Automated Application Management for Microsoft Endpoint Manager

Simplify third-party application management

Knowledge Base ArticlesRequest Trial

Application Creation Options Explained for Configuration Manager

In this article, we will cover all of the ConfigMgr Application Creation Options that are available within the publisher. These are options that apply specifically to the applications created in Configuration Manager. Below is a screenshot of this section as of the writing of this article.

Topics covered in this article include:

Option 1: Allow applications to be installed from the Install Application task sequence action

When this option is checked every application created by the Publisher will have the equivalent checkbox displayed below checked in Configuration Manager.

If you intend to use the applications as part of any Task Sequences, you will want to check this option.

Option 2: Allow clients to use distribution points from the site’s default boundary group

When this option is checked every application deployment type created by the Publisher will have the equivalent checkbox displayed below checked in Configuration Manager.

Whether you select this option is a company-specific decision based on your network layout and bandwidth considerations. See this Microsoft docs link for more information around the content options for applications.

Option 3: Code-sign the PowerShell detection method script using the WSUS Signing Certificate.

When this option is checked every application created by the Publisher will have a code-signed PowerShell detection script. Because there is already a code-signing certificate in place for Third Party Patching, and all clients trust it, we are able to leverage this to sign the detection scripts generated by the Publisher. Generally, code signing is used to ensure the integrity of the script being run. For more information regarding code signing see this link and this link which discusses the how and why in further detail.

When you do sign the detection scripts, you’ll see a large block of text at the end of the script as shown below.

Option 4: Do not include the version in the application name, so the application name doesn’t change after updates.

When this option is checked newly created applications will no longer have the version number as part of the application name. There are some use cases that benefit from this, such as MDT UDI, UI++, or anything that is keying specifically off the application name.

Below you can see the result of having this box unchecked. The name of the application will be different every time a new one is published, reflecting the current version.

And the below shows the result of having this box checked, which removes the versioning. This results in a consistent name between application versions.

If you wish to control this on a per-application basis you can reference this article. It will show some of the additional options regarding application naming that are available within the right-click context menu.

Option 5: Move applications to the following folder in the applications node of the console.

When this option is checked every application created by the Publisher will be moved to the specified folder in the Applications node in the console. In the screenshot below we can see the ‘Applications\Patch My PC’ folder is in use.

This can be useful to keep applications that are being automatically created, and/or updated in one location.

Option 6: When a new version of an application is released, delay the in-place application upgrade by…

When this option is checked all applications managed by the Publisher will have their creation delayed by the specified number of days. The delayed date is based on the date the new application version was synchronized by the Publisher.

For example, if Google Chrome was synchronized on February 3rd, and this setting was configured for a 3 day delay, you would expect to see the application be updated in Configuration Manager during a publisher synchronization on February 6th.

This feature will result in a log line similar to the below.

The updating of the SCCM Application… is delayed due to settings

Note: This option is only available when you’ve selected the ‘Update existing application…‘ option as described in this KB article. Without this set, the option is grayed out and disabled.

 Option 7: When a New Application Update is Available:

 The options here are detailed in the following KB Article.