"New-M365DSCDeltaReport" shows differences in AAD application config but there is nothing different in ps1 files

[Sylit82]

Description of the issue

Every day an export is created about our AAD tenant with the full Azure AD scope components.

If it is compared there are always differences (same difference shown every day) with 7 applications where no modifications applied. It does not matter which 'ps1' file compared to another (we do it every day) always the same 'non existing' difference shown. I say 'non existing' because if I compare the ps1 file data regarding the mentioned applications, there are no difference.

'New-M365DSCDeltaReport' command shows 'Warnings' when run. (pasted to 'Verbose logs showing the problem' field)

Delta report shows:

Data from the ps1 file for one of the mentioned applications: (source and destination file contains the same data)

  AADApplication "AADApplication-XYZ"
    {
        AppId                   = "0e140393-7f55-4d65-953f-a587f15720f5";
        ApplicationId           = $ConfigurationData.NonNodeData.ApplicationId;
        ApplicationSecret       = New-Object System.Management.Automation.PSCredential ('ApplicationSecret', (ConvertTo-SecureString $ConfigurationData.NonNodeData.ApplicationSecret -AsPlainText -Force));
        AvailableToOtherTenants = $False;
        DisplayName             = "XYZ";
        Ensure                  = "Present";
        IdentifierUris          = @();
        KnownClientApplications = @();
        ObjectId                = "417b2c23-38f8-4469-9e3c-207097f08926";
        Owners                  = @("XYZ");
        Permissions             = @(MSFT_AADApplicationPermission {
            Name                = 'user_impersonation'
            Type                = 'Delegated'
            SourceAPI           = 'Azure DevOps'
            AdminConsentGranted = $False
        }

MSFT_AADApplicationPermission { Name = 'user_impersonation' Type = 'Delegated' SourceAPI = 'Azure Key Vault' AdminConsentGranted = $False } ); PublicClient = $False; ReplyURLs = @(); TenantId = $OrganizationName; }

Microsoft 365 DSC Version

1.23.1004.1

Which workloads are affected

Azure Active Directory

The DSC configuration

Export-M365DSCConfiguration -Components @("AADAdministrativeUnit", "AADApplication", "AADAuthenticationMethodPolicy", "AADAuthenticationMethodPolicyAuthenticator", "AADAuthenticationMethodPolicyEmail", "AADAuthenticationMethodPolicyFido2", "AADAuthenticationMethodPolicySms", "AADAuthenticationMethodPolicySoftware", "AADAuthenticationMethodPolicyTemporary", "AADAuthenticationMethodPolicyVoice", "AADAuthenticationMethodPolicyX509", "AADAuthenticationStrengthPolicy", "AADAuthorizationPolicy", "AADConditionalAccessPolicy", "AADCrossTenantAccessPolicy", "AADCrossTenantAccessPolicyConfigurationDefault", "AADCrossTenantAccessPolicyConfigurationPartner", "AADEntitlementManagementAccessPackage", "AADEntitlementManagementAccessPackageAssignmentPolicy", "AADEntitlementManagementAccessPackageCatalog", "AADEntitlementManagementAccessPackageCatalogResource", "AADEntitlementManagementConnectedOrganization", "AADGroup", "AADGroupLifecyclePolicy", "AADGroupsNamingPolicy", "AADGroupsSettings", "AADNamedLocationPolicy", "AADRoleDefinition", "AADRoleEligibilityScheduleRequest", "AADRoleSetting", "AADSecurityDefaults", "AADServicePrincipal", "AADTenantDetails", "AADTokenLifetimePolicy", "AADUser") -ApplicationId $ApplicationId -ApplicationSecret $ApplicationSecret -TenantId $TenantId -Path $path

New-M365DSCDeltaReport -Source "C:\M365DSC\Exports\M365DSC_export_$($sourcedate).ps1" -Destination "C:\M365DSC\Exports\M365DSC_export_$($date).ps1"

Verbose logs showing the problem

New-M365DSCDeltaReport -Source "C:\M365DSC\Exports\M365DSC_export_$($sourcedate).ps1" -Destination "C:\M365DSC\Exports\M365DSC_export_$($date).ps1" -OutputPath "C:\M365DSC\DeltaReports\DeltaReport.html"

WARNING: ConvertTo-DSCObject: "" (line 4912): There is an incomplete property assignment block in the instance definition.
WARNING: ConvertTo-DSCObject: "}" (line 4946): Unexpected token '}' in expression or statement.
WARNING: ConvertTo-DSCObject: "}" (line 125664): Unexpected token '}' in expression or statement.
WARNING: ConvertTo-DSCObject: "}" (line 125665): Unexpected token '}' in expression or statement.
WARNING: ConvertTo-DSCObject: "AADAuthenticationMethodPolicyAuthenticator" (line 4891): Resource 'AADAuthenticationMethodPolicyAuthenticator' requires that a value of type 'String' be provided for property 'Id'.
WARNING: ConvertTo-DSCObject: "" (line 4912): There is an incomplete property assignment block in the instance definition.
WARNING: ConvertTo-DSCObject: "}" (line 4946): Unexpected token '}' in expression or statement.
WARNING: ConvertTo-DSCObject: "}" (line 125682): Unexpected token '}' in expression or statement.
WARNING: ConvertTo-DSCObject: "}" (line 125683): Unexpected token '}' in expression or statement.
WARNING: ConvertTo-DSCObject: "AADAuthenticationMethodPolicyAuthenticator" (line 4891): Resource 'AADAuthenticationMethodPolicyAuthenticator' requires that a value of type 'String' be provided for property 'Id'.

Environment Information + PowerShell Version

OsName               : Microsoft Windows 11 Pro
OsOperatingSystemSKU : 48
OsArchitecture       : 64-bit
WindowsVersion       : 2009
WindowsBuildLabEx    : 22621.1.amd64fre.ni_release.220506-1250
OsLanguage           : en-US
OsMuiLanguages       : {en-US}

Name                           Value
----                           -----
PSVersion                      5.1.22621.1778
PSEdition                      Desktop
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}
BuildVersion                   10.0.22621.1778
CLRVersion                     4.0.30319.42000
WSManStackVersion              3.0
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1

[andikrueger]

This looks like a bug in this comparison here:

https://github.com/microsoft/Microsoft365DSC/blob/57abaff4143860fb4ceb375b840b1ce7283d99b7/Modules/Microsoft365DSC/Modules/M365DSCReport.psm1#L722-L774

[Sylit82]

Hello, Is there any estimated time for the solution?

[Sylit82]

Hello, Is there any estimated time for the solution?

[Sylit82]

Hello @andikrueger, @NikCharlebois ,

Is there a chance for fixing this issue?

[FabienTschanz]

@Sylit82 Just checked with version 1.24.710.3 and no issues there, it reports that no discrepancies have been found. Can you confirm that this issue is resolved?