Targeting 3rd party software updates...

  • 9 June 2022
  • 1 reply



So we’re trying to get Java updated on our workstations, so we have a worklet set up, but I was wondering what is the best way to target systems with specific software?

Or is it a case of firing the policy at basically every workstation and having the PowerShell in the worklet decide whether to run the installer or not depending on whether it finds the software is installed already?


1 reply

Hey MRaybone

This can be handled in a few ways. 

  1. Flexible Device Targeting
    With flexible device targeting, you have the ability to create custom tags on your devices that can be used to help further reduce the scope of influence of a policy or Worklet.
  2. Evaluation Code
    Have the Worklet decide if the device is compliant.
    You can perform this easily with a simple check. If you first check for the existence of Java on the device, then if the version is correct. The Evaluation Code allows for the Remediation Code to only be run on devices with Java and if the desired version is not present. 
    $DesiredJavaVersion = 'YOUR JAVA VERSION HERE'
    $Check = Get-WmiObject -Class Win32_Product -Filter "Name like '%Java%' and not Name like '%Java Auto Updater%'" | Select -Expand Version

    If($Check.count -ge 1){
    If("$DesiredJavaVersion" -match "$Check"){exit 0}else{exit 1}
    }else{exit 0}