The school for ADMX import and Evil

Last Updated on December 6, 2022 by rudyooms

In this blog, I will try to sum up some of the ADMX|ADML import errors I got while playing around with them. Of course, I will also try to show you what could be going wrong in your ADMX/ADML files

Please note: this blog is a work in progress so I will add errors as I stumble upon them! I needed to start somewhere! Feel free to reach out if you have any nice additions!

I will divide this blog into multiple parts

  1. Value Cannot be Null
  2. The Given key was not present in the dictionary
  3. One or More errors occurred
  4. Sequence contains no elements
  5. ADMX file referenced not found
  6. 0x20101 / 131329
  7. The method or operation is not implemented
  8. The Administrative template file failed to be sent to the device
  9. Object Reference not set to an instance of an object

1. Value cannot be Null

The first error I ran into is about nothing… or maybe I should rather tell Null. Someone asked me to look at the ADMX he created with the reg_2_ADMX tool to define some additional OneNote settings.

With these additional OneNote ADMX, he wanted to define the BackupFolderPath and the BackupRuneveryXMinutes settings

Afbeelding met tekst

Automatisch gegenereerde beschrijving

As shown below, when importing the custom-made OneNote ADMX, I also received the error: Value cannot be Null. Parameter Name: Presentation

Afbeelding met tekst

Automatisch gegenereerde beschrijving

That’s a nice one, right? So I decided to start looking at what could have caused this nice presentation error. I guess when reading the error again, we need to start looking at the presentation parts.

Afbeelding met tekst

Automatisch gegenereerde beschrijving

It took me some time but after digging in a bit, I found out it had something to do with the HEX register value being mentioned in the ADML file itself

And the HXT (HEX) parameter being used in the ADMX element

Afbeelding met tekst

Automatisch gegenereerde beschrijving

When taking a closer look at the ADML file below, I noticed “something” missing

If we have configured some settings in the registry we want to convert to an ADMX with the tool we need to beware of something

Afbeelding met tekst

Automatisch gegenereerde beschrijving

If you defined a REG_EXPAND_SZ, the Reg2ADMX tool will convert it to a text box… but a textbox needs to have a label part in it. As shown below, the wrong one and a working one

When converting those registry values it fails to add the label part to it. If possible I would advise changing the REG_EXPAND_SZ to REG_SZ before creating the reg file that you are going to convert.

My guess is that it fails because of all of the HEX values. Another possibility would be to change it manually and add the LABEL part to it and import it again.

2. The Given key was not present in the dictionary

Let’s move on to another error I noticed when playing around with the ADMX import function and trying to find out what errors it could produce

As shown below, this time I got the error: the givin key was not present in the dictionary


That’s a funny one? Not present in the dictionary. Someone at Microsoft decided to add this nice error to tell us that there is something wrong with the dictionary?

Dictionary GIFs - Get the best GIF on GIPHY

Let me tell you what I broke! When trying to solve the first error, I tried to copy-paste the working policy from another ADMX to the not working one. But while doing so I totally forgot to change the Policy ParentCategory to match the category defined at the top.

Afbeelding met tekst

Automatisch gegenereerde beschrijving

I guess it is safe to say that the dictionary error could mean that you specified a parent category that is missing and doesn’t correspond to the category you specified earlier!

3.One or More errors occurred

This error was a blast… One or more errors occurred…! That’s a pretty useful error 😊?

Afbeelding met tekst

Automatisch gegenereerde beschrijving

Luckily when you don’t know where to begin, you could always copy and paste the ADMX and ADML files to the policydefinitions folder which I also pointed out in the Memoirs of an ADMX blog

Build your own ADMX templates and deploy them into Intune (

When opening the group policy editor after making sure those files were copied, I ended up with a nice notification mentioning that a parsing error occurred when opening the ADML file

That’s just perfect! It just tells me where to start looking! Whoop Whoop! More time to spend on #beertune! As shown below, If you are altering an ADMX on your own, please make sure you close (/) the stuff you put in!

A quick note to add: Also beware of capitals as it also could give you some weird errors…

Afbeelding met tekst

Automatisch gegenereerde beschrijving

4. Sequence contains no elements

Next!!! The sequence contains no elements error as shown below is an easy one!

