Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

IntuneWindowsAutopilotDeploymentProfileAzureADJoined resource fails when you don't specify an ID #5614

Closed
ajkenah opened this issue Jan 8, 2025 · 2 comments

Comments

@ajkenah
Copy link

ajkenah commented Jan 8, 2025

Description of the issue

When creating a new "IntuneWindowsAutopilotDeploymentProfileAzureADJoined" resource which does not include an ID property, Test-DscConfiguration & Get-DscConfiguration fails.

This causes multiple copies of the AutoPilot profile to be created and means that I can't use Get-DscConfiguration command to get the Autopilot profile ID after creation to pass to the next part of my script.

Microsoft 365 DSC Version

1.24.1218.1

Which workloads are affected

Intune

The DSC configuration

Configuration AutopilotProfile
{
  param (
    [parameter()]
    [System.Management.Automation.PSCredential]
    $Credential
  )
  If ($null -eq $Credential) {
    <# Credentials #>
    $Credscredential = Get-Credential -Message "Credentials"
  }
  Else {
    $CredsCredential = $Credential
  }
  Import-DscResource -ModuleName 'Microsoft365DSC' -ModuleVersion '1.24.1218.1'
  
  Node localhost
  {
    LocalConfigurationManager {
      RebootNodeIfNeeded = $true
      ActionAfterReboot  = 'ContinueConfiguration'
      ConfigurationMode  = 'ApplyAndMonitor'
    }
    IntuneWindowsAutopilotDeploymentProfileAzureADJoined "Win11_Standard"
    {
      Assignments                = @(
        MSFT_DeviceManagementConfigurationPolicyAssignments{
          groupDisplayName = 'Devices_Win11_Standard'
          dataType = '#microsoft.graph.groupAssignmentTarget'
          groupId = 'cf5c9b23-c5fb-4da2-9991-7f0425f43964'
        }
      );
      Credential                 = $Credscredential;
      Description                = "Base Intune AutoPilot profile for Windows 11 devices";
      DeviceNameTemplate         = "";
      DeviceType                 = "windowsPc";
      DisplayName                = "Win11_Standard";
      EnableWhiteGlove           = $True;
      Ensure                     = "Present";
      ExtractHardwareHash        = $True;
      Language                   = "";
      OutOfBoxExperienceSettings = MSFT_MicrosoftGraphoutOfBoxExperienceSettings1{
        HideEULA = $False
        HideEscapeLink = $True
        HidePrivacySettings = $True
        DeviceUsageType = 'singleUser'
        SkipKeyboardSelectionPage = $True
        UserType = 'standard'
      };
    }
  }
}

Verbose logs showing the problem

The following output was provided when there was only a single version of the configuration (removed all duplicates):

VERBOSE: An LCM method call arrived from computer LABELMTHPVHST01 with user sid S-1-5-21-546332293-321881932-2114914919-1000.                                                                                      VERBOSE: [LABELMTHPVHST01]: LCM:  [ Start  Get      ]                                                                                                                                                              
Get-DscConfiguration : The PowerShell DSC resource  returned results that are not valid from Get-TargetResource. The Verbose key is not a valid property in the corresponding DSC resource schema file. The        results from Get-TargetResource must be in a Hashtable format. The keys in the Hashtable must be the same as the properties in the corresponding DSC resource schema file.
At line:1 char:1
+ Get-DscConfiguration -Verbose
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidResult: (MSFT_DSCLocalConfigurationManager:root/Microsoft/...gurationManager) [Get-DscConfiguration], CimException
    + FullyQualifiedErrorId : GetOperationResultInvalidResultFormat,Get-DscConfiguration

Environment Information + PowerShell Version

OsName               : Microsoft Windows Server 2025 Datacenter
OsOperatingSystemSKU : DatacenterServerEdition
OsArchitecture       : 64-bit
WindowsVersion       : 2009
WindowsBuildLabEx    : 26100.1.amd64fre.ge_release.240331-1435
OsLanguage           : en-US
OsMuiLanguages       : {en-US}

Key   : PSVersion
Value : 5.1.26100.1591
Name  : PSVersion

Key   : PSEdition
Value : Desktop
Name  : PSEdition

Key   : PSCompatibleVersions
Value : {1.0, 2.0, 3.0, 4.0...}
Name  : PSCompatibleVersions

Key   : BuildVersion
Value : 10.0.26100.1591
Name  : BuildVersion

Key   : CLRVersion
Value : 4.0.30319.42000
Name  : CLRVersion

Key   : WSManStackVersion
Value : 3.0
Name  : WSManStackVersion

Key   : PSRemotingProtocolVersion
Value : 2.3
Name  : PSRemotingProtocolVersion

Key   : SerializationVersion
Value : 1.1.0.1
Name  : SerializationVersion
@FabienTschanz
Copy link
Contributor

@ajkenah I just tested with the latest version 1.25.122.1 and it works on my side. I exported a policy, removed the Id property, compiled the configuration and ran Start-DscConfiguration. This all seemed to work without issues.

Get-DscConfiguration then returns the following output:

ConfigurationName              : M365TenantConfig
DependsOn                      :
ModuleName                     : Microsoft365DSC
ModuleVersion                  : 1.25.122.1
PsDscRunAsCredential           :
ResourceId                     : [IntuneWindowsAutopilotDeploymentProfileAzureADJoined]IntuneWindowsAutopilotDeploymentProfileAzureADJoined-Deployment Profile Windows 1
SourceInfo                     :
AccessTokens                   :
ApplicationId                  : <redacted>
ApplicationSecret              :
Assignments                    : {MSFT_DeviceManagementConfigurationPolicyAssignments, MSFT_DeviceManagementConfigurationPolicyAssignments, MSFT_DeviceManagementConfigurationPolicyAssignments}
CertificateThumbprint          : <redacted>
Credential                     :
Description                    :
DeviceNameTemplate             : TEST-%RAND:4%
DeviceType                     : windowsPc
DisplayName                    : Deployment Profile Windows 1
EnableWhiteGlove               : False
EnrollmentStatusScreenSettings :
Ensure                         : Present
ExtractHardwareHash            : True
Id                             : <redacted>
Language                       : de-CH
ManagedIdentity                : False
ManagementServiceAppId         :
OutOfBoxExperienceSettings     : MSFT_MicrosoftGraphOutOfBoxExperienceSettings1
TenantId                       : tenant.onmicrosoft.com
PSComputerName                 :
CimClassName                   : MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADJoined

@ajkenah
Copy link
Author

ajkenah commented Jan 26, 2025

Hi Fabien. Thanks, the issue does look to have been resolved in the latest release.

@ajkenah ajkenah closed this as completed Jan 26, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants