Micke-K
commented
12 months ago Hello!
Same issue as 124?
Looks like Microsoft is changing a few things in the background so it has stopped working a couple of times.
Can you try the updated file?
Cheers!
Open mike16329 opened 12 months ago
Micke-K
commented
12 months ago Hello!
Same issue as 124?
Looks like Microsoft is changing a few things in the background so it has stopped working a couple of times.
Can you try the updated file?
Cheers!
mike16329
commented
11 months ago Hi!
I added the updated enpointmanager.psm1 to the extensions folder and then opened Intune Manager and still the ADMX imports fail. It is odd. I am trying to import 10 ADMX files (zoommeetings HKLM, zoommeetings HKCU, windows, mozilla, googleupdate, google, firefox, chrome, acrobatprodccontinuous, and acrobatdccontinuous, . In the folder I am importing from I have the JSON files, the ADMX files, and the ADML files. Only firefox, windows, google, mozilla, and acrobatdccontinuous upload successfully. The other 5 don't even attempt to import. They don't import and then say "failed to upload," they simply never even show as attempting to upload and in the log they all show the same error: Failed to invoke MS Graph with URL https://graph.microsoft.us/beta/me/photos/48x48/$value (Request ID: f0497310-878a-4180-b066-7dc896ced540). Status code: NotFound. Response message: Exception of type 'Microsoft.Fast.Profile.Core.Exception.ImageNotFoundException' was thrown. Exception: The remote server returned an error: (404) Not Found.
I even wait until the 5 that do import successfully finish uploading and try the other 5 again, but they still fail...so it doesn't seem to be a dependency issue
Mike From: Mikael Karlsson @.> Sent: Friday, October 6, 2023 10:27 PM To: Micke-K/IntuneManagement @.> Cc: Mike Lombardi @.>; Author @.> Subject: [EXTERNAL] Re: [Micke-K/IntuneManagement] Failing to Upload some ADMX Files, but others succeed (Issue #169)
You don't often get email from @.**@.>. Learn why this is importanthttps://aka.ms/LearnAboutSenderIdentification CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Hello!
Looks like Microsoft is changing a few things in the background so it has stopped working a couple of times.
Can you try the updated file?
Cheers!
- Reply to this email directly, view it on GitHubhttps://usg02.safelinks.protection.office365.us/?url=https%3A%2F%2Fgithub.com%2FMicke-K%2FIntuneManagement%2Fissues%2F169%23issuecomment-1751567088&data=05%7C01%7Cmike.lombardi%40consultdts.com%7Ca544242e8d5a4cb27af808dbc6dce757%7C68cfc1037f534386b51f5f8c45256a07%7C0%7C0%7C638322428103694895%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=QBobUkvb1JpHpuAuTmn4o968H4uz7XlxDKadskmLmb8%3D&reserved=0, or unsubscribehttps://usg02.safelinks.protection.office365.us/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FBDC6ULLGGN3QUQHRVTR7MX3X6C4XXAVCNFSM6AAAAAA5WDCFH6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTONJRGU3DOMBYHA&data=05%7C01%7Cmike.lombardi%40consultdts.com%7Ca544242e8d5a4cb27af808dbc6dce757%7C68cfc1037f534386b51f5f8c45256a07%7C0%7C0%7C638322428103694895%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=WHlixkHvsDwm9ZaFFrsOiPnjO5VkdLzzCBpNPuFQ4T0%3D&reserved=0. You are receiving this because you authored the thread.Message ID: @.**@.>>
CONFIDENTIALITY NOTICE: This message and the accompanying documents (if any) are intended only for the use of the individual or entity to which they are addressed and may contain information that is privileged, confidential, or exempt from disclosure under applicable law. Any interception, review, transmission, copying, dissemination, or other use, or taking of any action upon this information by persons or entities other than the intended recipient is strictly prohibited. It is the responsibility of the recipient to ensure that this message is virus free and no responsibility is accepted by the sender for any loss or damage arising if such a virus or defect exists. If you have received this message in error, please forward it to the sender and delete it completely from your computer system.
Micke-K
commented
11 months ago Hello,
The photo error is just the script trying to download your photo for the login info. That is expected if you don't have one.
Can you attach the full log?
So you have 10 json in the folder with admx/adml files and only 5 uploaded. Can you zip the json and admx/adml file and attach as well?
So you are having issues with the actual admx/adml upload and not policy upload?
Cheers!
mike16329
commented
11 months ago Full log attached as well as the zip that includes 10 JSON, 10 ADMX, and 10 ADML.
