-
Notifications
You must be signed in to change notification settings - Fork 490
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
IntuneASRRulesPolicyWindows10: Incorrect set of possible values for properties EmailContentExecutionType and UntrustedExecutableType #3434
Comments
It seems that property UntrustedExecutableType is also affected, PR #3435 has been updated to fix that one as well. Edit: There are more properties affected, currently checking all of them. |
cc/ @William-Francillette Are those possible values created manually or within the DRG? |
Nope those were created manually - I may have missed the warn value |
Thanks for the clarification. Is there any feasible option to get these values by using DRG or the Graph Metadata endpoint? They should be available somewhere :) |
yep, we can extract the values from the template definition - For the DRG, I'm working on settingCatalog right now but will be working on Intent when completed Names of policy types are very confusion in Intune and too many types as well :D |
Details of the scenario you tried and the problem that is occurring
One of my Attack Surface Reduction policies has the property EmailContentExecutionType set to warn which gets exported into a blueprint without issues, but when trying to compile it into a MOF it fails due to incorrect possible values in both its schema and the module, even though the current possible values don't even match between them.
Verbose logs showing the problem
##[error]The running command stopped because the preference variable "ErrorActionPreference" or common parameter is set to Stop: At least one of the values 'warn' is not supported or valid for property 'EmailContentExecutionType' on class 'IntuneASRRulesPolicyWindows10'. Please specify only supported values:
notConfigured, block, auditMode, userDefined, disable.
##[error]PowerShell exited with code '1'.
Suggested solution to the issue
Change possible values of property EmailContentExecutionType in both schema and module, and make sure they both match, which are 'notConfigured', 'block', 'auditMode', 'warn', 'disable'
The DSC configuration that is used to reproduce the issue (as detailed as possible)
The operating system the target node is running
Win10
Version of the DSC module that was used ('dev' if using current dev branch)
1.23.628.1
The text was updated successfully, but these errors were encountered: