Intune win32 app Create,Upload and deployment 1.0

 

#==================================================================================================================

#Dont change anything until new version of module released

# Install IntuneWin32App module from PowerShellGallery

# - Required modules:

# -- MSAL.PS (installed automatically)

$moduleName = "IntuneWin32App"

$moduleVersion = "1.4.3"  # Replace this with the version you want

$installedModule = Get-InstalledModule -Name $moduleName -ErrorAction SilentlyContinue

if (!$installedModule) {

    Write-Host "Installing $moduleName module..."

    Install-Module -Name $moduleName -RequiredVersion $moduleVersion -Force -Confirm:$false

    Write-Host "$moduleName module installed successfully."

} elseif ($installedModule.Version -lt $moduleVersion) {

    Write-Host "Updating $moduleName module to version $moduleVersion..."

    Update-Module -Name $moduleName -RequiredVersion $moduleVersion -Force

    Write-Host "$moduleName module updated successfully to version $moduleVersion."

} else {

    Write-Host "$moduleName module already installed and up-to-date."

}

Get-Command -Module "IntuneWin32App"

#==================================================================================================================

#.Intunewinfile will create Automatically if we give source location, Inatsll command and output folder

# Package MSI as .intunewin file

$SourceFolder = "C:\Temp\Notepad++ org\Notepad++\7.89\SourceFile"

$SetupFile = "Deploy-Application.exe"

$OutputFolder = "C:\Temp\Notepad++ org\Notepad++\7.89\IntuneFile"

$IntuneWinAppUtilPath = "C:\Temp\IntuneWinAppUtil.exe"

# Check if IntuneWinAppUtil.exe exists

if (Test-Path $IntuneWinAppUtilPath -PathType Leaf) {

    # Create the IntuneWin package

    & $IntuneWinAppUtilPath -c $SourceFolder -s $SetupFile -o $OutputFolder -q

    Write-Host "IntuneWin package created successfully."

} else {

    Write-Host "Error: IntuneWinAppUtil.exe not found at $IntuneWinAppUtilPath."

}

#New-IntuneWin32AppPackage -SourceFolder $SourceFolder -SetupFile $SetupFile -OutputFolder $OutputFolder -Verbose

#==================================================================================================================

#This function will get the App Information automatically from the folder

function Get-AppInfoFromFolder {

    param (

        [string]$IntuneFile

    )

    if ($IntuneFile -match '\\([^\\]+)\\([^\\]+)\\(\d+\.\d+)[\\]IntuneFile\\Deploy-Application\.intunewin') {

        $PublisherName = $matches[1]

         $appName = $matches[2]

        $appVersion = $matches[3]

        # Use the folder name as the application name

        return [PSCustomObject]@{

            PublisherName = $PublisherName

            ApplicationName = $appName

            Version = $appVersion

        }

    } else {

        return $null

    }

}

# Explore the module

Connect-MSIntuneGraph -TenantID "pavantechie.onmicrosoft.com" -Verbose

############################################################################

#$Category are as per my tennent Test Applications,Pavan test,Other Apps,Books & Reference,Data Management,Productivity,Business,Development & Design,Photos & Media,Collaboration & Social,Computer Management

####################################################

# Sample Win32 Application

####################################################

# Please create the folder name as below

# "\\networkshre\**\**\VendorName\ApplicationName\AppVersion\IntuneFile\Deploy-Application.intunewin"

$IntuneFile = Get-ChildItem -Path $OutputFolder -Filter "*.intunewin" | Select-Object -ExpandProperty FullName

#$IntuneFile = "C:\Temp\Notepad++ org\Notepad++\7.89\IntuneFile\Deploy-Application.intunewin"

$Category = "Development & Design"

$owner = "Pavan Kalyan"  #Change as per your requirement

$url = "https://notepad-plus-plus.org/downloads/"

$installcommandline = "Deploy-Application.exe"  #Change as per your Command Line

$uninstallcommandline = "Deploy-Application.exe -Deploymenttype Uninstall" #Change as per your Command Line

$ImageFile = "C:\Temp\Notepad++ org\Notepad++\7.89\Icon\Notepad_plus_plus.png"  ## Change as per your logo location

$DetectionScriptFile = "C:\Temp\Notepad++ org\Notepad++\7.89\DetectionRule\DetectionRule.ps1"  # Change your detection script location

$RequirementRule = New-IntuneWin32AppRequirementRule -Architecture x64 -MinimumSupportedWindowsRelease W10_20H2  # CHange as per your requirement

$GroupID = "682d3c05-0247-4ab4-be52-f523cfeb5f3e" #Please put ObjectID of the group

#####################################################################

$appInfo = Get-AppInfoFromFolder -IntuneFile $IntuneFile

$displayName = $($appInfo.ApplicationName)

$publisherName = $($appInfo.PublisherName)

$appversion = $($appInfo.Version)

$appname = "${publisherName}_${displayName}_${appversion}"

$Description = "Latest version of '$appname' is available and ready for deploy"

$Icon = New-IntuneWin32AppIcon -FilePath $ImageFile

# Create PowerShell script detection rule

$DetectionRule = New-IntuneWin32AppDetectionRuleScript -ScriptFile $DetectionScriptFile -EnforceSignatureCheck $false -RunAs32Bit $false

Add-IntuneWin32app -FilePath "$IntuneFile" -DisplayName "$appname" -Description "$Description" -Publisher "$publisherName" -AppVersion "$appversion" -Developer "$publisherName" -Owner "$owner" -Notes "Not Available" -InformationURL "$url" -PrivacyURL "$url" -InstallCommandLine "$installcommandline" -UninstallCommandLine "$uninstallcommandline" -InstallExperience "system" -RestartBehavior "suppress" -MaximumInstallationTimeInMinutes "60" -DetectionRule $DetectionRule -RequirementRule $RequirementRule -Icon $icon -CategoryName "$Category" -Verbose

# Get a specific Win32 app by it's display name

$Win32App = Get-IntuneWin32App -DisplayName "$appname" -Verbose

# Add an include assignment for a specific Azure AD group

Add-IntuneWin32AppAssignmentGroup -Include -ID $Win32App.id -GroupID "$GroupID" -Intent "available" -Notification "showAll" -Verbose

PowerShell script to Auto upgrade the applications through winget

 $apps = @(

    "7zip.7zip",

    "Notepad++.Notepad++",

    "Google.Chrome",

    "WiresharkFoundation.Wireshark",

    "VideoLAN.VLC",

    "PuTTY.PuTTY",

    "Microsoft.PowerToys",

    "Zoom.Zoom",

    "Apple.iTunes",

    "Autodesk.AutodeskAccess"

)

$logPath = "C:\Windows\Logs\Software\WingetList"  # Log files folder

$logFile = Join-Path $logPath "Updates.txt"    ## Upgrade required applications will be stored here

$str_LogFile = Join-Path $logPath "WInget_Install.log"  ##This is for Winget application Install

# Ensure the log directory exists

if (!(Test-Path $logPath)) {

    New-Item -Path $logPath -ItemType Directory

}

If (test-path $logFile){

Remove-Item $logFile -Force

}

    #Check Winget Install

    Write-Host "Checking if Winget is installed" -ForegroundColor Yellow

    $TestWinget = Get-AppxProvisionedPackage -Online | Where-Object {$_.DisplayName -eq "Microsoft.DesktopAppInstaller"}

    If ([Version]$TestWinGet. Version -gt "2022.506.16.0")

    {

        Write-Host "WinGet is Installed" -ForegroundColor Green

  #  Add-Content $str_LogFile "WinGet is Installed"

    }Else

        {

        #temp folder

        $InstallerFolder = $(Join-Path $env:ProgramData WIngetInstall)

        if (!(Test-Path $InstallerFolder))

        {

        New-Item -Path $InstallerFolder -ItemType Directory -Force -Confirm:$false

        }

        #Download WinGet MSIXBundle

        Add-Content $str_LogFile "Not installed. Downloading WinGet..."

        Write-Host "Not installed. Downloading WinGet..."

        $WinGetURL = "https://aka.ms/getwinget"

        (New-Object System.Net.WebClient).DownloadFile($WinGetURL, "$InstallerFolder\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe.msixbundle")

        #Install WinGet MSIXBundle

        Try     {

             Add-Content $str_LogFile "Installing MSIXBundle for App Installer..."

           

            Add-AppxProvisionedPackage -Online -PackagePath "$InstallerFolder\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe.msixbundle" -SkipLicense

            Write-Host "Installed MSIXBundle for App Installer" -ForegroundColor Green

              Add-Content $str_LogFile "Installed MSIXBundle for App Installer"

            }

        Catch {

            Write-Host "Failed to install MSIXBundle for App Installer..." -ForegroundColor Red

             Add-Content $str_LogFile "Failed to install MSIXBundle for App Installer..."

