Intune Update Scenario

Occasional Contributor

Hi Guys,

 

I havent found something that helps me with my question so I created a new thread for this.

 

When deploying a software package in intune you do this by using Active Directory groups. When deploying an update of a pre-existing app what is the best case szenario for it? I have already read, that it is recommended to edit the already pre-existing package and change the installation file. But what about having two ad groups? The first parent group is for managing all the end users (Example Group Name: Google Chrome). And then there is another child ad group which is the installation group of the current version (Google Chrome Version 1.2.3)? So if adding a new version, i just change the child group, so that i can keep all older versions in case of emergency Downgrades? Would that be a practicable way?

 

Thanks for your help!

5 Replies

To upgrade a LOB App in intune, just replace the msi with a newer version.

 

No need to make groups for different versions as Intune only supports upgrading, not downgrading.

 

The only reason to publish different versions would be for a pilot group or for users that require a spesific version.


- Jens Tore Fremmegaard -
https://modernworkplace.fremmegaard.no

@jenstf 

 

Hey thanks for your fast reply.

 

So in my case it isnt a MSI we use a Powershell-Wrapper, that is packed into a intunewin-file. With that way, downgrading should be still possible I guess?

 

So if I replace the MSI (or in my case the intunewin-file) intune will start a (re)installation on every client, even though it is already installed on that client with a different version? Or does intune still compares the detection rule if the app is already installed?

I belive you have to update your detection rule to something version spesific to trigger a new install as the detection rule is one of the first actions that's triggered during Win32 deployment.

You can try adetection rule with type File with detection method String(version)


- Jens Tore Fremmegaard -
https://modernworkplace.fremmegaard.no

@jenstf 

Okay thats also an interesting point; My Wrapper writes a Branding with the Softwareversion into the registry. Actually I only check, if the Branding exists, but due to your information I will compare the Version-Key.

 

What still dont me make happy is that intune doesnt removes the old version. If you have a MSI this will probably be no problem as it checks the Upgradecode. But if you have an EXE-File, then you could get trouble when the software doesnt detects, that theres already a preversion installed - which could end in having two different Versions on that client. Still trying to find a solution for that...

 

If I choose the way, to create an app for each version, then I could assign the uninstallation of the preversion to the current version. But is there a chance to create a installation order? So that first of all the uninstallation assignment will be executed and then after it the installation?

@sebamedo For a spesific installation order, trigger a script as the installation executable or as a custom detection rule to clean up the old version before triggering the new install.

- Jens Tore Fremmegaard -
https://modernworkplace.fremmegaard.no