Intune Custom Compliance Policy - Struggling

Occasional Reader

Any assistance or guidance on this is greatly appreciated.

 

 For over a week I struggled with a custom compliance policy that will do the following.

-  Search for a specific installed software and version and produce the following results:

- Application is not installed - Compliance Status set to "Not Applicable"

- Application is installed but is not the desired version. - Compliance status set to "Not Compliant"

- Application is installed, meets the version requirements - Compliance status set to "Compliant"

- Multiple versions of application exist, one of which meet the requirements.  Compliance status set to "Not Compliant"

If I run the discovery script on a local device and output the findings it is 100% successful, every time.   However, when applying the policy in Intune not every works correctly.    

Here are both the JSNO file and discovery script.
-------JSON------

{
    "Rules": [
        {
            "SettingName""ComplianceStatus",
            "Operator""IsEquals",
            "DataType""String",
            "Operand""Compliant",
            "MoreInfoUrl""https://example.com/compliance-info",
            "RemediationStrings": [
                {
                    "Language""en_US",
                    "Title""Software Compliance Check",
                    "Description""The required software version is installed and compliant."
                }
            ]
        },
        {
            "SettingName""ComplianceStatus",
            "Operator""IsEquals",
            "DataType""String",
            "Operand""NonCompliant",
            "MoreInfoUrl""https://example.com/compliance-info",
            "RemediationStrings": [
                {
                    "Language""en_US",
                    "Title""Software Compliance Check",
                    "Description""The required software version is not installed or is outdated. Please install or update to the required version."
                }
            ]
        },
        {
            "SettingName""ComplianceStatus",
            "Operator""IsEquals",
            "DataType""String",
            "Operand""NotApplicable",
            "MoreInfoUrl""https://example.com/compliance-info",
            "RemediationStrings": [
                {
                    "Language""en_US",
                    "Title""Software Compliance Check",
                    "Description""The software is not applicable for this device."
                }
            ]
        }
    ]
}
 
 
------- Discovery Script _-------
$softwareName = "Autodesk Single Sign On Component"
$requiredVersion = [version]"13.7.7.1807"

# Get the installed software information
$installedSoftware = Get-CimInstance -ClassName Win32_Product | Where-Object { $_.Name -eq $softwareName }

# Initialize the result hash
$result = @{
    SoftwareInstalled = $false
    SoftwareVersion = "0.0.0.0"
    ComplianceStatus = "NotApplicable"
}

# Process each instance if any are found
if ($installedSoftware) {
    $result.SoftwareInstalled = $true
    $isCompliant = $false
    $multipleCopies = ($installedSoftware.Count -gt 1)

    foreach ($software in $installedSoftware) {
        $installedVersion = [version]$software.Version
        $result.SoftwareVersion = $installedVersion.ToString()

        if ($installedVersion -ge $requiredVersion) {
            $isCompliant = $true
        }
    }

    # Determine overall compliance status
    if ($multipleCopies) {
        $result.ComplianceStatus = "NonCompliant"
    } else {
        $result.ComplianceStatus = $isCompliant ? "Compliant" : "NonCompliant"
    }
}

# Return the result as JSON
$result | ConvertTo-Json -Compress

 

0 Replies