Open chadleywilson opened 2 years ago
Related to #2434
I will add that the confirmation of administrator rights for each individual program from the installation / update package is hell for the administrator when using winget
1
Yeah please +1
A lot of powershell commands already support -Credential Please add this to winget, it will make software management much more scriptable.
Description of the new feature / enhancement
winget upgrade --all Most apps just upgrade and this is fantastic, they are per user apps. here is a list of apps that required elevation which we use.
Name Id Version Available Source
7-Zip 21.07 (x64) 7zip.7zip 21.07 22.01 winget Git Git.Git 2.37.0 2.37.2.2 winget Notepad++ (64-bit x64) Notepad++.Notepad++ 8.4.2 8.4.4 winget Windows Software Development Kit - Windows 10… Microsoft.WindowsSDK < 10.0.22000.832 10.0.22621.1 winget Google Chrome Google.Chrome 104.0.5112.81 104.0.5112.102 winget Microsoft Visual C++ 2015-2019 Redistributabl… Microsoft.VC++2015-2019Redist-x64 14.25.28508.3 14.29.30139.0 winget Teams Machine-Wide Installer Microsoft.Teams 1.4.0.22976 1.5.00.17656 winget Adobe Acrobat Reader DC Adobe.Acrobat.Reader.32-bit 22.001.20117 22.002.20191 winget Microsoft Visual Studio Code Microsoft.VisualStudioCode 1.69.2 1.70.1 winget
We can't use this very promising tool to automate the upgrades, as this is a show stopper on 2000 computers. In our environment any domain or service account with local admin access can't run WinGet. (not for the lack of hacking it out and trying) It simply refuses to run using a service account, we did manage to get it to work by physically logging on to a (at the keyboard) laptop with the service account, after that the service account has access to WinGet. But we cannot do this on 2000k computers spread across the UK. We don't have the man power or resources for this type of project.
Proposed technical implementation details
The way I see it, we need one of two routes here, or both. If we could supply credentials in a PowerShell script using get-credentials, which could then be passed on to the apps that need it, or if we could distribute the WinGet app to "all users" (machine context) using Intune that would work as well.
The downside I see in the all users route is we would need to maintain 2 scripts:
This means if we don't constantly monitor and compare we would end up missing apps
Also as WinGet is not already present on all computers better instructions on how we can get it installed possibly with an Intune offline installer to be used on all computers.