Share via

Windows app (Win32) - Detection rules

andreas bright 581 Reputation points
2020-12-07T06:39:38.657+00:00

Hi,

Whats is the recommended way to detect an application ?

Say for example I publish adobe reader, and I have a detection rule for checking if the file C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe exists

I know that this will trigger if the file exists, but what happens when there is a new version out and I want to update the application ? If I republish the app with the same rule, it will never apply, right ?

Do you recommend to trigger on a registry key instead ?

Comments.

/R
Andy

Microsoft Security | Intune | Application management
0 comments
Accepted answer
  1. ESWARARAJU KONETI 2,206 Reputation points MVP Volunteer Moderator
    2020-12-07T08:11:54.98+00:00

    Say for example I publish adobe reader, and I have a detection rule for checking if the file C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe exist--->If you go with this setting, if the file exist, the application detection rule is passed hence no need to install the application.
    It it not recommended to go with simple file detection rule as such like this. Either go with product ID or file version (greater than or equal to) or something that could help you to install latest version.
    It all depends on how you identify/tell you have new application to be installed on the devices. is that by product ID or file version etc.

    Regards,
    Eswar
    www.eskonr.com
    If the response is helpful, please click "Accept Answer" and upvote it.

    1 person found this answer helpful.
    0 comments

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Crystal-MSFT 53,991 Reputation points Microsoft External Staff
    2020-12-07T08:50:34.86+00:00

    @andreas bright , Agree with Eswar, For the file, if it is also the same for the new version, the update will not installed.

    For Win32 app, there are other detection rule type like registry or MSI. For example, we can check what is the registry key for the version of adobe reader. And configure the detection method as version comparison, operator as "greater than or equal to" and then insert the value you want. We can see more detail in the following link:
    https://learn.microsoft.com/en-us/mem/intune/apps/apps-win32-add#step-4-detection-rules

    Hope it can help.

    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.
    0 comments
  2. Jason Sandys 31,411 Reputation points Microsoft Employee Moderator
    2020-12-07T16:32:22.023+00:00

    I strongly prefer MSI or registry detection (based on the app's ARP info). File based rules have lots of variability and file versions aren't always the same as product versions.

    1 person found this answer helpful.
    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.