We’re all familiar with the smooth User Experience when replacing our phone with a newer and better model. In this post I’m going to show you how you can do the same automatically providing your users with the same User Experience independent of device or broker solution.
In this example we’re going to leverage Intune, but the script could be customized for Non-Persistent solutions using FSLogix Rules linked to AD Groups.
To be able to have the applications follow the users we need Software Azure AD groups. I’m using the awesome PowerShell Intune Samples from Microsoft. The script will first find all Win32Apps that doesn’t start with Update* in the name or apps that was created by PatchMyPC. Then it will check if the Azure AD group already exists, because unlike Active Directory, Azure AD group names doesn’t need to be unique.
Finally the script will added the Azure AD group to the proper Win32App as Required Assignment. Now we’re all set to move to our 2nd challenge, how do we add users with those applications installed automatically to the proper Azure AD group?
Unfortunately Intune doesn’t provide any type of software inventory. There are various solutions in the community to query and upload logs, or exporting Uninstall registry keys and upload to Azure blob for processing. Collection Intune logs from 8000 devices however could be a rather expensive operation. Then I remembered my own blog post Windows 365 – Automate Third-Party Patching for Intune.
The update package have a requirement rule checking the applications executable for a version number lower than the version of the update package. It doesn’t matter if the application was installed manually, SCCM, Intune, PDQ Deploy you name it. Intune will natively provide the information needed. So the next script will find all Update* packages, Device Installed status, remove all existing users from the proper Azure AD group and adding them again (if not it will throw errors).
So combining this with Windows 365 – How To Build An Excellent and Secure User Experience you have a killer User Experience. It doesn’t matter if the Cloud PC gets reprovisioned, the laptop get’s stolen and the users get a loaner. The applications will follow the user. You will find the first and the second script on my Github. Don’t be scared about the number of lines, most are the Microsoft functions.