Hello All,

a bit of an open discussion to see if anyone has a good process for using Endpoint Manager when provisioning a new client device (either clean Windows build or just newly enrolled with EM)

I guess I’m looking to have a “one-click” method to install ​​​​​​extra applications (e.g. 7-Zip, Adobe Reader, etc…) once the device has been enrolled.

At the moment, this is the process:

• Enroll the Device and apply the Profile.
• Run a custom Procedure Script to "Debloater" Windows and remove most OEM pre-installed applications through Powershell.
• Use EM "Windows Application Store" to search all the Extra Applications and then deploy to the new machine.
• Run another custom Procedure Script to download and install non-listed applications.

On Step 3, it is time consuming to have to manually search and then select the applications for each new device. If there would be a way to group the selection to deploy without searching each time?

I imagine I could write a procedure to combine steps 3 & 4 - however, I can not see any reference how to script installing from the EM Application Store directly?

I started using Endpoint Manager in the last month, I have search the Help Topics, Forum and Script Catalog to no avail.

Any feedback would be cool. Cheers

Use powershell for the entire thing unless you know python well enough or want to rummage through enough scripts in their portal to piece one together.
I already use powershell to download and deploy software for your backup systems and it’s fairly simple as far as scripting goes.

Basically use ‘start-bitstransfer’ to download the files.
Then use start-process to run the install and pass your arguments to it.
Only thing that might be a pain would be to keep updating it if the download links change on you.

Or you could deploy chocolatey to the endpoint and pass choco commands to download your apps and update them.
MS I think is developing their own package manager called winget but not sure what the progress is on that.

Create a ‘Staging’ group in RMM and assign the profile to it that has your procedures for new systems and enroll those systems into staging. When they are finished, moved them out to their normal group.

A starting point would be for Itarian profiles to at least push software from the Windows Store to endpoints when applied

Hi

I tried to have several procedures run as onboarding and placed these in order in a generic profile, but was always a bit hit and miss if they would actually all work as intended.

It seemed logical to have each little procedure/script separate and just pick and choose the ones needed for customers systems and let the profile take care of everything but it never worked out very well for me, needing to manually rerun afterwards was a waste of time.

They skipped or did not wait for the prior one to complete, like installing chocolatey, it needs a explorer/shell restart before you can issue commands to install software.

So I went back and just created one procedure, used the + add existing procedures to build up with the several separate PowerShell setups I wanted, mostly put together from bits and pieces found online and in prior usages, just modified to do a general SOE type run up, once happy then cloned that “master procedure” and added customer specific needs and then added that procedure as a first run on customer profile setup.

It was not too bad to setup and easy to change as required for most on-boarding I required.
Most if not all the PowerShell’s are still available for me in my procedures should I need to manually run or schedule as needed.

For example, the most recent procedure I have done is over 500 lines with about 9 lots of scripts that run one at a time until done.
It could be trimmed down and condensed, but this way it is easy to test and make customer adjustments.
(I could not get the download & install script to work, but could get download to folder, then next to cmd install on the file and it runs fine)

Setup System, add local admin user, set power, add it folder, set num lock on, set network to private and so forth.

Install chocolatley

Restart explorer/shell - so can use choco install

Install Software via chocolatley, chrome/adobe/zoom/veeam and what ever else needed per site

Download Synology Backup Agent - Custom msi with server ip and credentials from sharepoint site

Install the custom msi

Setup wifi connection with ssid/password and autoconnect

Check Updates

Restart System

Generic procedure may just have the first 4 run, some don’t need wifi or any special msi setups.
This is mostly for standalone workstations, no group policy, not domain joined and depending on customer what 365 plan they are on, not intune managed and so forth.

I’m more than happy to share what I have if anyone want to take a look, as mentioned in another post a community script page or wiki would be real handy for us to be able post and share.
Not sure if a forum page would be of any use as I believe it needs a structure like our current script page, a add in section ?? may/would need a mod to keep it in order and ensure members only can upload/download perhaps as well? - Mind you we should be able to pull from the script page direct into the portal not download and import.

mcfproservices