Merged policies fail to apply to Intune managed devices

[Runda24328]

Hello,
I found an issue where merged policies do not apply to endpoints managed by MS Intune. I use the new App Control for Business (Preview) feature to push .xml rules.
This is what I see in the Windows Event Log in DeviceManagement-Enterprise-Diagnostics-Provider > Admin:
"MDM ConfigurationManager: Command failure status. Configuration Source ID: (DA52A31C-6E2F-4ADF-921E-284C917F8080), Enrollment Name: (MDMDeviceWithAAD), Provider Name: (ApplicationControl), Command Type: (SetValue: from Replace), CSP URI: (./Vendor/MSFT/ApplicationControl/Policies/784c4414-79f4-4c32-a6a5-f0fb42a51d0d/Policy), Result: (Your organization used Device Guard to block this app. Contact your support person for more info.)."

Everything seems fine once I process the merged .xml rule file again with no changes (use Edit policy, make no changes and creating a new version)

Steps to reproduce:

1. Merge 2 .xml policies
2. Create or edit existing App Control for Business config profile and ingest the new .xml
3. Look into Event log Application and Services Logs > Microsoft > Windows > DeviceManagement-Enterprise-Diagnostics-Provider > Admin and search for "ApplicationControl" keyword.

[nmidlane]

Confirmed we have this issue also, except we are not using the new preview feature in Intune to apply
policies but still using OMA-URI. Merged policies just don't apply properly and allow everything to run. The baseline works, abut as soon as you merge the policy with some additional requirements the policy doesn't work. We are having to manually merge policies currently. Not sure if related to the other defect mentioned where the merged policy have extra numbers added to the end.