On resources with deeply nested properties such as IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10 some of them miss the CIMInstance property and therefore cannot be identified of which type they belong to. See below the values of the resource after ConvertTo-DscObject, at the bottom you may find the whole blueprint.
PS C:\> $Resource
Name Value
---- -----
Ensure Present
Description
Id REDACTED
ResourceName IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10
Assignments {System.Collections.Specialized.OrderedDictionary, System.Collections.Specialized.OrderedDictionary}
ResourceInstanceName IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10-REDACTED
PolicyConfigurationIngestio... unknown
DefinitionValues {System.Collections.Specialized.OrderedDictionary, System.Collections.Specialized.OrderedDictionary, System.Collections.Specialized.OrderedDictionary, System.Collections....
DisplayName REDACTED
PS C:\> $Resource.DefinitionValues[0]
Name Value
---- -----
CIMInstance MSFT_IntuneGroupPolicyDefinitionValue
ConfigurationType policy
Id REDACTED
Definition {Id, DisplayName, CategoryPath, PolicyType...}
Enabled True
PS C:\> $Resource.DefinitionValues[0].Definition
Name Value
---- -----
Id REDACTED
DisplayName Silently sign in users to the OneDrive sync app with their Windows credentials
CategoryPath \OneDrive
PolicyType admxIngested
SupportedOn At least Windows Server 2008 R2 or Windows 7
ClassType machine
The last object is missing a CIMInstance property with value "MSFT_IntuneGroupPolicyDefinitionValueDefinition" like this:
PS C:\> $Resource.DefinitionValues[0].Definition
Name Value
---- -----
CIMInstance MSFT_IntuneGroupPolicyDefinitionValueDefinition
Id REDACTED
DisplayName Silently sign in users to the OneDrive sync app with their Windows credentials
CategoryPath \OneDrive
PolicyType admxIngested
SupportedOn At least Windows Server 2008 R2 or Windows 7
ClassType machine
param (
[parameter()]
[System.Management.Automation.PSCredential]
$Credential
)
Configuration ConfigureMicrosoft365
{
param (
[parameter()]
[System.Management.Automation.PSCredential]
$Credential
)
if ($null -eq $Credential)
{
<# Credentials #>
$Credscredential = Get-Credential -Message "Credentials"
}
else
{
$CredsCredential = $Credential
}
$OrganizationName = $CredsCredential.UserName.Split('@')[1]
Import-DscResource -ModuleName 'Microsoft365DSC'
Node localhost
{
IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10 "IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10-REDACTED"
{
ApplicationId = $ConfigurationData.NonNodeData.ApplicationId;
Assignments = @(
MSFT_DeviceManagementConfigurationPolicyAssignments{
deviceAndAppManagementAssignmentFilterType = 'none'
dataType = '#microsoft.graph.exclusionGroupAssignmentTarget'
groupId = 'REDACTED'
}
MSFT_DeviceManagementConfigurationPolicyAssignments{
deviceAndAppManagementAssignmentFilterType = 'none'
dataType = '#microsoft.graph.groupAssignmentTarget'
groupId = 'REDACTED'
}
);
CertificateThumbprint = $ConfigurationData.NonNodeData.CertificateThumbprint;
DefinitionValues = @(
MSFT_IntuneGroupPolicyDefinitionValue{
ConfigurationType = 'policy'
Id = 'REDACTED'
Definition = MSFT_IntuneGroupPolicyDefinitionValueDefinition{
Id = 'REDACTED'
DisplayName = 'Silently sign in users to the OneDrive sync app with their Windows credentials'
CategoryPath = '\OneDrive'
PolicyType = 'admxIngested'
SupportedOn = 'At least Windows Server 2008 R2 or Windows 7'
ClassType = 'machine'
}
Enabled = $True
}
MSFT_IntuneGroupPolicyDefinitionValue{
ConfigurationType = 'policy'
Id = 'REDACTED'
Definition = MSFT_IntuneGroupPolicyDefinitionValueDefinition{
Id = 'REDACTED'
DisplayName = 'Prevent users from syncing libraries and folders shared from other organizations'
CategoryPath = '\OneDrive'
PolicyType = 'admxIngested'
SupportedOn = 'At least Windows Server 2008 R2 or Windows 7'
ClassType = 'machine'
}
Enabled = $True
}
MSFT_IntuneGroupPolicyDefinitionValue{
ConfigurationType = 'policy'
Id = 'REDACTED'
Definition = MSFT_IntuneGroupPolicyDefinitionValueDefinition{
Id = 'REDACTED'
DisplayName = 'Require users to confirm large delete operations'
CategoryPath = '\OneDrive'
PolicyType = 'admxIngested'
SupportedOn = 'At least Windows Server 2008 R2 or Windows 7'
ClassType = 'machine'
}
Enabled = $True
}
MSFT_IntuneGroupPolicyDefinitionValue{
ConfigurationType = 'policy'
Id = 'REDACTED'
Definition = MSFT_IntuneGroupPolicyDefinitionValueDefinition{
Id = 'REDACTED'
DisplayName = 'Use OneDrive Files On-Demand'
CategoryPath = '\OneDrive'
PolicyType = 'admxIngested'
SupportedOn = 'At least Windows Server 2016, Windows 10 Version 1709'
ClassType = 'machine'
}
Enabled = $True
}
);
Description = "";
DisplayName = "REDACTED";
Ensure = "Present";
Id = "REDACTED";
PolicyConfigurationIngestionType = "unknown";
TenantId = $OrganizationName;
}
}
}
On resources with deeply nested properties such as IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10 some of them miss the CIMInstance property and therefore cannot be identified of which type they belong to. See below the values of the resource after ConvertTo-DscObject, at the bottom you may find the whole blueprint.
The last object is missing a CIMInstance property with value "MSFT_IntuneGroupPolicyDefinitionValueDefinition" like this: