Skip to main content

When an applications must be closed in order to update (e.g. Zoom, Notepad++, SnagIT) the Automox agent will not update the application if it is open, nor will it auto-close the application. This is intentional to prevent you from randomly losing unsaved work or dropping from a Zoom call.

This Worklet can be used in conjunction with a patch policy by configuring it to run 5 minutes before the application-specific patch policy is set to run.

Example:

  • PatchZoom policy runs every Friday at 3pm
  • Set this policy to prompt for Zoom close to run at 2:55pm (at least several minutes prior to the PatchZoom policy execution)

This increases the likelihood that applications that cannot be running during an update are indeed closed.

 

Note: You need to copy the promptAppClose.ps1 code below and save it to your disk as promptAppClose.ps1 since you must upload this script into the Worklet in step 3.

 

Step 1:

Evaluation:

# Force the Remediation code to run regardless of machine state

exit 1

 

Step 2:

Remediation:

# Creates a scheduled to ask to trigger the PowerShell Script to prompt for application close. This allows you to update applications that must be closed for updates to apply.

# This Worklet deploys the promptAppClose.ps1 script to the endpoint. Make sure you upload the script into the Worklet using the "Upload File" button below.

#Here we take promptAppClose.ps1 and drop it into the Temp folder on the local disk.
copy-item promptAppClose.ps1 C:\Windows\Temp\

# Set up the scheduled task 1 minute from Worklet's scheduled execution. If you want to change how long after Worklet execution the scheduled task is executed, change the (1) to a number of your choice (e.g. (3) would run 3 minutes after Worklet execution)
$TaskStartTime = datetime]::Now.AddMinutes(1)

# Set up the rest of the scheduled task details
$SchedService = New-Object -ComObject Schedule.Service
$SchedService.Connect()
$Task = $SchedService.NewTask(0)
$Task.RegistrationInfo.Description = 'Description'
$Task.Settings.Enabled = $true
$Task.Settings.AllowDemandStart = $true
$Task.Settings.WakeToRun = $true
$trigger = $Task.triggers.Create(1) # https://docs.microsoft.com/en-us/windows/win32/taskschd/triggercollection-create
$trigger.StartBoundary = $TaskStartTime.ToString("yyyy-MM-dd'T'HH:mm:ss")
$trigger.Enabled = $true
$action = $Task.Actions.Create(0)
$action.Path = "c:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
$action.Arguments = '-NoProfile -NoLogo -NonInteractive -WindowStyle Hidden -ExecutionPolicy Bypass -File "C:\windows\temp\promptAppClose.ps1"'
$taskFolder = $SchedService.GetFolder('\')
$taskFolder.RegisterTaskDefinition("Prompt App Close", $Task , 6, 'Users', $null, 4)

 

Step 3:
IMPORTANT: Once you save the code below, make sure you edit the file and change the $process variable to the name of the application you want to request your end-user to close if it is open. The name of the process is whatever Task Manager calls the process when it is open.

 

Copy this code and save it to your local disk as promptAppClose.ps1: 

#Set the name of the application you want to prompt for close here:
$process = "notepad"

#Check if $process is running. If it's running, ask the user to close it, if it isn't running then exit quietly.
$process_running = Get-Process $process -ErrorAction SilentlyContinue

if ( !$process_running ) {
#If the process is not running then there's nothing to do. Exit quietly.
Write-Host "$process was not running: nothing to close." }
else {
#Play a sound with the pop-up message

#Trigger the pop-up message with a Ok/Cancel option
$UserResponse = nSystem.Windows.Forms.MessageBox]::Show("$process must be updated on your system.

Please save your work and click OK to close the application." , "Status" , 1)

#If user clicked OK, try to close the app gracefully
if ( $UserResponse -eq "OK" ) {
Write-Host "Closing $process application."
$process_running.CloseMainWindow()

##Optional: Uncomment the stanza below to force kill the process after X seconds if graceful exit failed
#Sleep 60
#if ( !$process_running.HasExited ) {
# $process_running | Stop-Process -Force }
}
else
#If user clicked Cancel, exit and do nothing
{
Write-Host "$process update not applied: user chose to keep the app open."
Exit
}
}

 

Hi @Stambo,



First, thanks for your worklet. It definitely will help us updating some application. I just need to figure out how the pop-up window will work. I run the worklet to a device but pop-window notification is not showing up. Activity report showing it run the script successfully. Any insight what might went wrong?



Thanks!


Ulyssis


Hi Ulyssis,



Which app are you trying to trigger the notification for?


Hi @Jeff S via Automox Community,



Thanks for your reply.



Slack



Zoom



Notepad++



I will also include Chrome and different browser.


Echoing what @uapilado is saying, would be cool to alter this script to include all of the “unclosable” apps that automox offers to patch instead of pick/choosing


We’re working on a generic version where you can fill in whatever process you want to kill and Automox will take it out back behind the woodshed and…well you know.


Is there anyway to get a version that can be called as part of normal operations, rather than to specifically call this worklet?



For example, where we specify the reboot notification, can we have this ‘close the app for patching’ notification as an option?



This would significantly speed up patching, rather than relying on an endpoint not having the application closed.


We’re working on a generic version where you can fill in whatever process you want to kill and Automox will take it out back behind the woodshed and…well you know.

Were you guys able to release this generic version?


Hello @nondescript,

 

We do have the generic version available! It’s in the Worklet Catalog in the console, titled “Kill Open Process.”

 

Thanks for resurfacing this thread!

 

Jessica Starkey | Technical Marketing Engineer


@Nic-Automox Is Automox any closer to building this notification process into worklet’s This came up again today. While the above solution is really nice, it doesn’t work if someone enabled the “Focus Assist” feature to prevent those balloon tip pop-ups from PowerShell. 


This is a nice idea, but I want to be able to force the application to close regardless of the users pov.

Its really hard to update something that's running, even at 2am, when the users are not online.

It just needs a check box to to say kill running process, then on the back end some PowerShell to kill the running process.


Cheers.

 


Reply