Open PavolVonSekule opened 5 days ago
How did you get the DSC configuration? That doesn't look right, there shouldn't be something like instance of ...
, it should be IntuneAppProtectionPolicyiOS "<Name"
, followed by all the content. Please run an export of the configuration and check with the export.
Hi Fabien, we are compiling custom configs/MOFs from our own database. I will get the PS1 config and get back to you
Ahh I see. Thank you, that would be great 👍
Description of the issue
Hi, we are having issues with res IntuneAppProtectionPolicyiOS, Start-DSC doesn't apply attributes, or if policy deleted, it's not getting created. Please advise, thanks.
Microsoft 365 DSC Version
1.24.1002.1
Which workloads are affected
Intune
The DSC configuration
instance of MSFT_IntuneAppProtectionPolicyiOS as $MSFT_IntuneAppProtectionPolicyiOS1ref { FilterOpenInToOnlyManagedApps = False; MinimumPinLength = 6; AllowedInboundDataTransferSources = "allApps"; AppActionIfIosDeviceModelNotAllowed = "block"; Description = "Policy direkt bei Intune angelegt wird NICHT von AirWatch aus gesteuert gueltig fuer iOS iPadOS Geraete"; Identity = "iOS App Protection Policy"; Assignments = { "492c910b-e4c0-476d-a863-1f7327b189ea" }; DisplayName = "iOS App Protection Policy"; DisableProtectionOfManagedOutboundOpenInData = False; TenantId = "bankenit00003681e11.onmicrosoft.com"; PinRequired = True; ManagedIdentity = False; AllowedOutboundDataTransferDestinations = "allApps"; MaximumPinRetries = 5; AppDataEncryptionType = "whenDeviceLocked"; DisableAppPinIfDevicePinIsSet = False; ProtectInboundDataFromUnknownSources = False; OrganizationalCredentialsRequired = False; ManagedBrowserToOpenLinksRequired = False; ExemptedAppProtocols = { "Default:skype", "app-settings:", "calshow:", "itms:", "itmss:", "itms-apps:", "itms-appss:", "itms-services:" }; PeriodOfflineBeforeWipeIsEnforced = "90.00:00:00"; Ensure = "Present"; AppActionIfDeviceComplianceRequired = "block"; SimplePinBlocked = True; ManagedBrowser = "notConfigured"; ExcludedGroups = { }; ResourceID = "[IntuneAppProtectionPolicyiOS]Container-105-15946db7-0c43-4db6-8f06-965968a0dfa7"; PinCharacterSet = "numeric"; AllowedOutboundClipboardSharingLevel = "allApps"; AllowedDataStorageLocations = { "localStorage", "oneDriveForBusiness", "sharePoint" }; ApplicationId = "ba427897-c07f-414c-8236-51dfd731b6ea"; PrintBlocked = False; PeriodBeforePinReset = "00:00:00"; AllowedOutboundClipboardSharingExceptionLength = 0; DeviceComplianceRequired = True; DataBackupBlocked = True; ContactSyncBlocked = False; CertificateThumbprint = "AAAA"; FaceIdBlocked = False; ModuleVersion = "1.24.1002.1"; SourceInfo = "::631::3::IntuneAppProtectionPolicyiOS"; NotificationRestriction = "allow"; AppActionIfMaximumPinRetriesExceeded = "block"; ModuleName = "Microsoft365DSC"; PeriodOfflineBeforeAccessCheck = "12:00:00"; SaveAsBlocked = True; PeriodOnlineBeforeAccessCheck = "00:05:00"; FingerprintBlocked = False;
ConfigurationName = "MainConfig";
};
Verbose logs showing the problem
[ModelValidationFailure] : Must specify valid information for parsing in the string.
Cannot bind argument to parameter 'IosManagedAppProtectionId' because it is an empty string.
Cannot bind argument to parameter 'IosManagedAppProtectionId' because it is an empty string.
VERBOSE: [MACHINE1]: LCM: [ End Set ] [[IntuneAppProtectionPolicyiOS]Container-105-15946db7-0c43-4db6-8f06-965968a0dfa7] in 1.0980 seconds. The PowerShell DSC resource '[IntuneAppProtectionPolicyiOS]Container-105-15946db7-0c43-4db6-8f06-965968a0dfa7' with SourceInfo '::631::3::IntuneAppProtectionPolicyiOS' threw one or more non-terminating errors while running the Set-TargetResource functionality. These errors are logged to the ETW channel called Microsoft-Windows-DSC/Operational. Refer to this channel for more details.
EventData JobId {F284EF29-8BBC-11EF-BA4A-001DD8C91D89} ComponentName LCM ErrorId 0x1 ErrorDetail The SendConfigurationApply function did not succeed. ResourceId [IntuneAppProtectionPolicyiOS]Container-105-15946db7-0c43-4db6-8f06-965968a0dfa7 SourceInfo ::631::3::IntuneAppProtectionPolicyiOS ErrorMessage The PowerShell DSC resource '[IntuneAppProtectionPolicyiOS]Container-105-15946db7-0c43-4db6-8f06-965968a0dfa7' with SourceInfo '::631::3::IntuneAppProtectionPolicyiOS' threw one or more non-terminating errors while running the Set-TargetResource functionality. These errors are logged to the ETW channel called Microsoft-Windows-DSC/Operational. Refer to this channel for more details.
Environment Information + PowerShell Version
OsName : Microsoft Windows Server 2019 Standard OsOperatingSystemSKU : StandardServerEdition OsArchitecture : 64-bit WindowsVersion : 1809 WindowsBuildLabEx : 17763.1.amd64fre.rs5_release.180914-1434 OsLanguage : en-US OsMuiLanguages : {en-US, de-DE}
Key : PSVersion Value : 5.1.17763.6414 Name : PSVersion
Key : PSEdition Value : Desktop Name : PSEdition
Key : PSCompatibleVersions Value : {1.0, 2.0, 3.0, 4.0...} Name : PSCompatibleVersions
Key : BuildVersion Value : 10.0.17763.6414 Name : BuildVersion
Key : CLRVersion Value : 4.0.30319.42000 Name : CLRVersion
Key : WSManStackVersion Value : 3.0 Name : WSManStackVersion
Key : PSRemotingProtocolVersion Value : 2.3 Name : PSRemotingProtocolVersion
Key : SerializationVersion Value : 1.1.0.1 Name : SerializationVersion