            }

   

        Start-Sleep -Seconds 30

       

        #Remove WinGet MSIXBundle

        Remove-Item -Path "$InstallerFolder\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe.msixbundle" -Force -ErrorAction Continue

        }

$ResolveWingetPath = Resolve-Path "C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_*_x64__8wekyb3d8bbwe"

if ($ResolveWingetPath) {

    $WingetPath = $ResolveWingetPath[-1].Path

    # Set location to the resolved Winget path

    Set-Location $WingetPath

    $appsToUpdate = @()

    foreach ($app in $apps) {

        $lines = .\winget.exe list --Id $app

        if ($lines -match '\bVersion\s+Available\b') {

            $appsToUpdate += $app

        }

    }

    if ($appsToUpdate.Count -gt 0) {

        # Log the apps with available updates to the file

        $appsToUpdate | Out-File -Append -FilePath $logFile

        Write-Host "Updates available for the following apps:"

        $appsToUpdate | ForEach-Object { Write-Host "- $_" }

        exit 1

    } else {

        Write-Host "No updates available for the specified apps."

        exit 0

    }

} else {

    Write-Error "Winget path not resolved. Ensure that the path is correct and the application is installed."

}

#########################################################################################################################################

Remediation Script :

#####################################################################################################################################

##Constants

$logPath = "C:\Windows\Logs\Software\WingetLogs"

$input = "C:\Windows\Logs\Software\WingetList\Updates.txt"  # App install list input file

$logFile = Join-Path $logPath "wingetLog_$(Get-Date -Format 'yyyyMMdd_HHmmss').log"

#####################################################################################################################################

$apps = get-content $input  #We are getting the apps from the Updates.txt file

foreach ($app in $apps) {

    # Check if the application is Notepad++ and kill its process if it's running

    if ($app -eq 'Notepad++.Notepad++') {

        $notepadProcesses = Get-Process -Name 'notepad++' -ErrorAction SilentlyContinue

        if ($notepadProcesses) {

            Write-Host "Killing Notepad++ processes..."

            Stop-Process -Name 'notepad++' -Force

        }

    }

    }

# Ensure the log directory exists

if (!(Test-Path $logPath)) {

    New-Item -Path $logPath -ItemType Directory

   

}

# Cleanup old log files (older than a week)

$oldLogs = Get-ChildItem -Path $logPath -File | Where-Object { $_.LastWriteTime -lt (Get-Date).AddDays(-7) }

foreach ($oldLog in $oldLogs) {

    Remove-Item $oldLog.FullName -Force

}

$ResolveWingetPath = Resolve-Path "C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_*_x64__8wekyb3d8bbwe"

if ($ResolveWingetPath) {

    $WingetPath = $ResolveWingetPath[-1].Path

    # Set location to the resolved Winget path

    Set-Location $WingetPath

    foreach ($app in $apps) {

        $lines = .\winget.exe list --Id $app

        if ($lines -match '\bVersion\s+Available\b') {

            $verInstalled, $verAvailable = (-split $lines[-1])[-3,-2]

            $upgradeCommand = ".\winget.exe upgrade --exact --id $app --silent --accept-package-agreements --accept-source-agreements --scope machine"

            $logEntry = [PSCustomObject]@{

                Time = Get-Date -Format 'yyyy-MM-dd HH:mm:ss'

                Name = $app

                InstalledVersion = [version]$verInstalled

                AvailableVersion = [version]$verAvailable

                UpgradeCommand = $upgradeCommand

            }

            # Log the version information to a file

            $logEntry | Out-File -Append -FilePath $logFile

            # Output log entry to console

            $logEntry | Format-Table -AutoSize

            # Run the upgrade command

            Invoke-Expression $upgradeCommand

        }

        elseif ($lines -match '\bVersion\b'){

         $verInstalled = (-split $lines[-1])[-2]

            $noUpgradeInfo = "Latest version of $app $verInstalled already installed on the machine."

            Write-Verbose -Verbose $noUpgradeInfo

            # Log the information about no available upgrade to a file

            $noUpgradeInfo | Out-File -Append -FilePath $logFile

        }

    }

    Write-Host "Log file created: $logFile"

} else {

    Write-Error "Winget path not resolved. Ensure that the path is correct and the application is installed."

}