Initial module. Adds support for iOS trusted root certs #5467
Conversation
|
Will be adding Android equivalent module soon |
.../DSCResources/MSFT_IntuneTrustedRootCertificateIOS/MSFT_IntuneTrustedRootCertificateIOS.psm1
Outdated
Show resolved
Hide resolved
.../DSCResources/MSFT_IntuneTrustedRootCertificateIOS/MSFT_IntuneTrustedRootCertificateIOS.psm1
Show resolved
Hide resolved
...les/Microsoft365DSC/Examples/Resources/IntuneTrustedRootCertificateIOS/Example/localhost.mof
Outdated
Show resolved
Hide resolved
.../DSCResources/MSFT_IntuneTrustedRootCertificateIOS/MSFT_IntuneTrustedRootCertificateIOS.psm1
Outdated
Show resolved
Hide resolved
|
Failed checks, but doesn't appear to be anything to do with my resource.
|
.../DSCResources/MSFT_IntuneTrustedRootCertificateIOS/MSFT_IntuneTrustedRootCertificateIOS.psm1
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Did you save the schema file in UTF16? Could you please try with UTF8 instead? Otherwise it shows up in GH as binary file.
There was a problem hiding this comment.
Not on purpose, but yes it was UTF16, have resaved all files as UTF8 in both PRs
|
OK let me test this on my dev tenant to check if there's any issues and I'll get back to you |
.../DSCResources/MSFT_IntuneTrustedRootCertificateIOS/MSFT_IntuneTrustedRootCertificateIOS.psm1
Outdated
Show resolved
Hide resolved
| $nullResult.Ensure = 'Absent' | ||
| try | ||
| { | ||
| if (-not [string]::IsNullOrWhiteSpace($id)){ |
There was a problem hiding this comment.
Still not quite right, the bracket { must be right below if aligned to the closing bracket }
| { | ||
| Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` | ||
| -Targets $assignmentsHash ` | ||
| -Repository 'deviceAppManagement/mobileAppConfigurations' |
There was a problem hiding this comment.
This isn't correct, I had to figure out why the assignments were not working, this is because the correct repository to use here is 'deviceManagement/deviceConfigurations'
There was a problem hiding this comment.
Oh I thought they were, I'll look into it.
| $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments | ||
| Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $currentInstance.id ` | ||
| -Targets $assignmentsHash ` | ||
| -Repository 'deviceAppManagement/mobileAppConfigurations' |
There was a problem hiding this comment.
Same as above, correct repository is 'deviceManagement/deviceConfigurations'
|
@dannyKBjj Please check my latest comments and make sure you also correct them in your other PR |
| Write-Verbose -Message "No Intune Trusted Root Certificate Policy for iOS with Id {$id} was found" | ||
| return $nullResult | ||
| } | ||
|
|
There was a problem hiding this comment.
Add a line here with the below, otherwise if the blueprint contains a bogus Id or from a different tenant the verbose messages will pick up the Id from the blueprint which will be incorrect.
$Id = $getValue.IdThere was a problem hiding this comment.
Sorry I don't think I understand.. I want it to pick up the bogus ID from the blueprint don't I? That code would only execute if $getValue.Id was null?
There was a problem hiding this comment.
Look at the actual placement of where I'm asking to place it, yes you first want to search the policy by its Id which if it's bogus/from another tenant you then search by Display Name, if you then find it this policy will actually have its own Id which is different from what it's in the blueprint so if you place $Id = $getValue.Id on line 113 the next verbose message will show the actual Id of this policy instead of what's in the blueprint which is wrong
$Id = $getValue.Id added on line 113 to make sure verbose message displays correct ID. Now searching correct repository deviceManagement/deviceConfigurations for assignments.
Pull Request (PR) description
This Pull Request (PR) fixes the following issues
None
Task list
Entry should say what was changed and how that affects users (if applicable), and
reference the issue being resolved (if applicable).