• Welcome to Support Forum: Get Support for Patch My PC Products and Services.
 
Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - Liviu (Patch My PC)

#1
Hello BH_btan,

If you deploy the ConfigMgr App as Required, then there is no need to also deploy the updates.
As you noticed, the ConfigMgr App will be installed as soon as it's updated in place.

You have 2 options.
Option 1

Stop deploying the ConfigMgr App as Required, and deploy it as Available instead. End users can go to the Software Center and install the software if they need it.
The Update will patch the software on devices that have it installed.

Option 2
Configure the PMPC Publisher Console to create a new ConfigMgr App when a new version is available, instead of updating the app in place.
This option is discussed in this KB article.
With that option configured, the PMPC Publisher will package a new app entirely, and it will be up to you when to deploy it - you'll have to manually do it when you're ready.
#2
Hi Dave,

From our testing, the behaviour only impacts the MSI, but we withheld the EXE version too, given the vendor confirmed issues with the current version, just to be safe.
#3
Hello dave.west,

Google released a new update last week for version 131.0.6778.109.

Unfortunately with this release the installer for the Google Chrome MSI no longer functions properly. A bug has been created for Google here: https://issuetracker.google.com/issues/382108340.

Due to this issue, Patch My PC is holding the update and not releasing the latest Chrome update for both the MSI, but also the EXE, just to be safe.

Unfortunately, because Google uses a static download link, holding the update will cause a hash mismatch. This error is expected at this time, and will remain until Google updates their installer and Patch My PC updates our catalog with a fixed version of Chrome.

Google confirmed they are working on a fix, and are expecting the fix to be released tomorrow, December 10th.
We are monitoring their releases, as we always do, and as soon as they fix this issue in their next release, we'll update our catalogue
#4
Hello steadybird,

I apologize for not replying, I somehow missed your message.

QuoteDid it behave as I suspected in that each instance would have its own separate set of applications published to Intune?
You can only publish an app from the PMPC Catalog to Intune once. Whichever PMPC console publishes it first takes priority. If another console tries to publish the same app, it will detect that the app is already published and won't create a duplicate.

However, if the second console is set up to manage assignments (like user or device groups), those assignments will still be applied. There won't be conflicts, but it's a good idea to use the same right-click settings in both consoles to avoid issues. (if applicable, Modify Command Line, Manage conflicting processes, any custom scripts, etc)

For clarity:

Console1 handles Dynamic Assignments - sync runs daily - publishes updates that meet your CVE criteria.
Console2 handles Manage Assignments - sync runs monthly - publishes updates that weren't published by Console1. Sets assignments according to your "Manage assignments" right-click setting.
Both consoles should otherwise have the same settings when it comes to other right-click options.
#5
Hello both,

Apologies for the delayed reply on this.

The best option would be to let ConfigMgr handle this. Configure "Computer Restarts" policies within your Client Settings.
Microsoft well documents this, please read this article.

#6
Hello Iraklis,

Regarding question 1:
CustomerCreated assignments are the ones you or a colleague manually created in Intune for a PMPC Publisher app. When a new version was packaged, these manual assignments were automatically copied to the new version, along with the ones set by the PMPC Publisher.
If you don't want the manually set assignments to be copied over, please uncheck the setting documented in this KB article.

Regarding question 2:
What files are updated by the installer of a newer version fully depends on the vendor.
It's likely that Microsoft only updates some files to ship bug fixes or improvements. The Teams.exe might remain the same.
#7
If a firewall rule is needed to allow the program to function, then yes.
#8
Hello TJ,

We don't support custom scripting.
If you write your own script to create any configuration you need, such as a firewall rule, you can specify it as a post-installation script within the PMPC Publisher Console.
We cannot do this by default, as some customers might not want the firewall rule to be created.
Please use this right-click option to do that.

With that configuration, your custom post-install script will run after the installation of IntelliJ is complete.
#9
Hi Steadybird,

I have given this some more thought.

