Programmatically replacing .intunewin package in existing win32 LOB App

[tjgruber]

This is becoming an extremely urgent issue and requirement and I feel deserves a new, open issue (the related one is closed), referencing my comments HERE.

Has this gotten anywhere yet?

When there is a hundred .intunewin apps in the Company Portal, installed on thousands of devices, there NEEDS to be a programmatic way of simply replacing the .intunewin package of existing apps, so that these apps automatically update for all users who have them installed.

I have managed to design a process to automatically build and release a NEW LOB application to Intune using some of the script mentioned directly below here, when there is an update to the application, but this will not update existing apps. I cannot figure out how to manipulate the script to do what I need. Again, I was able to programmatically create a new LoB app in Intune, assign it, etc, but I ran into issues when trying to ONLY replace the .intunewin package. I am not familiar enough with how it works on the back end to get it working as needed.

Referenced script: https://github.com/microsoftgraph/powershell-intune-samples/blob/master/LOB_Application/Win32_Application_Add.ps1

Looking at my earlier comments, I got close, but the App Version never incremented and the LoB app did not use the new .intunewin package... it continued to use the old one.

[tjgruber]

It seems like it's maybe possible via the Intune PowerShell SDK using the beta schema, however, there seems to be a lot of steps involved and I am not sure what the required flow is supposed to be.

When an .intunewin file is replaced in the web GUI, what happens behinds the scene? What is the work flow?

I have the NEW .intunewin file that I want to add to the existing LoB app in Intune.

There seems to be a ton of supporting steps that need to happen in order to do this. I've found these cmdlets:

Get-IntuneMobileAppContentVersion Get-IntuneMobileAppContentVersionFile Invoke-IntuneMobileAppContentVersionFileCommit Invoke-IntuneMobileAppContentVersionRenewUpload New-IntuneMobileAppContentVersion New-IntuneMobileAppContentVersionFile Update-IntuneMobileAppContentVersion Update-IntuneMobileAppContentVersionFile

But it also looks like you need to provide more information such as encrypted file info, etc.

Is there a flow chart somewhere that I can follow for exactly how to update an existing LoB app with a new .intunewin file?

[tjgruber]

Is this workflow correct? If I follow this below, will it replace the intunewin file of an existing Intune Win32 LOB App the proper way, as if it was done through the web GUI?

Also, can someone explain step number 4? What exactly needs to happen if I already have an intunewin file. Is it taking it apart and re-encrypting it so that it can get the info it needs for the file manifest in the next step?

1. Get the newly created .intunewin file (from build server or wherever it's stored, locally, wherever).
2. Get existing app in intune.
3. Create a new content version for the existing app.
4. Encrypt the file? Not already encrypted? Get encryption info?
5. Upload the file manifest to Intune.
6. Wait for Azure Storage to get ready.
7. Upload the file to Azure Storage.
8. Commit file.
9. Wait for Azure Storage to aknowledge the commit.
10. Tell Intune that this file is now the latest version of the app.

Once I can confirm the correct work flow, I can use the existing functions to build my custom script using the API URIs my own way. I cannot find any documention detailing the correct workflow for this, so this is just based off of my findings in the previously mentioned script and the Intune PowerShell SDK.

[moeller-at-hoelscher]

I struggle with the exact same thing? @tjgruber any luck with the above? Any progress you could share here?