Forum Discussion
Intune, winget, PowerShell
Hello everyone,
I'm trying to use Intune to deploy a script that schedules a task to run winget silently to update most of our 3rd party applications automatically. I can get the script to deploy, but not run. I keep getting an error saying "winget not available for system", which I've verified it is. Any ideas? What am I doing wrong?
Thanks for your help,
6 Replies
Hi,
Thanks for responding. You are correct. I've installed Microsoft.DesktopAppInstaller and its dependencies in an .msixbundle as a windows universal line of business app and made available to all, but still no luck.
I could run as user, but that would create a UAC popup nightmare.
I've looked into a different method but I'm concerned it may create too much of a security liability. How risky is it to write the script to use SYSTEM to create a dedicated local admin account to run winget instead? Deny local logon, RDP logon, and network logon and allow batch logon for security. I haven't tested this approach yet.
Thanks
Hi, take a look here. I was able to debug and test it, and it works just fine. Just update the paths based on your requirements or preferences, then create a Platform Script in Intune configured to run in the "System Context" and select "Run script in 64-bit PowerShell - Yes" Host, "Enforce script signature check - No"
https://github.com/FlyOnCloud/ms-entra-intune-scripts/blob/main/Win_CustomTask_Winget.ps1
Good luck!
You are welcome.
i think you don't need to create a dedicated admin account to achieve your goals.
I will take a look this evening and get back to you with an answer.
Good look!
Hello!
Any luck on this? Is there an easier way that I'm missing to use Intune to perform these updates?
Thanks,
Hy,
i think winget is installed per user via the Microsoft Store (App Installer) and not for the SYSTEM account.
Have you tried running the script as the user instead of SYSTEM?
Consider packaging or deploying winget as an app to ensure it is available in the required context.Good luck!
