Create Dynamic Application Packages with PowerShell

Published On: March 31, 2021Last Updated: January 5, 2024By 15.1 min readViews: 68

TOC

Dynamic? In what way?

When I say the packages are dynamic, I mean that you don’t have to update the application package when a new version is released by the vendor.

There are caveats to both methods that we walk through below, there are also other community and paid for tools to do similar things.

However, the reason I wrote this post and started focusing on packaging applications in this was to avoid having support tickets when a new version is released, I also wanted to use this with ConfigMGR and Intune without the requirement of additional modules.

Show me the way!

Well lets show you a couple ways to do this, Web (HTML) Scraping and using the GitHub API.

Web Scraping

In my opinion, this is the most flawed method, as this replies on the website layout and/or table structure to stay the same as when you write your script. However, it is still an option and it works really well.

To be able to get the data from the tables in PowerShell we are going to need to use `Invoke-WebRequest`, Normally this would be super easy to use as it parses the HTML data for you. However, as this script will run as system in Intune you will need to launch it with `-UseBasicParsing` which complicates things a little more.

For this example we will use the Microsoft Remote Desktop Client, Are you ready? Lets begin. (You can achieve this using API Calls, However, this is a good example of table structure for Web Scraping)

Detection

Download Link

Download & Install

Uninstall

Finished Script

Your Content Goes That wraps up the Web Scraping method, I hope this proves useful when trying to make your apps more dynamic.

GitHub API

Using API calls is a better way to do dynamic updates. Some vendors host their content on GitHub as this provides build pipelines, wikis, projects and a whole host of other things. This is the method that is least likely to change, and if it does it will be documented using the GitHub API Docs.

For this example we are going to look at using Git for Windows, we will be using their GitHub Repo to query the version and also get the download.

Note

GitHub has a rate limit for the API calls, unautenticated calls has a rate limit of 60, GitHub authenticated accounts has a limit of 5000 and GitHub Enterprise accounts has a limit of 15000 calls.

Each time the script is launched it used1 call, so in terms of a detection and installation you will need a 2 api calls.

You will need to take this into account if you plan to package multiple applications in this way, you could use multiple accounts and randomise the PAC Key from an array, however this is something that should be highlighted.

Git Detection

Git Download Link

Git Download & Install

Git Uninstall

Git Finished Script

Application Deployment

Info

Please see Creating Intune Win32 Apps for creating an Intune Win32 App Package.

Lets look at how we deploy these applications from ConfigMG (MEMCM) and Intune.

Intune

ConfigMGR

During the installation and the uninstallation of the apps, there is a transcript of the session that is by default stored in `C:WindowsLogsSoftware`. This will help in troubleshooting the install should you have any issues.

Other Blogs and Tools

Evergreen – Arron Parker

I came across this when putting a tweet out to see if this post was worth while, Well worth a read.

GitHub – aaronparker/Evergreen: Create evergeen Windows image build scripts with the latest version and download links for applications

GaryTown Blog Post Using Ninite Apps – Gary Blok

Ninite, is an awesome tool and Gary used this along with ConfigMGR to deploy applications with no content.

ConfigMgr Lab – Adding Ninite Apps – GARYTOWN ConfigMgr Blog

PatchMy PC – A leader in the 3rd Party Patching world

Now, this is not a community tool and it is licensed, however if you want to have this manage some of your Third Party apps with ConfigMGR, Intune or WSUS I would highly recommend them. This will save you a ton of time and help you on your way to having a fully patched estate.

Patch My PC: Simplify Third-Party Patching in Microsoft SCCM and Intune

Create Dynamic Application Packages with PowerShell

Published On: March 31, 2021Last Updated: January 5, 2024By 15.1 min readViews: 68

TOC

Dynamic? In what way?

When I say the packages are dynamic, I mean that you don’t have to update the application package when a new version is released by the vendor.

There are caveats to both methods that we walk through below, there are also other community and paid for tools to do similar things.

However, the reason I wrote this post and started focusing on packaging applications in this was to avoid having support tickets when a new version is released, I also wanted to use this with ConfigMGR and Intune without the requirement of additional modules.

Show me the way!

Well lets show you a couple ways to do this, Web (HTML) Scraping and using the GitHub API.

Web Scraping

In my opinion, this is the most flawed method, as this replies on the website layout and/or table structure to stay the same as when you write your script. However, it is still an option and it works really well.

To be able to get the data from the tables in PowerShell we are going to need to use `Invoke-WebRequest`, Normally this would be super easy to use as it parses the HTML data for you. However, as this script will run as system in Intune you will need to launch it with `-UseBasicParsing` which complicates things a little more.

For this example we will use the Microsoft Remote Desktop Client, Are you ready? Lets begin. (You can achieve this using API Calls, However, this is a good example of table structure for Web Scraping)

Detection

Download Link

Download & Install

Uninstall

Finished Script

Your Content Goes That wraps up the Web Scraping method, I hope this proves useful when trying to make your apps more dynamic.

GitHub API

Using API calls is a better way to do dynamic updates. Some vendors host their content on GitHub as this provides build pipelines, wikis, projects and a whole host of other things. This is the method that is least likely to change, and if it does it will be documented using the GitHub API Docs.

For this example we are going to look at using Git for Windows, we will be using their GitHub Repo to query the version and also get the download.

Note

GitHub has a rate limit for the API calls, unautenticated calls has a rate limit of 60, GitHub authenticated accounts has a limit of 5000 and GitHub Enterprise accounts has a limit of 15000 calls.

Each time the script is launched it used1 call, so in terms of a detection and installation you will need a 2 api calls.

You will need to take this into account if you plan to package multiple applications in this way, you could use multiple accounts and randomise the PAC Key from an array, however this is something that should be highlighted.

Git Detection

Git Download Link

Git Download & Install

Git Uninstall

Git Finished Script

Application Deployment

Info

Please see Creating Intune Win32 Apps for creating an Intune Win32 App Package.

Lets look at how we deploy these applications from ConfigMG (MEMCM) and Intune.

Intune

ConfigMGR

During the installation and the uninstallation of the apps, there is a transcript of the session that is by default stored in `C:WindowsLogsSoftware`. This will help in troubleshooting the install should you have any issues.

Other Blogs and Tools

Evergreen – Arron Parker

I came across this when putting a tweet out to see if this post was worth while, Well worth a read.

GitHub – aaronparker/Evergreen: Create evergeen Windows image build scripts with the latest version and download links for applications

GaryTown Blog Post Using Ninite Apps – Gary Blok

Ninite, is an awesome tool and Gary used this along with ConfigMGR to deploy applications with no content.

ConfigMgr Lab – Adding Ninite Apps – GARYTOWN ConfigMgr Blog

PatchMy PC – A leader in the 3rd Party Patching world

Now, this is not a community tool and it is licensed, however if you want to have this manage some of your Third Party apps with ConfigMGR, Intune or WSUS I would highly recommend them. This will save you a ton of time and help you on your way to having a fully patched estate.

Patch My PC: Simplify Third-Party Patching in Microsoft SCCM and Intune