Fixed issue microsoft#4494

.github/ISSUE_TEMPLATE/ProblemWithResource.yml

@@ -41,8 +41,9 @@ body:
       label: "Which workloads are affected"
       description: The workload of the resource you are having an issue with.
       options:
-        - "Azure Active Directory"
+        - "Azure Active Directory (Entra ID)"
         - "Exchange Online"
+        - "Intune"
         - "Office 365 Admin"
         - "OneDrive for Business"
         - "Planner"

CHANGELOG.md

@@ -33,6 +33,10 @@
   * Fix group assignment by using the corrected function
     Update-DeviceConfigurationPolicyAssignment from module M365DSCDRGUtil
     FIXES [#4467](https://github.com/microsoft/Microsoft365DSC/issues/4467)
+* IntuneDeviceEnrollmentStatusPageWindows10
+  * Added support for specifying SelectedMobileAppNames in addition to SelectedMobileAppIds,
+    which are different for each tenant.
+    FIXES [#4494](https://github.com/microsoft/Microsoft365DSC/issues/4494)
 * M365DSCRuleEvaluation
   * Log both matching and not matching resources and in XML format
 * O365OrgSettings

Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentStatusPageWindows10/MSFT_IntuneDeviceEnrollmentStatusPageWindows10.psm1

@@ -57,6 +57,10 @@ function Get-TargetResource
         [System.String[]]
         $SelectedMobileAppIds,
 
+        [Parameter()]
+        [System.String[]]
+        $SelectedMobileAppNames,
+
         [Parameter()]
         [System.Boolean]
         $ShowInstallationProgress,
@@ -121,9 +125,16 @@ function Get-TargetResource
         Add-M365DSCTelemetryEvent -Data $data
         #endregion
 
+        Write-Verbose -Message "Getting configuration of the Intune Device Enrollment Status Page for Windows 10 with Id {$Id} and DisplayName {$DisplayName}"
+
         $nullResult = $PSBoundParameters
         $nullResult.Ensure = 'Absent'
 
+        if ($PSBoundParameters.ContainsKey('SelectedMobileAppIds') -and $PSBoundParameters.ContainsKey('SelectedMobileAppNames'))
+        {
+            Write-Verbose -Message '[WARNING] Both SelectedMobileAppIds and SelectedMobileAppNames are specified. SelectedMobileAppNames will be ignored!'
+        }
+
         $getValue = $null
         #region resource generator code
         $getValue = Get-MgBetaDeviceManagementDeviceEnrollmentConfiguration -DeviceEnrollmentConfigurationId $Id -ErrorAction SilentlyContinue `
@@ -169,20 +180,14 @@ function Get-TargetResource
             DisableUserStatusTrackingAfterFirstUser = $getValue.AdditionalProperties.disableUserStatusTrackingAfterFirstUser
             InstallProgressTimeoutInMinutes         = $getValue.AdditionalProperties.installProgressTimeoutInMinutes
             InstallQualityUpdates                   = $getValue.AdditionalProperties.installQualityUpdates
-            SelectedMobileAppIds                    = $getValue.AdditionalProperties.selectedMobileAppIds
+            SelectedMobileAppNames                  = $getValue.AdditionalProperties.selectedMobileAppIds | ForEach-Object { (Get-MgBetaDeviceAppManagementMobileApp -MobileAppId $_).DisplayName }
             ShowInstallationProgress                = $getValue.AdditionalProperties.showInstallationProgress
             TrackInstallProgressForAutopilotOnly    = $getValue.AdditionalProperties.trackInstallProgressForAutopilotOnly
             Priority                                = $getValue.Priority
             Description                             = $getValue.Description
             DisplayName                             = $getValue.DisplayName
             Id                                      = $getValue.Id
             Ensure                                  = 'Present'
-            Credential                              = $Credential
-            ApplicationId                           = $ApplicationId
-            TenantId                                = $TenantId
-            ApplicationSecret                       = $ApplicationSecret
-            CertificateThumbprint                   = $CertificateThumbprint
-            Managedidentity                         = $ManagedIdentity.IsPresent
             #endregion
         }
         $assignmentsValues = Get-MgBetaDeviceManagementDeviceEnrollmentConfigurationAssignment -DeviceEnrollmentConfigurationId $Id
@@ -274,6 +279,10 @@ function Set-TargetResource
         [System.String[]]
         $SelectedMobileAppIds,
 
+        [Parameter()]
+        [System.String[]]
+        $SelectedMobileAppNames,
+
         [Parameter()]
         [System.Boolean]
         $ShowInstallationProgress,
@@ -321,7 +330,6 @@ function Set-TargetResource
         $ManagedIdentity
     )
 
-
     #Ensure the proper dependencies are installed in the current environment.
     Confirm-M365DSCDependencies
 
@@ -334,9 +342,26 @@ function Set-TargetResource
     Add-M365DSCTelemetryEvent -Data $data
     #endregion
 
+    Write-Verbose -Message "Setting configuration of the Intune Device Enrollment Status Page for Windows 10 with Id {$Id} and DisplayName {$DisplayName}"
+
     $currentInstance = Get-TargetResource @PSBoundParameters
     $PSBoundParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters
 
