What's new
Forums on Intune, SCCM, and Windows 11

Welcome to the forums. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your topics and posts, as well as connect with other members through your own private inbox!

SOLVED How to use Powershell to edit CMConfigurationItem XML

  • Thread starter Thread starter brich4750
  • Start date Start date
  • Replies Replies 2
  • Views Views 2K
Status
Not open for further replies.
B

brich4750

Member
Messages
9
Solutions
1
Reaction score
0
Points
1
I have a Baseline that forces Google Chrome to Install Updates. And I wanted to Edit Configuration Item to change the Embedded Scripts that are the Check for Chrome Version and if not version "X" then remediates.
The Discovery Scripts check for Chrome Version, if Chrome not installed or above version defines then return True.
Remediation Script runs googleupdate.exe with proper switches.
Then i would need to edit 2 Descovery Scripts to update the Baseline so, I wrote this up to edit said Configuration Item.
Code: 
$oldVersion = "119.0.6045.160"
$newversion = "119.0.6045.160"
$CMPSSuppressFastNotUsedCheck = $true
$Chrome = Get-CMConfigurationItem -Name "Name of the Config Item"
$CMPSSuppressFastNotUsedCheck = $false
$ChromeXML = $Chrome.SDMPackageXML
$NewXML = $ChromeXML -Replace $OldVersion,$NewVersion
Set-CMConfigurationItem -InputObject $Chrome -DigestXml $NewXML

There amy be a better way but this is what we are using.

FYI the Remediation Script to install latest Google Chrome is this.
System Remediation Script
Code: 
If("C:\Program Files (x86)\Google\Update\GoogleUpdate.exe"){
& "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /Install "appguid={8A69D345-D564-463C-AFF1-A69D9E530F96}&appname=Google%20Chrome&needsadmin=True" /Silent
}
User Remediation Script
Code: 
$UserProfile = (Get-WMIObject -class Win32_UserProfile | Where {(!$_.Special) -and ($_.Loaded)}).LocalPath

##If you run this with "True" on a user install, it installs it again for the system
If("$UserProfile\AppData\Local\Google\Update\GoogleUpdate.exe"){
& "$UserProfile\AppData\Local\Google\Update\GoogleUpdate.exe" /Install "appguid={8A69D345-D564-463C-AFF1-A69D9E530F96}&appname=Google%20Chrome&needsadmin=True" /Silent
}
Also a handy way to convert any User Based Google Chrome installs to System Based Google Chrome installs.
 
Sort by date Sort by votes
Why would you deploy Chrome as an Application?
brich4750 said:
I have a Baseline that forces Google Chrome to Install Updates. And I wanted to Edit Configuration Item to change the Embedded Scripts that are the Check for Chrome Version and if not version "X" then remediates.
The Discovery Scripts check for Chrome Version, if Chrome not installed or above version defines then return True.
Remediation Script runs googleupdate.exe with proper switches.
Then i would need to edit 2 Descovery Scripts to update the Baseline so, I wrote this up to edit said Configuration Item.
Code: 
$oldVersion = "119.0.6045.160"
$newversion = "119.0.6045.160"
$CMPSSuppressFastNotUsedCheck = $true
$Chrome = Get-CMConfigurationItem -Name "Name of the Config Item"
$CMPSSuppressFastNotUsedCheck = $false
$ChromeXML = $Chrome.SDMPackageXML
$NewXML = $ChromeXML -Replace $OldVersion,$NewVersion
Set-CMConfigurationItem -InputObject $Chrome -DigestXml $NewXML

There amy be a better way but this is what we are using.

FYI the Remediation Script to install latest Google Chrome is this.
System Remediation Script
Code: 
If("C:\Program Files (x86)\Google\Update\GoogleUpdate.exe"){
& "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /Install "appguid={8A69D345-D564-463C-AFF1-A69D9E530F96}&appname=Google%20Chrome&needsadmin=True" /Silent
}
User Remediation Script
Code: 
$UserProfile = (Get-WMIObject -class Win32_UserProfile | Where {(!$_.Special) -and ($_.Loaded)}).LocalPath

##If you run this with "True" on a user install, it installs it again for the system
If("$UserProfile\AppData\Local\Google\Update\GoogleUpdate.exe"){
& "$UserProfile\AppData\Local\Google\Update\GoogleUpdate.exe" /Install "appguid={8A69D345-D564-463C-AFF1-A69D9E530F96}&appname=Google%20Chrome&needsadmin=True" /Silent
}
Also a handy way to convert any User Based Google Chrome installs to System Based Google Chrome installs.
Click to expand...
It is unclear to me, what is your question or are you showning this script to us?
 
Upvote 0 Downvote
Garth said:
Why would you deploy Chrome as an Application?

It is unclear to me, what is your question or are you showning this script to us?
Click to expand...
Showing the Scripts to you.
The Company i work for and a few that i support have Google Chrome installed as the Supported Browser for Internal Sites.
And we needed a way to Force Update Chrome.
GPO Setting are in force but to get Open High CVE's off the table faster this process was developed.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

  • What's New in Microsoft Intune November 2025 Update
  • SOLVED WSUS Post Installation Failure
  • PENDING Windows 11 Deployment with SCCM
  • PENDING How can I get Office 2024 patch data into an disconnected SCCM server without using OfficeExporter
  • PENDING SCCM 2409 – All replication links FAILED, RLA says “Central administration still in maintenance mode”

    • Forum statistics

    Threads
    7,133
    Messages
    27,858
    Members
    18,151
    Latest member
    TonyGTR

    Latest posts

    Trending content
    Back
    Top