SOLVED

Correct App detection rule File Path for User Folder

Copper Contributor

Hi Guys,

 

I have deployed a file to the user's folder, but I don't think I have the correct syntax for the "Current User", I have tried:

 

%username%

%userprofile%

 

But Intune doesn't like them as it is showing that it has failed even though it has deployed the file in the correct folder. Below is the detection rule file path. Does anyone know what the correct syntax for the current user is? Many thanks, Tung

 

Screenshot 2022-06-27 at 15.01.38.png

12 Replies
best response confirmed by TungNguyen1600 (Copper Contributor)
Solution

Detection rules run as SYSTEM, not as user even if you deploy it as a user package. You have to use something outside a Users folder to detect the installation, I usually create a file in c:\programdata\customername\...\installed.txt and check on that to see if the installation succeeded

@Harm_Veenstra Ahh makes sense. No wonder I couldn’t find much documentation on it. Do you have any doc that states the detection rule is on the system level? And thanks for the tip too!

It doesn't really mention it on https://docs.microsoft.com/en-us/mem/intune/apps/apps-win32-add#step-4-detection-rules , but it's just the way it works I'm afraid (Many people ask for user level detection rules).

Please mark my answer as solution to mark it as solved.

Ok thanks so much for your response and help!

Hi@TungNguyen1600 ,

I have exactly the same VPN client to deploy in Intune but none of my scripts/win32app worked.

 

Would you mind sharing your settings please?

 

Thanks

 

Giuliano

@Harm_Veenstra 

 

I was playing around with a win32app that got installed in the USER context ... ANd just adding a %username% in the detection rule... first it indeed tries to find it as system

Rudy_Ooms_MVP_1-1667195206964.png

Of course that would just fail

Rudy_Ooms_MVP_2-1667195292864.png

 

But it seems it also tries to find it as user if the system detection fails... and by the looks of it ... it succeeds

 

Rudy_Ooms_MVP_0-1667195197826.png

 

 

 

Ok.. What? Is this something new?! I'm sure I tested this multiple times in the past and read that detection is done by system
I know.... everywhere I am reading the same explanation.... so I was flabergasted to see this message in the IME :)
Could you share how you configured the win32app

Install as user or system?
What did you configured as detection rule?

Hello @Rudy_Ooms_MVP ,

Thanks for your reply.

 

I finally made it work!

 

These are my settings:

GiulianoIT_2-1667250342528.png

 

GiulianoIT_0-1667250267823.png

And the script is:

GiulianoIT_1-1667250298863.png

As I needed to copy the whole folder.

 

Interesting is if I set the install behaviour as System context, Intune will create another "user" (in users folder) with the device's name.

 

Thanks a gain!

Giuliano

 

Hi, yep thats the behavior that is expected when looking at the ime flow and how it tries to install/detect the app.

As mentioned in the reply above , the use rname variable works when choosing the user context.

@TungNguyen1600 

I know this is an old thread but I thought I would pass along a custom script that I use for user based installs. This will check if a file exists inside the users profile. (update the file and path and save as a ps1 file):

 

# BEGIN: Custom Detection Script
$lastLoggedOnUser = (Get-WmiObject -Class Win32_ComputerSystem | Select-Object -ExpandProperty UserName).Split('\')[-1]
$filePath = "C:\Users\$lastLoggedOnUser\changeto\the\path\filename.exe"

if (Test-Path -Path $filePath) {
Write-Host "File exists on the last logged on user's profile directory."
exit 0 # Return success
} else {
Write-Host "File does not exist on the last logged on user's profile directory."
exit 1 # Return failure
}
# END: Custom Detection Script

1 best response

Accepted Solutions
best response confirmed by TungNguyen1600 (Copper Contributor)
Solution

Detection rules run as SYSTEM, not as user even if you deploy it as a user package. You have to use something outside a Users folder to detect the installation, I usually create a file in c:\programdata\customername\...\installed.txt and check on that to see if the installation succeeded

View solution in original post