If a device is delivered new by Dell, the drivers are usually up-to-date. After a year, or if the device is reinstalled, drivers are quickly missing or no longer up to date. This can open security gaps or cause problems for the end user. In order to avoid this situation, I use Intune to distribute the "Dell Command Update" program, which I then use to regularly check and update / install the Dell drivers via Proactive Remediations.
Table of Contents
- Create filters for Dell devices
- Dell Command Update
- Create Proactive Remediations package
- Proactive Remediation Report
Create filters for Dell devices
Before we start the distribution, let's create a filter for Dell devices.
You do this under: Tenant Administration > Filters
We give the filter a meaningful name and select "Windows 10 and later" as the platform.
As a filter rule, we only use the manufacturer "Dell".
To check the filter, you can click on the preview of the filter.
(device.manufacturer -eq "Dell Inc.")
After clicking on "next" and "create" the creation of the filter is already complete. We will need this again later to install the "Dell Command Update" only on Dell devices.
Dell Command Update
In order to start the check via Proactive Remediations, the "Dell Command Update" program must first be installed. I have provided you with the finished Win32 package on GitHub.
The package includes the EXE with version 4.6.0.
Install Dell Command Update via Intune
For distribution with Intune you navigated to «Apps > Windows», choose «+Add» and «Windows app (Win32)».
Then upload the "install.intunewin" file.
In the "App information" you fill in the name, the description and the publisher.
I have also made a logo available to you on GitHub.
In the next steps you will add the installation parameters as listed below and set the requirements.
|Install command||%SystemRoot%\sysnative\WindowsPowerShell\v1.0\powershell.exe -executionpolicy bypass -command .\install.ps1|
|Uninstall command||%SystemRoot%\sysnative\WindowsPowerShell\v1.0\powershell.exe -executionpolicy bypass -command .\uninstall.ps1|
For the detection rule, you add a manual one with the following parameters:
File, Sting (version):
- C:\Program Files (x86)\Dell\CommandUpdate\
You can skip the "Dependencies" and "Supersedence" step.
In the assignment you now assign a target group. This can also include all devices. However, so that only Dell devices receive the program, we also apply the filter created in the first part of this blog.
Create Proactive Remediations package
With the installation of the "Dell Command Update" we have fulfilled the requirements and can create the Proactive Remediations package.
As usual, I saved the scripts on GitHub for you:
If you do not have a Windows Enterprise or Education license, you cannot use this function.
I'll show you an alternative here: "Proactive Remediation for Business" | scloud
First you need to create a new PR package:
Reports > Endpoint analytics > Proactive remediations + Create script package
You give this a name.
Then you upload the detection and remediation script.
Drivers and firmware updates are installed in my template, if you only want drivers, you can simply enter the "Drivers" in the 4th line of the two scripts.
In the assignment, you select a group and also define the interval for checking this.
I chose to do this every 14 days. If the device is not running at this time, the script will be executed at the next start.
In addition, we apply the filter for the Dell devices here as well.
That's it, now the drivers of your Dell devices are regularly updated via Endpoint Manager / Intune.
Proactive Remediation Report
When executing detection and remediation, the outputs are sent to the Microsoft Endpoint Manager and can be viewed there.
To do this, the additional columns must be displayed in the view. You can do this in the corresponding PR package via the "Columns" button.
If you then click on the corresponding "Review" links, the required drivers will be displayed, for example: