On this short post I want you how to create detection scripts for Win32application.
I’m writing that post, because for my previous post about Juniper Secure Connect has information about detection and I suggested to use MSI GUID without checking application version.
But there is a better idea for detection rules.
Scripts!
I love PowerShell language.
So we can create simple script for detection Juniper Secure Connect and I will give you some information – how those scripts should looks like and works.
Exit codes?!
First and the most important information for you is how to properly end script if detection was done properly (for example, requirements from registry was found). Just… write something on the console. For example:
Write-host "Application was detected, continuing...
Exit 0
Nothing more.
If you want to inform Intune that detection wasn’t finished successfully – for example, registry keys are not exist… Do something like on below code: Just exit code, without any output information.
Exit 0
There are also another additional consideration what you can check:
Write-host "Application wasn't detected"
Exit 1
Or…
Exit 23
For the last three codes – the process of installation of application will be not continued, because detection wasn’t performed properly.
And to be clear – if you want to proceed with installation, you should use:
Write-host "Application was detected, continuing...
Exit 0
Live example for Juniper Secure Connect.
So if we want to check registry value for required version we can use that script:
$versionKey = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE373804-E6A1-4CF6-AFA7-6D76F403C1DF}"
$value = "DisplayVersion"
$requiredVersion = "22.4.12.20.48591"
try
{
$installedVersion = Get-ItemPropertyValue -Path $versionKey -Name $value
}
catch
{
write-host "Value or path is not exist"
exit 1
}
if ($installedVersion -ge $requiredVersion)
{
write-host "Application is installed in proper version"
exit 0
}
else
{
write-host "Installed version is lower that required"
exit 1
}
On this code, script is checking what version of application is installed. If is installed in proper version, is throwing write-host and exit 0.
If is not installed – throwing write-host and exit 1.
And if is installed on lower version that required – throwing write-host and exit 1.
And….?
It’s everything. Now you know how to work with detection rules for Win32apps 🙂