Afbeelding met tekst

Automatisch gegenereerde beschrijving

Someone asked me to take a look at the AdobeReaderDC.ADMX and ADML file after he got the sequence error

If you have listened to Mike Danoski and his wonderful talk about the Import function during the Policy management with Microsoft Intune talk you can solve it pretty easy

Because the ADMX needs to comply with the conditions and needs to comply with the predefined structure. When looking at the ADMX itself, I immediately had the feeling that “something” was off. So I decided to look for the reader DC ADMX myself.

Comparing the one I downloaded from adobe and the one he send me, it isn’t hard to notice the differences between them

After uploading the version I got, it instantly worked!. I guess the bottom line with this error is that when you are experiencing this error when uploading an ADMX, try to find another one…

5. ADMX file referenced not found

This ADMX upload error below could look familiar ???

Afbeelding met tekst

Automatisch gegenereerde beschrijving

Yes, it does! As I already wrote a dedicated blog about this upload error. So if you are looking to resolve this error, please visit this dedicated blog to that error instead

ADMX Upload Error: Missing Microsoft.Policies.Windows ADMX (

6. 0x20101 / 131329

Even when you succeed in uploading your friendly ADMX and ADML file to Intune, we need to beware of some issues that could occur when defining the corresponding device configuration profile

As shown above, we could run into the error mentioning the fact that the administrative template file failed to be sent to the device with the corresponding error codes: 131329 and 0x20101

Before uploading the ADMX, please make sure you check it first! For example, let’s take a look at the WindowsStore.admx file with a PowerShell tool and by opening the ADMX with notepad.

As shown above, this ADMX file contains some prohibited registry keys and can’t be used! You can look up which registry keys are valid and which ones are not in this Microsoft Document

Win32 and Desktop Bridge app ADMX policy Ingestion – Windows Client Management | Microsoft Learn

So even when the ADMX looks like it uploaded correctly, it will fail you in the end!!.

In my opinion, it’s pretty weird that the ADMX itself is NOT being blocked during the upload but how am I to judge?

Luckily we will always have the event log to notice these kinds of errors. As shown below after the device reached out to Intune to fetch the latest policies, we will spot the event 850, mentioning the Blocked Registry Key!

7. The method or operation is not implemented

Another almost forgotten issue that I needed to add to the list of ADMX Import errors. This nice error below, mentioning the method or operation is not implemented could be noticed when you are importing the Citrix Receiver ADMX File.

It’s a good thing Microsoft put some nice documentation together in which they do mention this issue… unfortunately without the specific error message… but who cares?… Uhhh I do…

Import custom and third party partner ADMX templates in Microsoft Intune | Microsoft Learn

If you open the ADMX file, guess what the Citrix ADMX file contains?

Luckily the great Adam Gross already noticed this issue and decided to remove those combo boxes! So go download those new and improved Citrix ADMX files from his github

Toolbox/Intune/ADMXIngestion at master · AdamGrossTX/Toolbox · GitHub

8. The Administrative Template file failed to be sent to the device

I was asked to take a look at this reg file below to determine why converting this reg file to an ADMX was causing some weird errors

After uploading this custom ADMX file to Intune and creating a device configuration profile to configure the Citrix DisableLanguageBar settings, you could end up with a nice 0x20101 error mentioning the fact that the Administrative template failed to be sent to the device

This was definitely an error that was hard to solve…. at first. Luckily we always will have the devicemanagement-enterprise-diagnostics-provider event log. When manually syncing the device, within a minute these error messages were shown.

As shown above, this error is telling us that the equivalent area name from categories should be limited to 255 characters (Max registry key length). When receiving the above error, you will also notice another error popping up mentioning that the data area passed to a system call is too small.

When taking a closer look at those error messages and the reg file I showed, you can take a wild guess what could be causing the import failure.

For each registry key in the reg file, it needed to create a separate “category” with a unique GUID. Adding all of those categories together in one string was definitely causing the errors. First, I tried solving these errors by changing the reg to ADMX tool itself.

As shown above, I changed the (sTemp)-4) part to (sTemp)-10) to limit the last amount of characters in the category GUID

This change solved the 255 chars error but “the data area passed to a system call is too small” error message was still shown. Most of the time it’s the simplest idea that pops up in your head that will solve the issue.