I am having issues getting the ADMX/ADML imported (only half succeed). But, even when I manually upload all 10 in Intune successfully, when I go to import the JSON of the admin template config it succeeds in importing but does not include any of the settings that were configured in the exported file that were available as part of imported ADMX files. For example, the admin template configuration imports but only configures built-in settings but none of the options that became available as a result of imported ADMXs. The admin template I exported has about 40 configurations, including for example zoom auto update settings that I configured after manually importing the zoom admx files. But, if I manually import the zoom admx files into another tenant and then import the admin settings JSON that includes zoom auto update configs, the admin template imports but does not include the zoom auto update settings configured. I've zipped those as well.
Mike
Windows Administrative Templates.zip
zipped json_admx_adml.zip
Micke-K
commented
11 months ago Hello,
I've started looking at this. I can replicate the issue whit the import of admx/adml.
The Windows Administrative Templates.json fails to import because it does not have the required information in it. Microsoft changed something a while back which broke the functionality. The ID of each setting is unique for each environment so it does not support migration between environments by default. The script will add additional information in the json files so that it can find the settings in the destination environment. This information is not available in the json. You will need to re-export the policy with the latest code (attached earlier). You should have "#Presentation_ID" properties in the json for this to work.
I'll try to get some time to look at the import of admx/adml soon.
Cheers!
Micke-K
commented
11 months ago Hello,
I found the issue. These admx/adml files are stored as UTF8. That caused the script to fail during the import.
I've fixed it and it will be included in the next release. I'm doing the last testing for it now.
Cheers!
mike16329
commented
11 months ago Great news! I'll be on the lookout for the next release. Thanks!
mike16329
commented
11 months ago Hi,
I re-exported the Windows Administrative Templates.json using the 3.9.1 endpointmanager.psm1 but it still fails to re-import into another environment successfully with all configurations. I did a search for presentation_ID in the Windows Administrative Templates.json and it returned zero results. I verified in Intune Manager > about showed the attached
Mike From: Mikael Karlsson @.> Sent: Friday, October 13, 2023 9:10 PM To: Micke-K/IntuneManagement @.> Cc: Mike Lombardi @.>; Author @.> Subject: [EXTERNAL] Re: [Micke-K/IntuneManagement] Failing to Upload some ADMX Files, but others succeed (Issue #169)
You don't often get email from @.**@.>. Learn why this is importanthttps://aka.ms/LearnAboutSenderIdentification CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Hello,
I've started looking at this. I can replicate the issue whit the import of admx/adml.
The Windows Administrative Templates.json fails to import because it does not have the required information in it. Microsoft changed something a while back which broke the functionality. The ID of each setting is unique for each environment so it does not support migration between environments by default. The script will add additional information in the json files so that it can find the settings in the destination environment. This information is not available in the json. You will need to re-export the policy with the latest code (attached earlier). You should have "#Presentation_ID" properties in the json for this to work.
I'll try to get some time to look at the import of admx/adml soon.
Cheers!
-
Reply to this email directly, view it on GitHubhttps://usg02.safelinks.protection.office365.us/?url=https%3A%2F%2Fgithub.com%2FMicke-K%2FIntuneManagement%2Fissues%2F169%23issuecomment-1762459108&data=05%7C01%7Cmike.lombardi%40consultdts.com%7C6e80821f514643b93fbd08dbcc5246ee%7C68cfc1037f534386b51f5f8c45256a07%7C0%7C0%7C638328426005719256%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=5R6SjsbB2glbr2yN%2FCHN253DDfQIZNuM6uQfhoZ8rvg%3D&reserved=0, or unsubscribe<https://usg02.safelinks.protection.office365.us/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FBDC6ULNOOTQ3XSV
IIYVBGRLX7HQ6FAVCNFSM6AAAAAA5WDCFH6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTONRSGQ2TSMJQHA&data=05%7C01%7Cmike.lombardi%40consultdts.com%7C6e80821f514643b93fbd08dbcc5246ee%7C68cfc1037f534386b51f5f8c45256a07%7C0%7C0%7C638328426005719256%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=63s1fUH7TKDVHkwwfaU3wv%2B1%2FenK5KnD%2FPnXEUhdUSA%3D&reserved=0>.
You are receiving this because you authored the thread.Message ID: @.**@.>>
CONFIDENTIALITY NOTICE: This message and the accompanying documents (if any) are intended only for the use of the individual or entity to which they are addressed and may contain information that is privileged, confidential, or exempt from disclosure under applicable law. Any interception, review, transmission, copying, dissemination, or other use, or taking of any action upon this information by persons or entities other than the intended recipient is strictly prohibited. It is the responsibility of the recipient to ensure that this message is virus free and no responsibility is accepted by the sender for any loss or damage arising if such a virus or defect exists. If you have received this message in error, please forward it to the sender and delete it completely from your computer system.
Micke-K
commented
11 months ago Hello,
I just released 3.9.2. I did an export and I got the additional information in the json files so this should work now.
Let me know how it goes.
