Edit existing config profiles

New Contributor III

Hi all,

I have 3 config profiles that are deployed to over 6K systems. I need to remove a duplicate entry under the systems extension payload..

What's the best / easier way - Should I create a new one and slowly migrate over or just edit and re-deploy?

I'm game for edit / redeploy but don't wanna cause any user impact - These config profiles are for security tools - Falcon / Netskope and Global Protect.


Esteemed Contributor II

@rkeleghan I'd suggest updating your existing profiles. If you create a new one and disable the old one then you introduce a risk that the new one might fail to install after the old is removed.

Honored Contributor II

I second @sdagley If you make a new configuration profile and remove the old one, there will be a window at which neither or both are installed which can or will cause issues. Especially if the new one fails to install or the old one fails to remove. Its best to just modify your existing configuration. 


I'd clone the old one, and remove any scopes just for a backup. Then delete it once you know everything is working. If stuff falls apart you have the old working config untouched if needed. If you don't already, add a version number to the profile name so you can easily identify which devices have which configuration profile.