Available apps in the Company Portal is one of those features you really want to use, but can't, because you lose control. Until now. From a user's perspective, available apps in the Company Portal are awesome! Your computer isn't bloated with unnecessary apps, but at the same time you do have the freedom and flexibility to install apps that have been approved by your IT-department, without having to create a ticket and waiting a week or two to get the app. And it's super easy, you just open the Company Portal app, select the app you want to install and a short while later you're good to go! But there's a catch. Available apps are just that, available to be installed. That means that when it's time to update that app, the new version is also just available. It won't update itself for the users that have already installed it. Add a few versions and you end up with an application landscape that is completely out of control and super insecure. There are some complex workarounds out there with adding users to groups and using different types of assignments, but none of those are really reliable.
So, how can you keep available installations in check?
Create a PowerShell script that will detect if the application is installed and returns true or false.
This can be as simple as testing if a registry key exists:
Create your application as you would otherwise, but on the Requirements page, click Add in the scripts section.
Upload your freshly created requirement script. In our example, the script would return true if the key is found, so we configure it as a boolean that equals yes.
Continue with your configuration, but in the assignments, assign it as required to All devices or a group that you would like to auto-update.
The next time a device checks in, the requirement script will run and if it returns true the application will automatically be updated, if the detection rules are not present. In the status overview the devices that have been updated will be reported as installed, while the devices on which the application was not detected will be reported as Not Applicable.
The easy way
Don't want to spend time on creating all those scripts, but you do want the awesome Available apps feature in Intune? Check out Scappman! Not only does Scappman enable you to use Available apps for the predefined apps in the App Store, it also allows you to upload your own app, provide the name that it uses in the "Apps & Features" settings page and keep your own custom apps in check.