Cheers!
mike16329
commented
11 months ago Hi,
This does still not appear to be working for me unfortunately. I brought down the whole new 3.9.2 package and ran that to open Intune manager (see attached about info screenshot), then exported windows the windowsadministrativetemplates.json file and attempted to import it into another tenant that already had the 10 ADMX files imported, it still only imported a partial amount of the configurations that are configured within windowsadministrativetemplates.json. It provided many instances of the same error in the log: "Failed to invoke MS Graph with URL https://graph.microsoft.us/beta/deviceManagement/groupPolicyConfigurations/80e24519-3e6a-4d11-bbce-3a39a5464bbc/definitionValues (Request ID: 4de2f687-7ff9-4eb1-bfba-78e390e573c7). Status code: NotFound. Response message: . Response message: An error has occurred - Operation ID (for customer support): 00000000-0000-0000-0000-000000000000 - Activity ID: 332691f6-54f1-45eb-b286-fd6e9f33abd4 - Url: https://fef.fxpasu01.manage.microsoft.us/GroupPolicy/GroupPolicyAdminService/b15c97ad-ffff-4233-1005-101700303213/deviceManagement/groupPolicyConfigurations('80e24519-3e6a-4d11-bbce-3a39a5464bbc')/definitionValues?api-version=5018-11-06 Exception: The remote server returned an error: (404) Not Found."
Additionally, the windowsadministrativetemplates.json does not appear to have any mention of "presentation_id" like you mentioned in an earlier post. I've attached the about info and the windowsadministrativetemplates.json that I exported using 3.9.2.
Good news is the ADMX import via Intune Manager is working with all 10 ADMX files now.
Micke-K
commented
11 months ago Hello,
Thank you for the json! I finally understand what the issue is. You have a mixed policy eg based on built-in settings and imported admx settings. I had no idea that was even an option. I manged to create one of these and export/import it in the same tenant. I did get the extra properties in the json. Note: I did NOT try export/import between environments.
Can you try this and let me know how it goes?
Cheers!
mike16329
commented
11 months ago It works!
Mike
From: Mikael Karlsson @.> Sent: Wednesday, October 18, 2023 5:38 AM To: Micke-K/IntuneManagement @.> Cc: Mike Lombardi @.>; Author @.> Subject: [EXTERNAL] Re: [Micke-K/IntuneManagement] Failing to Upload some ADMX Files, but others succeed (Issue #169)
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Hello,
Thank you for the json! I finally understand what the issue is. You have a mixed policy eg based on built-in settings and imported admx settings. I had no idea that was even an option. I manged to create one of these and export/import it in the same tenant. I did get the extra properties in the json. Note: I did NOT try export/import between environments.
Can you try this and let me know how it goes?
Cheers!
- Reply to this email directly, view it on GitHubhttps://usg02.safelinks.protection.office365.us/?url=https%3A%2F%2Fgithub.com%2FMicke-K%2FIntuneManagement%2Fissues%2F169%23issuecomment-1768067831&data=05%7C01%7Cmike.lombardi%40consultdts.com%7C9f6da7cc60fd40fccf3108dbcfbdf8c4%7C68cfc1037f534386b51f5f8c45256a07%7C0%7C0%7C638332190516015062%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=xeIRqTaDfAmcCV%2FR70LYI1FO2kmfEUxMtuNpxfssonE%3D&reserved=0, or unsubscribehttps://usg02.safelinks.protection.office365.us/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FBDC6ULPXWR35X7Q3SAVVK7DX76PQ5AVCNFSM6AAAAAA5WDCFH6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTONRYGA3DOOBTGE&data=05%7C01%7Cmike.lombardi%40consultdts.com%7C9f6da7cc60fd40fccf3108dbcfbdf8c4%7C68cfc1037f534386b51f5f8c45256a07%7C0%7C0%7C638332190516015062%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=RxBBBAe5F%2Bc0dHGLFXqNuWza%2BCNevSDdn6yL6giEi6M%3D&reserved=0. You are receiving this because you authored the thread.Message ID: @.**@.>>
CONFIDENTIALITY NOTICE: This message and the accompanying documents (if any) are intended only for the use of the individual or entity to which they are addressed and may contain information that is privileged, confidential, or exempt from disclosure under applicable law. Any interception, review, transmission, copying, dissemination, or other use, or taking of any action upon this information by persons or entities other than the intended recipient is strictly prohibited. It is the responsibility of the recipient to ensure that this message is virus free and no responsibility is accepted by the sender for any loss or damage arising if such a virus or defect exists. If you have received this message in error, please forward it to the sender and delete it completely from your computer system.
mike16329
commented
11 months ago @Micke-K I spoke too soon. It only works in some tenants and not others. The 10 ADMX files import just fine, but then the administrative templates device configuration profile imports into some tenants with all custom and built in settings, but in others only the built in settings import and the Intune manager log shows various errors that state "Could not find presentation for setting . Setting will not be configured." I even made sure to wait until I see the 10 ADMX files show successfully imported before even attempting the administrative template configuration import.
