Trying to list AppLockerFiles (both allow and exempt) from my MDM policy as explained in [0] gives this 400 error message. Initially I thought it was a service issue in my tenant but then I tested on a separate tenant and have exactly the same issue.
Invoke-GraphRequest : GET https://graph.microsoft.com/beta/deviceAppManagement/mdmWindowsInformationProtectionPolicies/REDACTED/protectedAppLockerFiles
HTTP/1.1 400 Bad Request
[...]
{"error":{"code":"No method match route template","message":"No OData route exists that match template ~/singleton/navigation/key/navigation with http verb GET for request /MAMAdmin_2312/MAMAdminFEService/devic
eAppManagement/mdmWindowsInformationProtectionPolicies('REDACTED')/protectedAppLockerFiles.","innerError":{"date":"2023-12-18T13:12:26","request-id":"REDACTED
b946a8","client-request-id":"REDACTED"}}}
[...]
Didn't test it but most likely it's also not possible to create and delete them and the idea would be to if all these actions are working then add support for AppLockerFiles in Microsoft365DSC's IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled [1].
ricmestre
commented
9 months ago
Trying to list AppLockerFiles (both allow and exempt) from my MDM policy as explained in [0] gives this 400 error message. Initially I thought it was a service issue in my tenant but then I tested on a separate tenant and have exactly the same issue.
Didn't test it but most likely it's also not possible to create and delete them and the idea would be to if all these actions are working then add support for AppLockerFiles in Microsoft365DSC's IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled [1].
[0] https://learn.microsoft.com/en-us/graph/api/intune-mam-windowsinformationprotectionapplockerfile-list?view=graph-rest-beta [1] https://microsoft365dsc.com/resources/intune/IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled/