Empty Attributes in Default Org Settings Prevent Exceptions #1532
Description
Describe the bug
I recently upgraded PowerSTIG to v4.28.0 and found that my Exception's for IISSite no longer work. More specifically, I see the error:
PSDesiredStateConfiguration\Configuration : The property 'Value' cannot be found on this object. Verify that the property exists and can be set.
when I try to generate the mof file.
I believe I've narrowed down the cause (the title of this Issue thread) and a fix/workaround, although the underlying issue is still a bit of a mystery to me. Commit 1cf9e5b in v4.28.0, in updating IISSite-10.0-2.11.org.default.xml to IISSite-10.0-2.13.org.default.xml, removed the default Value's from all of the items in the org.default.xml.
If I add back the default Value values to .org.default.xml for the items I previously defined Exception's for, such as V-218763 and V-218755, my script suddenly works again.
I suspect that, with however these default XML files are parsed, if a field such as Value has an empty value, then it is dropped entirely -- thus throwing that error when my configured Exception's are "folded" back into the XML.
To Reproduce
- Define a
IISSiteconfiguration, such as the default one in the Wiki - Configure some
Exception's for the item, for example:
Exception = @{
'V-218763' = @{Value = '00:15:00' }
'V-218772' = @{Value = '35000' }
}- Execute your script, observe the
The property 'Value' cannot be found on this object....error.
Expected behavior
The script executes without error to generate the mof file.
Recommended Fix & Workaround
As a stop gap measure, I think it would be good to reintroduce the default values to the .org.default.xml file from the previous release. For users that are encountering this right now, adding those defaults works as a workaround.
After stabilizing/fixing this behavior, it might be worth looking into why those items are being dropped during XML parsing, if its not known about already.
Question: Why were these default values dropped from those .org.default.xml files? @hinderjd, since you authored the commit: do you know why they were removed? Was it unintentional?