search

MSEndpointMgr / IntuneWin32App

Provides a set of functions to manage all aspects of Win32 apps in Microsoft Intune.
MIT License
343 stars 88 forks source link

Getting a wildly unpredictable results with Add-IntuneWin32App #180

Open mrmichaelrusso opened 1 month ago

mrmichaelrusso commented 1 month ago

Environment I'm using is powershell 5, windows 11, I have a global admin account, have successfully configured and connected a custom App Registration to run "Connect-MSIntuneGraph -ClientID $clientID -TenantID $tenantID -ClientSecret $clientSecretValue"

Normally, I would just run the Add-IntuneWin32App, but to demonstrate a point I have written the following Do/Until loop.

    $Win32AppParams = @{
        FilePath = "$IntuneWinFilePath"
        DisplayName = "$ITADisplayName"
        Description = "$ITADescription"
        Publisher = "$ITAPublisher"
        AppVersion = "$ITAVersion"
        InstallExperience = "$installtype"
        RestartBehavior = "suppress"
        DetectionRule = $ITADetectionRule
        RequirementRule = $ITARequirementRule
        ReturnCode = $ITAReturnCode1
        InstallCommandLine = "$InstallCommandLine"
        UninstallCommandLine = "$UninstallCommandLine"
        Icon = $Icon
        Verbose = $false
    } 

     Do {
        $ExistingApps = Get-IntuneWin32App -DisplayName $ITADisplayName
        foreach ($ExistingApp in $ExistingApps) {
            $ExistingAppDN = $ExistingApp.DisplayName
            If ($ExistingApp.UploadState -eq 0) {
                Write-Host "Upload state of ID $($ExistingApp.id) is failed.  Removing app..."
                Remove-IntuneWin32App -ID $ExistingApp.id
            } else {
                Write-Host "Deprecating existing app..."
                Set-IntuneWin32App -ID $ExistingApp.id -DisplayName "Deprecated - $ExistingAppDN"
                Remove-IntuneWin32AppAssignment -ID $ExistingApp.id
            }
        }
        Write-Host "Attempting to register new app ""$ITADisplayName""..."
        $Win32App = Add-IntuneWin32App @Win32AppParams
    } Until ($Win32App)
    Write-Host "Success!"

My Do/Until Loop is attempting to upload an intunewin file with all its parameters. If my result fails, $Win32App variable is empty, so the loop restarts... BUT an app does get created, but indicates a failure to upload (screenshot#1 attached).

Here's where it gets really odd for me:

Repeated attempts to add the app in Intune result in different error messages during the upload-chunk-to-azure-blob bit (see screenshot #2), but EVENTUALLY succeed (which would reinforce my assertion that I have the correct connections/api/permissions setup in Azure). See screenshot #3.

Can anyone point me in the right direction to troubleshoot this a bit further? I've got a fairly straightforward DNS, and naturally the process appears to target different endpoints in the Azure storage blob cluster, but this shouldn't really account for fail/successes at different times if my code and permissions are consistent??

Screenshot1 (Intune error indicating an app exists, but upload failed):

screenshot1

Screenshot2 (multiple failures, different errors): screenshot2

Screenshot3 (success): screenshot3