Micke-K
commented
11 months ago Hello!
Thank you for testing and coming back with results.
So it fully work in some environments and fail in others. That is a bit strange. Can you attach a log from one of them. I might have to add some additional logging to see what is happening. I'll see if I can fix that on the weekend.
Cheers!
mike16329
commented
11 months ago Sure thing Monday I’ll get logs of a successful import to a tenant and then logs from a tenant that fails
Sincerely,
Mike Lombardi, CISSP, CEH, CCP, CASP+, Security+, M.Sc.
Information Systems Security Manager
(m) 617-921-5101
(w) 571-438-9934
Book a meeting with @.***>
3033 Wilson Blvd, Ste 700
Arlington, VA 22201
www.consultDTS.comhttp://www.consultdts.com/
Accredited ISO 27001:2022 Organization
From: Mikael Karlsson @.> Sent: Friday, November 3, 2023 6:57:13 PM To: Micke-K/IntuneManagement @.> Cc: Mike Lombardi @.>; Author @.> Subject: [EXTERNAL] Re: [Micke-K/IntuneManagement] Failing to Upload some ADMX Files, but others succeed (Issue #169)
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Hello!
Thank you for testing and coming back with results.
So it fully work in some environments and fail in others. That is a bit strange. Can you attach a log from one of them. I might have to add some additional logging to see what is happening. I'll see if I can fix that on the weekend.
Cheers!
— Reply to this email directly, view it on GitHubhttps://github.com/Micke-K/IntuneManagement/issues/169#issuecomment-1793215169, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BDC6ULPMLBOO2WGFBDSOFWLYCVZETAVCNFSM6AAAAAA5WDCFH6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTOOJTGIYTKMJWHE. You are receiving this because you authored the thread.Message ID: @.***>
CONFIDENTIALITY NOTICE: This message and the accompanying documents (if any) are intended only for the use of the individual or entity to which they are addressed and may contain information that is privileged, confidential, or exempt from disclosure under applicable law. Any interception, review, transmission, copying, dissemination, or other use, or taking of any action upon this information by persons or entities other than the intended recipient is strictly prohibited. It is the responsibility of the recipient to ensure that this message is virus free and no responsibility is accepted by the sender for any loss or damage arising if such a virus or defect exists. If you have received this message in error, please forward it to the sender and delete it completely from your computer system.
mike16329
commented
11 months ago
@Micke-K I have attached two screenshots of Intune Manager logs. One showing logs during a successful upload if the administrativetemplates.json with both built in and custom settings successfully importing. The other screenshot shows logs from an unsuccessful import (the built-in settings import but the custom do not). These are both GCC High tenants. Please let me know what else I can do to assist the troubleshooting. Thanks!
Micke-K
commented
11 months ago Hello, @mike16329,
Do you swap tenants between imports? Does it work to import if you restart the app?
I cache the list of custom admx policies but I didn't clear the cache after swapping tenants or imported admx files. This will cause it to fail if importing to multiple tenants without restarting the app.
I'll fix this in the next version.
Cheers!
mike16329
commented
11 months ago Hi @Micke-K it appears to be exactly that. I was not restarting the Intune Manager app between imports. I just restarted it and imported 100% successfully into a completely new test tenant. Good to know, thanks!
Micke-K
commented
9 months ago This should be fixed in the latest version. Let me know if you still have any issues.
Cheers!
@Micke-K I manually imported 10 ADMX and their associated ADML files into Intune and then configured an Administrative template. However, when I try to use Intune Manager to import the ADMX files that I exported only some succeed. The ones that fail all fail with the same error: Failed to invoke MS Graph with URL https://graph.microsoft.us/beta/deviceManagement/groupPolicyUploadedDefinitionFiles (Request ID: bdb29314-341c-406e-9f12-20e4e7c0dceb). Status code: BadRequest. Response message: . Response message: Content Parsing exception: Data at the root level is invalid. Line 1, position 1. - Operation ID (for customer support): 00000000-0000-0000-0000-000000000000 - Activity ID: 475d06bd-18db-4cb8-95ab-e32b7fb423ea - Url: https://fef.fxpasu01.manage.microsoft.us/GroupPolicy/GroupPolicyAdminService/b15c97ad-ffff-6465-0807-100508342556/deviceManagement/groupPolicyUploadedDefinitionFiles?api-version=5018-11-06 - CustomApiErrorPhrase: ContentParsingException Exception: The remote server returned an error: (400) Bad Request.
Any thoughts?