Open chibs89 opened 3 years ago
Also would like this feature
Update-IntuneWin32AppPackageFile function is merely supposed to replace the .intunewin file. I don't currently have any plans for Set-IntuneWin32AppDetectionRule cmdlets, but I'll consider it for the future. What's the specific use case for this?
In my case I check for a regkey after the installation, which is named after the package. And if there are any changes to the installscript and not the software itself it gets a new scriptversion number and the regkey would have a new name. If you understand what I mean.
Ah yeah I think I get what you mean. Basically what you're looking for is something like Set-IntuneWin32AppDetectionRuleRegistry, where you'd be able to change an existing registry rule used as the detection method. That sounds interesting, let me add it to the list for 1.4.0 and take a look at how much effort it would be to implement.
Ah yeah I think I get what you mean. Basically what you're looking for is something like Set-IntuneWin32AppDetectionRuleRegistry, where you'd be able to change an existing registry rule used as the detection method. That sounds interesting, let me add it to the list for 1.4.0 and take a look at how much effort it would be to implement.
Or update Set-IntuneWin32App Add this settings: -InstallExperience -RestartBehavior -DetectionRule -RequirementRule -Icon That it is the same as Add-IntuneWin32App
I want to give this a +1.
Today, I used Update-IntuneWin32AppPackageFile for the first time. Thanks for that command!
Afterwards, I used Set-IntuneWin32App to update the properties, like name, description, version.
But what I can't change (at least I don't know how) is the detection rule.
When I update the source EXE file, I need to update the version check from the Detection Rule.
For example, this is how I created the initial rule:
$DetectionRule = New-IntuneWin32AppDetectionRuleFile -Path "C:\Program Files (x86)\Citrix\ICA Client\Receiver" -FileOrFolder "Receiver.exe" -Version -Operator "greaterThanOrEqual" -VersionValue "23.9"
And after every new exe I need to change this:
For example, this should be 23.11 after I use Update-IntuneWin32AppPackageFile
Thanks for considering this change. This should be an addition to Set-IntuneWin32App I guess.
Sorry I suspect I am not doing well something
Now I have the app with both "DetectionRules" and "rules" properties:
Get-IntuneWin32App -DisplayName "xxx"
....
detectionRules : {@{@odata.type=#microsoft.graph.win32LobAppPowerShellScriptDetection; ...
...
rules : {@{@odata.type=#microsoft.graph.win32LobAppPowerShellScriptRule; ruleType=detection; ...
And the app is not able to be removed using the GUI, but yes with remove-intuneWin32App It was like a temporary fail , now, with such cahnge, all is working as expected
SOLVED
I'm currently using:
$dr = New-IntuneWin32AppDetectionRuleScript -ScriptFile "$(pwd)\app\Detect.ps1"
$dr."@odata.type" = "#microsoft.graph.win32LobAppPowerShellScriptRule"
$dr."ruleType" = "detection"
Set-IntuneWin32App -ID $id -DetectionRule $dr
with Set-IntuneWin32App modified to:
.PARAMETER DetectionRule
Provide an array of a single or multiple OrderedDictionary objects as detection rules that will be used for the Win32 application.
....
[parameter(Mandatory = $false, HelpMessage = "Provide an array of a single or multiple OrderedDictionary objects as detection rules that will be used for the Win32 application.")]
[ValidateNotNullOrEmpty()]
[System.Collections.Specialized.OrderedDictionary[]]$DetectionRule
....
if ($PSBoundParameters["DetectionRule"]) {
#$Win32AppBody.Add("DetectionRules", $DetectionRule)
$Win32AppBody.Add("rules", $DetectionRule)
}
I don't understand why it is not necessary when I use Add-IntuneWin32App
HISTORY OF THE ISSUE I need to update detection rule script, and I tried to copy DetectionRule code from Add-IntuneWin32Package to Set-IntuneWin32Package, basically copying detectionRule parameter code:
[parameter(Mandatory = $false, HelpMessage = "Provide an array of a single or multiple OrderedDictionary
objects as detection rules that will be used for the Win32 application.")]
[ValidateNotNullOrEmpty()]
[System.Collections.Specialized.OrderedDictionary[]]$DetectionRule
....
if ($PSBoundParameters["DetectionRule"]) {
$Win32AppBody.Add("DetectionRule", $DetectionRule)
}
But It didn't works. No script seems to be uploaded to Intune. What am I missing?
UPDATE 1 I tried to debug the issue, but not error is returned by the server
From https://github.com/MSEndpointMgr/IntuneWin32App/issues/131, i see that it should be:
$Win32AppBody.Add("DetectionRules", $DetectionRule)
but if fails with:
WARNING: An error occurred while update Win32 app object. Error message: ModelValidationFailure: The property
'DetectionRules' does not exist on type 'microsoft.management.services.api.win32LobApp'. Make sure to only use property
names that are defined by the type.
By other side, I see a small typo in the code check:
if (($DetectionRule.'@odata.type' -contains "#microsoft.graph.win32LobAppPowerShellScriptDetection") -and (@($DetectionRules).'@odata.type'.Count -gt 1)) {
Should be
if (($DetectionRule.'@odata.type' -contains "#microsoft.graph.win32LobAppPowerShellScriptDetection") -and (@($DetectionRule).'@odata.type'.Count -gt 1)) {
UPDATE 2 I tried too changing from "DetectionRules" to "rules" and changing
"@odata.type" = "#microsoft.graph.win32LobAppPowerShellScriptDetection"
to
"@odata.type" = "#microsoft.graph.win32LobAppPowerShellScriptRule"
"ruleType" = "detection"
But it did not work too. I am lost with this issue, and I cannot spend more time. I will wait until the next release.
Thank you!
I see https://learn.microsoft.com/en-us/graph/api/resources/intune-apps-win32lobapp?view=graph-rest-beta have both attributes ("DetectionRules" and "rules")
But https://learn.microsoft.com/it-it/graph/api/intune-apps-win32lobapp-create?view=graph-rest-1.0&tabs=http only have "rules" attribute
Do you know why this change and how we can fix it? maybe I'm mixing v1 with beta API version
UPDATE 1
I see ms graph api duplicate the detectionrules properties to rules properties. Later you can update rules but not detectionRules.
+1 on this.
I'm rolling my own Win32 package for Zoom rather than using Line-of-Business. I'm automating the validation and downloading of new versions when they are available and currently would have to remove and then add the package. Having the ability to update the detection rule with the new app version would be a huge, huge help for me.
EDIT: I found a way to do it with the Graph API itself, using the Microsoft.Graph.Devices.CorporateManagement module. Example below for my Zoom package.
Install-Module Microsoft.Graph.Devices.CorporateManagement
Import-Module Microsoft.Graph.Devices.CorporateManagement
$params = @{
'@odata.type' = "#microsoft.graph.win32LobApp"
rules = @(
@{
"@odata.type" = "microsoft.graph.win32LobAppRegistryRule"
ruleType = "detection"
check32BitOn64System = $false
keyPath = "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CEDE24AC-2B05-4B73-9604-93E8EF2398E9}"
valueName = "DisplayVersion"
operationType = "string"
operator = "equal"
comparisonValue = "$LatestVersionAsString"
}
)
}
Update-MgDeviceAppManagementMobileApp -MobileAppId "APPIDGOESHERE" -BodyParameter $params
Hi, would it be possible to extend the function, so that you can change the detection rule within the update process, or is it planed that there is an extra update function for this?