[AADCrossTenantIdentitySyncPolicyPartner] [AADCrossTenantAccessPolicyConfigurationPartner] Weird presence in Isolated tenant configuration #6843
Description
Description of the issue
I'm in the process of testing a set of tenants which will form a Multi tenant organization and I'm setting up the tenants w/ M365DSC.
Currently they are completely separated.
However in one tenant, I've got a AADCrossTenantIdentitySync{Policy}Partner object which shouldn't exist for MTO reasons.
The only reason I can see it exists is because at some point in the past I opened a "Help and support ticket" and allowed the Office 365 Support team to connect. This is corroborated by the Tenant ID which displays "Office 365 Support" when converted into a name using the Graph API function GetTenantById.
That's something I did not do in the other tenants
[AADCrossTenantIdentitySyncPolicyPartner] in that case fails
Microsoft 365 DSC Version
1.26.121.1
Which workloads are affected
Azure Active Directory (Entra ID)
The DSC configuration
param (
)
Configuration M365TenantConfig
{
param (
)
$OrganizationName = $ConfigurationData.NonNodeData.OrganizationName
Import-DscResource -ModuleName 'Microsoft365DSC' -ModuleVersion '1.26.121.1'
Node localhost
{
#AADCrossTenantIdentitySyncPolicyPartner no output, but only partner found is:
AADCrossTenantAccessPolicyConfigurationPartner "AADCrossTenantAccessPolicyConfigurationPartner-b4c546a4-7dac-46a6-a7dd-ed822a11efd3"
{
ApplicationId = $ConfigurationData.NonNodeData.ApplicationId;
CertificateThumbprint = $ConfigurationData.NonNodeData.CertificateThumbprint;
Ensure = "Present";
PartnerTenantId = "b4c546a4-7dac-46a6-a7dd-ed822a11efd3";
TenantId = $OrganizationName;
}
}
}
M365TenantConfig -ConfigurationData .\ConfigurationData.psd1Verbose logs showing the problem
[2026/01/23 12:39:35]
{InvalidData}
System.Management.Automation.ParameterBindingArgumentTransformationException: Cannot process argument transformation on parameter 'IsSyncAllowed'. Cannot convert value "" to type "System.Boolean". Boolean parameters accept only Boolean values and numbers, such as $True, $False, 1 or 0. ---> System.Management.Automation.ArgumentTransformationMetadataException: Cannot convert value "" to type "System.Boolean". Boolean parameters accept only Boolean values and numbers, such as $True, $False, 1 or 0. ---> System.Management.Automation.PSInvalidCastException: Cannot convert value "" to type "System.Boolean". Boolean parameters accept only Boolean values and numbers, such as $True, $False, 1 or 0.
at System.Management.Automation.ArgumentTypeConverterAttribute.ThrowPSInvalidBooleanArgumentCastException(Type resultType, Type convertType)
at System.Management.Automation.ArgumentTypeConverterAttribute.CheckBoolValue(Object value, Type boolType)
at System.Management.Automation.ArgumentTypeConverterAttribute.Transform(EngineIntrinsics engineIntrinsics, Object inputData, Boolean bindingParameters, Boolean bindingScriptCmdlet)
--- End of inner exception stack trace ---
at System.Management.Automation.ArgumentTypeConverterAttribute.Transform(EngineIntrinsics engineIntrinsics, Object inputData, Boolean bindingParameters, Boolean bindingScriptCmdlet)
at System.Management.Automation.ParameterBinderBase.BindParameter(CommandParameterInternal parameter, CompiledCommandParameter parameterMetadata, ParameterBindingFlags flags)
--- End of inner exception stack trace ---
at System.Management.Automation.ExceptionHandlingOps.CheckActionPreference(FunctionContext funcContext, Exception exception)
at System.Management.Automation.Interpreter.ActionCallInstruction`2.Run(InterpretedFrame frame)
at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame)
at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame)
"Error during Export:"
at Export-TargetResource, C:\Program Files\WindowsPowerShell\Modules\Microsoft365DSC\1.26.121.1\DSCResources\MSFT_AADCrossTenantIdentitySyncPolicyPartner\MSFT_AADCrossTenantIdentitySyncPolicyPartner.psm1: line 366
at <ScriptBlock>, <No file>: line 105
at Start-M365DSCConfigurationExtract, C:\Program Files\WindowsPowerShell\Modules\Microsoft365DSC# \Modules\M365DSCReverse.psm1: line 848
at Export-M365DSCConfiguration, C:\Program Files\WindowsPowerShell\Modules\Microsoft365DSC\1.26.121.1\Modules\M365DSCUtil.psm1: line 1780
at <ScriptBlock>, <No file>: line 1
TenantId: tenant1XXX.onmicrosoft.comEnvironment Information + PowerShell Version
OsName : Microsoft Windows Server 2022 Datacenter
OsOperatingSystemSKU : DatacenterServerEdition
OsArchitecture : 64-bit
WindowsVersion : 2009
WindowsBuildLabEx : 20348.1.amd64fre.fe_release.210507-1500
OsLanguage : en-US
OsMuiLanguages : {en-US}
PSVersion 5.1.20348.4294
PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}
BuildVersion 10.0.20348.4294
CLRVersion 4.0.30319.42000
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1