Patch My PC Feature and Application Request

A community where customers, consultants, MVPs, and the community can provide feedback to make a better product for everyone!

4 VOTE

Customize the detection script parameters

Our policy blocks the interactive powershell console, and this causes the detection scripts in Software Center to fail and thus users cannot install PatchMyPC base installs. Can you add a "right click" option to modify the argument, specifically we want to add the parameter: -F

  • Frank G
  • Oct 15 2019
  • NO GO :(
  • Attach files
  • Admin
    Cody Mathis commented
    1 May 01:58pm

    I have created a uservoice for this. Feel free to add some votes and share the idea out.

    https://configurationmanager.uservoice.com/forums/300492-ideas/suggestions/40317604-detection-method-scripts-should-run-with-file

  • Admin
    Justin Chalfant commented
    26 Oct, 2019 06:17pm

    Hey All,

    I was chatting with one of the developers on the ConfigMgr product group about this option. Today, there is no way for the detection method PowerShell script to be called with a -file from the appdiscovery thread of CCMEXEC. There's nothing we can do to control the way the detection method script execution since it's part of the SCCM client agent.

    With that said, they seemed pretty optimistic that it could potentially be added in the future. Please submit a UserVoice feature idea for SCCM here: https://configurationmanager.uservoice.com/forums/300492-ideas. Please be very descriptive about the behavior you need for the way the application detection method script should be executed with the -file. Once you have the URL, please post it here, and I will follow up with the PG to see if we can get more traction on it.

  • R P commented
    23 Oct, 2019 06:54pm

    (aka -File ) 

  • R P commented
    23 Oct, 2019 06:53pm

    If we could have the ability to get a -F in there somehow, that'd be enormously helpful. 

  • Admin
    Justin Chalfant commented
    22 Oct, 2019 12:28am

    I also just ran some debugging. SCCM calls the detection method script using something like this:

    "C:\WINDOWS\system32\WindowsPowerShell\v1.0\PowerShell.exe" -NoLogo -Noninteractive -NoProfile  -ExecutionPolicy Bypass "& 'C:\WINDOWS\CCM\SystemTemp\11a53fac-8144-438e-aa01-6d2378be848b.ps1'"

  • Admin
    Justin Chalfant commented
    22 Oct, 2019 12:08am

    Hey,

    Following up here. I just verified that we do launch any custom pre/post update scripts using -F. Please see the screenshot below. I will reach out to the ConfigMgr PG to see if they can provide any insights about the detection method script and how that gets executed.

    We are simply supplying the detection method script to the console. The execution of the PowerShell script is handled by the AppDiscovery component of the SMS Agent Host.

    I will update this post once I found out if there is any way to configure it to execute differently.

  • Admin
    Justin Chalfant commented
    17 Oct, 2019 09:24pm

    We will take a look. I'm not sure if we will have any control of how the SCCM client calls the PowerShell detection method scripts.

  • R P commented
    17 Oct, 2019 02:25pm

    The checkbox idea is also a good one specifically for the -F 

  • R P commented
    17 Oct, 2019 02:24pm

    This would be an enormous help being able to customize the arguments as restricting access to the powershell console is something a lot of high security environments need to do, and signing isn't always the easiest thing to implement to work around this otherwise. 

  • Admin
    Justin Chalfant commented
    15 Oct, 2019 10:10pm

    You are talking about the actual detection method script for the application and not custom pre/post update scripts?

  • Frank G commented
    15 Oct, 2019 05:29pm

    If we can get a "checkbox" to add the -F parameter to every script going forward, removing any manual need to "right click" on each install, that'd be great. Thank you Patch My PC Team! 

  • and 2 more