Guided application upgrades announced for Microsoft Intune

It has been a slow burn for Enterprise Application Management since it was made available for Microsoft Intune customers in February 2024. With its initial release only providing guided deployment of around 200 applications and a lack of app-only permission control with Microsoft Graph, it has been hard to justify for any organisation, both due to the lack of features and automation options.

As of May 2024, Enterprise Application Management boasts over 250 applications, some of which are self-updating and some that have multiple versions available for installation. However, while still only limited to guided deployment of applications, consumers of the Microsoft Intune Suite or EAM license will now have to wait another 3 months to reap the benefits of guided application upgrades, one of the core benefits of EAM.

It has now been announced that in the August 2024 update of Microsoft Intune, guided application upgrades will be made available as part of the Enterprise Application Management features in Microsoft Intune.

Microsoft Intune Guided upgrade of applications
Microsoft Intune Guided upgrade of applications

The release of guided application upgrades means that for organisations that have deployed applications using the Enterprise App Catalog, a simplified process for deploying application updates will be made available to them also. But how will this work?

Well, if you have seen my other posts linked above, we already know that when an application is deployed via EAM, behind the scene, Microsoft Graph gets all the application install information from Microsoft’s own internal app database. This information includes the installation files, install commands, detections rules and more, to ensure the application installs successfully every time, this information is provided to Microsoft from the application vendor and essentially gets deployed as a Win32 app, but without any effort from the administrator (you).

Similar to this, the same approach will be taken by the guided application install feature of EAM. The portal will use Microsoft Graph to find any available application updates within its own internal app database, then it will automatically deploy a new application in Microsoft Intune that includes all the relevant upgrade information and superscedance settings. The great thing about this approach is that the feature utilises the existing capabilities of Microsoft Intune, so the installation commands and settings are not hidden from the administrators view.

What if I am already using a third-party application patching solution?

Well don’t pull the trigger and go all in on Enterprise Application Management yet! Certainly consider it though. If you are already an Intune Suite customer all the features of EAM are already available to you, so now is the time to look at your costs and plan ahead. However, if you are not an Intune Suite customer and use a third-party product for application management, you will need to weigh up the value the existing product provides you, compared to the benefits a native solution may have for your organisation. 

If you use a third-party patching solution, evaluate the cost of:

  • The product licensing fees
  • The product hosting fees
  • The time and cost to manage the vendor relationship
  • The time and cost to maintain the product
  • The time and cost to upskill engineers on the product

You should also consider:

  • Feature parity between the native and third-party solution and are you utilising those features?
  • The benefits of having a solution natively integrated with your idP
  • Potential CSP benefits provided by Microsoft and the third-party vendor
  • Ease of use for both the native and third-party product

Daniel Bradley

My name is Daniel Bradley and I work with Microsoft 365 and Azure as an Engineer and Consultant. I enjoy writing technical content for you and engaging with the community. All opinions are my own.

Leave a Reply