Microsoft365DSC
Microsoft365DSC copied to clipboard
microsoft
IntuneAppProtectionPolicyiOS: Apps required when providing certain AppGroupTypes
Description of the issue
Hello,
when configuring an IntuneAppProtectionPolicyiOS with the parameter AppGroupType (e.g., allCoreMicrosoftApps, allMicrosoftApps, allApps), Microsoft365DSC fails when no value is provided for the parameter Apps.
This behavior makes sense when setting AppGroupType = "selectedPublicApps", as a selection of apps to be managed by the policy would be expected. However, for the other AppGroupTypes, a selection of apps to be managed is provided by Microsoft (these can also be viewed in the Microsoft Intune admin center > Apps > Manage apps > Protection > Policy).
Is this an API limitation or could this possibly be adjusted?
Microsoft 365 DSC Version
V1.25.1112.1
Which workloads are affected
Intune
The DSC configuration
IntuneAppProtectionPolicyiOS 'MyCustomiOSPolicy'
{
DisplayName = 'My DSC iOS App Protection Policy'
AppGroupType = "allCoreMicrosoftApps";
ApplicationID = "";
TenantID = "";
CertificateThumbprint = "";
}
Verbose logs showing the problem
Exception calling "InvokeReturnAsIs" with "0" argument(s): "The running command stopped because the preference variable "ErrorActionPreference" or common parameter is set to Stop: Error occured during DSC Execution in VarErr: Cannot bind argument to parameter 'Apps' because it is null.
+ CategoryInfo : InvalidData: (:) [], CimException
+ FullyQualifiedErrorId : ParameterArgumentValidationErrorNullNotAllowed,Get-IntuneAppProtectionPolicyiOSAppsToHashtable
+ PSComputerName : localhost
Response status code does not indicate success: BadRequest (Bad Request).
+ CategoryInfo : InvalidOperation: (Method: POST, R...nt-Length: 0}:) [], CimException
+ FullyQualifiedErrorId : InvokeGraphHttpResponseException,Microsoft.Graph.PowerShell.Authentication.Cmdlets.InvokeMgGraphRequest
+ PSComputerName : localhost
Environment Information + PowerShell Version
PSVersion: 5.1.17763.8024
