Winget FW make software deployment easy

Introduction

My colleague and I developed a new tool that leverages the PowerShell App Deployment Toolkit (PSADT) and Winget, Microsoft's package manager for Windows. Our goal was to simplify software deployment via Intune, making the process more accessible, efficient, and reusable. By utilizing Winget’s robust capabilities, this tool streamlines software deployment, making it easier to manage directly through Intune.

PSADT-WingetFW: Make it easy to install applications from Winget (github.com)

Key Features

1. Integration with PSADT and Winget: The tool combines the strengths of the PowerShell App Deployment Toolkit (PSADT) with Winget, Microsoft's package manager for Windows. This allows for flexible, script-based software deployment alongside Winget’s robust package management.

2. Seamless Intune compatibility: Designed specifically to work with Microsoft Intune, the tool simplifies software deployment within the Intune environment. IT admins can easily automate and manage installations and updates across devices.

3. Simplified user experience: The interface is designed for ease of use, making it accessible to both experienced IT professionals and those newer to software deployment. It abstracts away much of the complexity of Winget and PSADT, allowing users to focus on deployment, not the underlying code.

4. Enhanced scalability: Whether deploying software to a small number of devices or an entire enterprise, the tool scales easily, ensuring that deployment processes remain efficient regardless of the scope.

5. Latest software version: As this tool is using Winget to install the software its always the newest that Intune install and you no longer was to repacked for a newer version.

Use Cases

Here is some examples on how it can be used:

Example 1

  
    Deploy-Application.exe -DeploymentType "Install" -WingetID "Postman.Postman"
  

Example 2

  
    ServiceUI.exe -process:explorer.exe Deploy-Application.exe -DeploymentType "Install" -WingetID "Neovim.Neovim" -WingetScope '--Scope machine'
  

Detections

The detections methods I use can be found here:
Detection

Update control

It is possible to tell Winget to install a specific version but it wasn't worked well for me as vendors sometimes remove older versions. Another thing that is important to think about is how you will do updates of the software as Winget will by default install the latest version so the clients will have different versions installed.

A solution to this could be to use something like this:

Weatherlights/Winget-AutoUpdate-Intune: WAUaaS daily updates apps as system and notify users. WAUaaS brings you WAU in a service like pattern that can be deployed and configured by Microsoft Intune (or other MDM solutions). (github.com)

In the future I will write more about these autoupdate and how I would use them and how nicely you can get it working with WDAC.