If I'm not mistaken, the normal way to address a profile and its creation is by defining every last configurable property of it. For the security baselines, because they are all separate instances and not a common profile, all differ in their properties and thus need to be separated and all their properties must be defined in the respective cmdlet.

Proposition
Create the following five cmdlets, each with their respective set of properties:

• MSFT_IntuneSecurityBaselineWindows10
• MSFT_IntuneSecurityBaselineMicrosoftDefenderForEndpoint
• MSFT_IntuneSecurityBaselineMicrosoftEdge
• MSFT_IntuneSecurityBaselineWindows365
• MSFT_IntuneSecurityBaselineMicrosoft365Apps

Note: The MSFT_IntuneSecurityBaselineMicrosoftEdge and MSFT_IntuneSecurityBaselineMicrosoft365Apps are not a baseline of the /intents subpath, they're rather part of the /devicemanagement/configurationpolicytemplates family.

@andikrueger, has there been any progress on improving Microsoft365DSC to consume all Intune Configuration? As of today we see that there are many missing components such as Security Baselines, Firewall, Apps, Scripts and remediations, etc..

This request for Security Baselines is nearly a year old so I would like to open a discussion on how we can get these missing components into a future release.

I know that the some of the missing components are old ways to manage the settings but I work with clients who still have them configured and we would really like Microsoft365DSC to report this to us.

Thanks,
Dan.

If I'm not mistaken, the normal way to address a profile and its creation is by defining every last configurable property of it. For the security baselines, because they are all separate instances and not a common profile, all differ in their properties and thus need to be separated and all their properties must be defined in the respective cmdlet.

Proposition Create the following five cmdlets, each with their respective set of properties:

• MSFT_IntuneSecurityBaselineWindows10
• MSFT_IntuneSecurityBaselineMicrosoftDefenderForEndpoint
• MSFT_IntuneSecurityBaselineMicrosoftEdge
• MSFT_IntuneSecurityBaselineWindows365
• MSFT_IntuneSecurityBaselineMicrosoft365Apps

Note: The MSFT_IntuneSecurityBaselineMicrosoftEdge and MSFT_IntuneSecurityBaselineMicrosoft365Apps are not a baseline of the /intents subpath, they're rather part of the /devicemanagement/configurationpolicytemplates family.

But then they should be visible when I export the complete config. That is not the case. So, are they not supported?

new Windows 23H2 Security Baseline ist part of (Get)-MgBetaDeviceManagementConfigurationPolicy

new Windows 23H2 Security Baseline ist part of (Get)-MgBetaDeviceManagementConfigurationPolicy

True, and the new versions will also be available in settings catalog. So, I think we can close this one.

It is not part of the current Export, but part of the cmdlet. We can not close the issue

It is not part of the current Export, but part of the cmdlet. We can not close the issue

Agree.
Is this on the working list? Just noticed the same thing when running a backup of the environment

@lar282 I have a list of resources that I will work on in the following weeks and months, but I can't promise a timeline (since this module is something I work on in my free time). But stay tuned for updates a bit later in the year.