As shown below, I removed the additional (not needed) registry keys in the reg file and converted the reg file to a new ADMX file again.

Guess what it solved! the device configuration profile containing the registry settings was now applied successfully!

9. Object Reference not set to an instance of an object

Another I need to add to the list of ADMX import errors we could receive when importing a third-party ADMX. As shown below we could end up with the error: Object Reference not set to an instance of an object

Luckily it’s very easy to solve this question… and I do like easy solutions! Just remove the ADMX upload attempt and upload the ADMX again!


Having the possibility to add your own ADMX to Intune is great! Hopefully, Microsoft will provide us with some troubleshooting documentation .. Ow wait…. “stay tuned”

Afbeelding met tekst

Automatisch gegenereerde beschrijving

13 thoughts on “The school for ADMX import and Evil

  1. Useful info here! Thanks for mentioning he Citrix receiver.ADMX link from Adam Gross. It saved us a lot of time!

  2. Rudy, I’ve the issue you’ve described in #9. I am trying to upload the ADMX of our VPN Client. Simply reuploading does not work, any idea?
    Link to the vendors ADMX in their article:

  3. Yep I’ve got issue #9 too with a custom Adobe admx file. Tried deleting and uploading a few times but always the same error.
    File was from here: –

    It was created a while ago this ADMX but is the only custom Adobe Reader one I could find that has the extra elements I wanted to control. Adobe only provide a basic one with a few elements to control.
    The reason for using is that I wanted to make use of the new Intune Microsoft Store App deployment to deploy Adobe Reader, which although nice and simple means you lose out creating your own custom Adobe Reader install using their customization wizard and transform file. But this method creates a 1.14GB intunewin file. so liked the idea of using the new MS store method. But now I need to make the customization post install with ADMX policy.

    1. You could also create your own admx with only the gpo settings you want?
      Of course it depends on the registry keys that you want to configure if those are restricted but… its worth a try?

  4. For #9, references (e.g. ref=”123″) are case-sensitive. Once I corrected that, my import was successful.

  5. “The method or operation is not supported ” Received this with the HP Universal Print Driver GPO template. “HP Print Administrator Resource Kit”. The .admx does not have the word Combo in it, so I don’t think it’s a combobox issue.

  6. Hi,

    Any idea what to do when we can import the ADMx template with sucess, but getting an error during the profile deployment

    Error Code Code 131329 | 0x20101 (The administrative template file failed to be sent to the device)

    Looking into Event viewer I found an Access is denied error:
    event id 404 devicemanagement-enterprise-diagnostics-provider(Admin)

    MDM ConfigurationManager: Command failure status. Configuration Source ID: (96BB8D4F-FAF0-4484-810D-AFD3EAA984B8), Enrollment Name: (MDMDeviceWithAAD), Provider Name: (Policy), Command Type: (Add: from Replace or Add), CSP URI: (./Device/Vendor/MSFT/Policy/ConfigOperations/ADMXInstall/SecGuide8f979486-a1d1-4549-8d5f-cc573c397337/Policy/SecGuide8f979486-a1d1-4549-8d5f-cc573c397337), Result: (Access is denied.)

    Setting: LSA Protection (\MS Security Guide)
    Template: SecGuide.ADMX

    1. Mmm that access denied is the error you could get when targetting the policies that arent allowed as mentioned here

  7. Hey, i am trying to configure powershell core with the admx from the latest windows 10 policy defintions in intune. Upload went good, but if i want to configure anything, i get the mentioned error code 131329 “The administrative template file failed to be sent to the device.”. After reading this, i am now unsure how to solve this issue and get this admx working. It also affects other admx files aswell, so i guess i need a fix for this. Can anyone help me with this? Google isnt helpful at all imo

    “MDM-PolicyManager – ADMX Ingestion: Blocked Registry Key: (SOFTWARE\Policies\Microsoft\PowerShellCore) in tag (policy)” is shown in the event log

    1. the “policies” key is indeed a blocked registry key (as I also am describing somewhere in the same blog) so settng that policy with an admx isnt allowed for now

Leave a Reply

Your email address will not be published. Required fields are marked *

48  +    =  53