v5.3.0

v5.2.0

v5.1.0

v5.0.0

v4.9.0

v4.8.0

v4.7.0

v.4.6.0

v4.5.0

v4.4.0

v4.3.0

v4.2.0

v4.1.0

v4.0.0

v3.8.0

v3.7.0

v3.6.0

v3.5.0

v3.4.0

v3.3.0

v3.2.0

v3.1.0

v3.0.0

v2.20.0

v2.19.0

v2.18.0

v2.17.0

v2.16.0

v2.15.0

v2.13.0

v2.12.0

v2.11.2

v2.1.11.0

v.2.10.0

v2.9.0

v2.8.0

v2.7.0

v2.6.0

v2.5.5

v2.5.0

v2.4.0

v.2.3.0

v2.2.0

v2.1.2

v2.1.1

v2.1.0

v2.0.1

2.0.0

v1.5.1

v1.5.0

v1.4.3

v1.4.2

v1.4.0

v1.3.0

v1.2.1

v1.2.0

1.1.0

release

Labels

Clear labels   

API

  

Feature

  

NotABug

  

NotABug

  

Planned

  

Sponsor Priority

  

Sponsor Priority

  

bug

  

documentation

  

duplicate

  

enhancement

  

needs more info

  

no-activity

  

no-priority

  

not-assigned

  

pull-request

Mirrored from GitHub Pull Request

  

react-conversion

  

react-conversion

  

roadmap

  

security

  

stale

  

unconfirmed-by-user

  

unconfirmed-by-user

  

wontfix

No labels

API

Feature

NotABug

NotABug

Planned

Sponsor Priority

Sponsor Priority

bug

documentation

duplicate

enhancement

needs more info

no-activity

no-priority

not-assigned

pull-request

react-conversion

react-conversion

roadmap

security

stale

unconfirmed-by-user

unconfirmed-by-user

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/CIPP#1928

No description provided.