+    if ($PSBoundParameters.ContainsKey('SelectedMobileAppIds') -eq $false -and $PSBoundParameters.ContainsKey('SelectedMobileAppNames') -eq $true)
+    {
+        Write-Verbose -Message 'Converting SelectedMobileAppNames to SelectedMobileAppIds'
+        if ($PSBoundParameters.SelectedMobileAppNames.Count -ne 0)
+        {
+            [Array]$mobileAppIds = $SelectedMobileAppNames | ForEach-Object { (Get-MgBetaDeviceAppManagementMobileApp -Filter "DisplayName eq '$_'").Id }
+            $PSBoundParameters.SelectedMobileAppIds = $mobileAppIds
+        }
+        else
+        {
+            $PSBoundParameters.SelectedMobileAppIds = @()
+        }
+        $PSBoundParameters.Remove('SelectedMobileAppNames') | Out-Null
+    }
+
     if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent')
     {
         Write-Verbose -Message "Creating an Intune Device Enrollment Configuration for Windows10 with DisplayName {$DisplayName}"
@@ -417,9 +442,12 @@ function Set-TargetResource
             $Uri = "https://graph.microsoft.com/beta/deviceManagement/deviceEnrollmentConfigurations/$($currentInstance.Id)/assign"
             Invoke-MgGraphRequest -Method POST -Uri $Uri -Body $body -ErrorAction Stop
 
-            Update-DeviceEnrollmentConfigurationPriority `
-                -DeviceEnrollmentConfigurationId $currentInstance.id `
-                -Priority $Priority
+            if ($PSBoundParameters.ContainsKey('Priority') -and $Priority -ne $currentInstance.Priority)
+            {
+                Update-DeviceEnrollmentConfigurationPriority `
+                    -DeviceEnrollmentConfigurationId $currentInstance.id `
+                    -Priority $Priority
+            }
         }
         #endregion
     }
@@ -491,6 +519,10 @@ function Test-TargetResource
         [System.String[]]
         $SelectedMobileAppIds,
 
+        [Parameter()]
+        [System.String[]]
+        $SelectedMobileAppNames,
+
         [Parameter()]
         [System.Boolean]
         $ShowInstallationProgress,
@@ -538,7 +570,6 @@ function Test-TargetResource
         $ManagedIdentity
     )
 
-
     #Ensure the proper dependencies are installed in the current environment.
     Confirm-M365DSCDependencies
 
@@ -551,8 +582,17 @@ function Test-TargetResource
     Add-M365DSCTelemetryEvent -Data $data
     #endregion
 
-    Write-Verbose -Message "Testing configuration of the Intune Device Enrollment Configuration for Windows10 with Id {$Id} and DisplayName {$DisplayName}"
+    Write-Verbose -Message "Testing configuration of the Intune Device Enrollment Status Page for Windows 10 with Id {$Id} and DisplayName {$DisplayName}"
+
     $CurrentValues = Get-TargetResource @PSBoundParameters
+
+    if ($PSBoundParameters.ContainsKey('SelectedMobileAppIds') -eq $true)
+    {
+        Write-Verbose -Message 'Converting SelectedMobileAppIds to SelectedMobileAppNames'
+        $PSBoundParameters.SelectedMobileAppNames = $SelectedMobileAppIds | ForEach-Object { (Get-MgBetaDeviceAppManagementMobileApp -MobileAppId $_).DisplayName }
+        $PSBoundParameters.Remove('SelectedMobileAppIds') | Out-Null
+    }
+
     $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone()
     $ValuesToCheck = Remove-M365DSCAuthenticationParameter -BoundParameters $ValuesToCheck
     $ValuesToCheck.Remove('Id') | Out-Null

Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentStatusPageWindows10/MSFT_IntuneDeviceEnrollmentStatusPageWindows10.schema.mof

@@ -24,7 +24,8 @@ class MSFT_IntuneDeviceEnrollmentStatusPageWindows10 : OMI_BaseResource
     [Write, Description("Only show installation progress for first user post enrollment")] Boolean DisableUserStatusTrackingAfterFirstUser;
     [Write, Description("Set installation progress timeout in minutes")] UInt32 InstallProgressTimeoutInMinutes;
     [Write, Description("Allows quality updates installation during OOBE")] Boolean InstallQualityUpdates;
-    [Write, Description("Selected applications to track the installation status")] String SelectedMobileAppIds[];
+    [Write, Description("Ids of selected applications to track the installation status. When this parameter is used, SelectedMobileAppNames is ignored")] String SelectedMobileAppIds[];
+    [Write, Description("Names of selected applications to track the installation status. This parameter is ignored when SelectedMobileAppIds is also specified")] String SelectedMobileAppNames[];
     [Write, Description("Show or hide installation progress to user")] Boolean ShowInstallationProgress;
     [Write, Description("Only show installation progress for Autopilot enrollment scenarios")] Boolean TrackInstallProgressForAutopilotOnly;
     [Write, Description("Priority is used when a user exists in multiple groups that are assigned enrollment configuration. Users are subject only to the configuration with the lowest priority value.")] UInt32 Priority;

Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentStatusPageWindows10/settings.json

@@ -10,6 +10,9 @@
                     },
                     {
                         "name": "DeviceManagementServiceConfig.Read.All"
+                    },
+                    {
+                        "name": "DeviceManagementApps.Read.All"
                     }
                 ],
                 "update": [
@@ -18,6 +21,9 @@
                     },
                     {
                         "name": "DeviceManagementServiceConfig.ReadWrite.All"
+                    },
+                    {
+                        "name": "DeviceManagementApps.Read.All"
                     }
                 ]
             },
@@ -28,6 +34,9 @@
                     },
                     {
                         "name": "DeviceManagementServiceConfig.Read.All"
+                    },
+                    {
+                        "name": "DeviceManagementApps.Read.All"
                     }
                 ],
                 "update": [
@@ -36,6 +45,9 @@
                     },
                     {
                         "name": "DeviceManagementServiceConfig.ReadWrite.All"
+                    },
+                    {
+                        "name": "DeviceManagementApps.Read.All"
                     }
                 ]
             }