You could use two PMPC Publisher consoles. I ran a test in my lab to make sure this works fine.

On VM1:
  • Select some Intune Updates.
  • Use dynamic assignments to deploy any updates that have a CVE and run the sync daily.
  • Any updates that don't have a CVE will still be published.

On VM2:
  • Select the same Intune Updates as on VM1. If you customize the software using right-click options, customize them exactly the same to avoid conflicts.
  • Configure the sync to run monthly.
  • Configure the 'Manage assignments' right-click template.
  • When the sync runs, if the Intune Updates are already published in Intune, they will just be assigned according to the 'Manage assignments' template.

I have tested this just now, it works fine.
The only note I have is to configure the 'Intune Updates' with the same right-click options on both VMs.
#10
Hey Steadybird,

That's quite a pickle.  ;D

This is the best option I can think of:

Configure Dynamic Assignments only.
Run the sync daily.
If the criteria for dynamic assignments are met (the update has CVE), it's assigned.
If it's not met, publish the update to Intune without any assignments (keep the 'Manage assignments') option empty.
Then, once a month, manually deploy the PMPC updates that don't have any assignments.
You would have to go to Intune Apps --> Options --> and uncheck these 2 options:
  • Copy the assignments from previously created applications when an updated application is created
  • Delete the assignments from previously created applications when an updated application is created
It's important to do that, as when new updates without CVEs are published, you don't want the assignments to be automatically copied by the PMPC Publisher.
https://patchmypc.com/intune-application-creation-options

I would also make sure I retain a few older versions in this setting:

  • Delete any previously created updates when a new update is published

I would retain 4 or 5 at least.
When you manually deploy the software at the beginning of the month, and you are doing a daily sync, if you configure the setting to NOT retain older versions, your manually assigned one will be deleted.

This is not pretty by any means, but it will do the job.

QuoteThis second instance set to automatically sync daily.

Is this possible? How would the two instances interplay with each other? Would they recognise Intune apps published by each other?

Is it even possible to have dual instances even on separate machines?

It is possible to have two instance of the PMPC Publisher, but that will not resolve the issue, as the updates will still be published to the same Intune tenant.
The resolution I mentioned above should be the best option I can think of, given your requirements.

#11
The more applications you add to your ESP, the longer it will take for them to install during the enrollment of the device.
That can make the process slower.

There is no need to add 'Intune Updates' to the ESP as a blocking app. 'Intune Updates' will only be installed if an older version is found.
As the device will be completely new, no older version will be installed at that time anyway.
Adding 'Intune Updates' to the ESP will unnecessarily slow the enrollment down.
#12
If the option was unchecked after the software was packaged in Intune, you will have to delete it from Intune and package it again from the PMPC Publisher.

For any devices that are stuck in that state, deleting the registry documented in the article below should resolve the issue:
https://patchmypc.com/manage-conflicting-processes-when-updating-third-party-applications#UpdateInProgress
#13
Ah, ok.

This issue is caused due to the "Prevent the end-user from opening an application while the application is updating" being enabled in Manage Conflicting Processes



To give you more details.
To prevent the end user from opening the software during the upgrade, we use the Image File Execution Feature.
Before the install, a registry key is set to block the end user from starting the software.
That registry key will be deleted after the installation is successfully completed.
If something goes wrong in between, the process will not get to the end, and the registry key will not be removed.

You will have to remove a registry key from that device to resolve the issue.
You can find more info here

I would recommend unchecking that setting in your "Manage conflicting processes" setting.
Please note that this will only take effect when a future version of the software is packaged.
If you decide to update your configuration and would like the change to apply with the already published version(s), please delete the win32 apps from Intune and package them again using our product.
#14
Hello Sean,

I have not seen any issues in support related to Edge.

What is the issue you are seeing?
Does the install fail on devices? Or does it break functionality on some devices?
If the installation fails, I would recommend opening a support case, as we will need logs to investigate the issue
#15
hi mguenth83,

I'm sorry, I don't understand the question. Can you please provide more details?