Microsoft Endpoint Manager Configuration Manager (MEMCM / SCCM) and Microsoft Intune use Detection Rules to determine the presence of Applications & Win32 Apps. The detection rules ensure that application installations only begin to run if the application is not already installed on the device. This article will serve as an informative guide and give you a clear understanding of how to create an updated custom detection script for each new version of Microsoft Global Secure Access Client using PowerShell.
How to Create a Custom Detection Script for Microsoft Global Secure Access Client
Microsoft Global Secure Access Client (File Detection Method)
- Install the version of Microsoft Global Secure Access Client you want to deploy on a test box or VM
- Check out the following posts for further details
- Open Windows PowerShell ISE by Right-Clicking on Windows PowerShell ISE and selecting Run as Administrator
- Copy the following code into the Windows PowerShell ISE
## Check for Microsoft Global Secure Access Client (File Detection Method)
$GSAClientExe = (Get-ChildItem -Path "C:\Program Files\Global Secure Access Client\GlobalSecureAccessClient.exe" -ErrorAction SilentlyContinue)
$GSAClientExe.FullName
$GSAClientPath = $($GSAClientExe.FullName).Replace("C:\Program Files\","")
$FileVersion = (Get-Item -Path "$($GSAClientExe.FullName)" -ErrorAction SilentlyContinue).VersionInfo.FileVersion
## Create Text File with Microsoft Global Secure Access Client File Detection Method
$FilePath = "C:\Windows\Temp\Global_Secure_Access_Client_Detection_Method.txt"
New-Item -Path "$FilePath" -Force
Set-Content -Path "$FilePath" -Value "If([String](Get-Item -Path `"`$Env:ProgramFiles\$GSAClientPath`" -ErrorAction SilentlyContinue).VersionInfo.FileVersion -ge `"$FileVersion`"){"
Add-Content -Path "$FilePath" -Value "Write-Host `"Installed`""
Add-Content -Path "$FilePath" -Value "Exit 0"
Add-Content -Path "$FilePath" -Value "}"
Add-Content -Path "$FilePath" -Value "else {"
Add-Content -Path "$FilePath" -Value "Exit 1"
Add-Content -Path "$FilePath" -Value "}"
Invoke-Item $FilePath
- Click Run Script (F5)
- A text file will open with the Microsoft Global Secure Access Client Detection Method script required to detect the current version of Microsoft Global Secure Access Client that is installed on the device you are running the script from.
Example:
If([String](Get-Item -Path "$Env:ProgramFiles\Global Secure Access Client\GlobalSecureAccessClient.exe" -ErrorAction SilentlyContinue).VersionInfo.FileVersion -ge "1.6.51.0"){
Write-Host "Installed"
Exit 0
}
else {
Exit 1
}
- Copy the Microsoft Global Secure Access Client Detection Method script content into the Custom Detection Rules (Script)
- Microsoft Endpoint Manager Configuration Manager (MEMCM / SCCM)
- Microsoft Intune
Microsoft Global Secure Access Client (Registry Detection Method)
- Install the version of Microsoft Global Secure Access Client you want to deploy on a test box or VM
- Check out the following posts for further details
- Open Windows PowerShell ISE by Right-Clicking on Windows PowerShell ISE and selecting Run as Administrator
- Copy the following code into the Windows PowerShell ISE
## Check for Microsoft Global Secure Access Client (Registry Detection Method)
$GSAClient = Get-ChildItem -Path "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall" | Get-ItemProperty | Where-Object {$_.DisplayName -match 'Global Secure Access Client' } | Select-Object -Property DisplayName, DisplayVersion, PSChildName
$GSAClient.DisplayVersion
$GSAClient.PSChildName
## Create Text File with Microsoft Global Secure Access Client Registry Detection Method
$FilePath = "C:\Windows\Temp\Global_Secure_Access_Client_Detection_Method.txt"
New-Item -Path "$FilePath" -Force
Set-Content -Path "$FilePath" -Value "If([Version](Get-ItemPropertyValue -Path 'HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\$($GSAClient.PSChildName)' -Name DisplayVersion -ea SilentlyContinue) -ge '$($GSAClient.DisplayVersion)') {"
Add-Content -Path "$FilePath" -Value "Write-Host `"Installed`""
Add-Content -Path "$FilePath" -Value "Exit 0"
Add-Content -Path "$FilePath" -Value "}"
Add-Content -Path "$FilePath" -Value "else {"
Add-Content -Path "$FilePath" -Value "Exit 1"
Add-Content -Path "$FilePath" -Value "}"
Invoke-Item $FilePath
- Click Run Script (F5)
- A text file will open with the Microsoft Global Secure Access Client Detection Method script required to detect the current version of Microsoft Global Secure Access Client that is installed on the device you are running the script from.
Example:
If([Version](Get-ItemPropertyValue -Path 'HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{b63c7799-cfe2-443c-83c1-794239530fd2}' -Name DisplayVersion -ea SilentlyContinue) -ge '1.6.51') {
Write-Host "Installed"
Exit 0
}
else {
Exit 1
}
- Copy the Microsoft Global Secure Access Client Detection Method script content into the Custom Detection Rules (Script)
- Microsoft Endpoint Manager Configuration Manager (MEMCM / SCCM)
- Microsoft Intune
Always make sure to test everything in a development environment prior to implementing anything into production. The information in this article is provided “As Is” without warranty of any kind.