In real-world environments, not all enterprise software comes with a proper installer.
Recently, I had to deploy a legacy DLP agent that had:
- multiple versions across endpoints
- different ProductCodes
- the same display name
- limited documentation
- and no reliable upgrade path
Trying to handle this using standard logic in Microsoft SCCM (multiple detection rules, MSI-based upgrades, etc.) quickly became messy.
The Approach
Instead of relying on SCCM alone, I moved the logic into a PowerShell-based installer.
The idea is simple:
- Detect if the application is installed
- Check the installed version (via ProductCode)
- Remove anything that doesnβt match the target version
- Install the correct version with required parameters
In SCCM, the detection method stays clean β it only checks for the new version.
Why This Works Better
- No need for multiple detection rules
- No leftover versions after upgrades
- Full control over install/uninstall logic
- Works even with poorly packaged or legacy software
Key Idea
Instead of trying to model every scenario inside SCCM, centralize all logic in a script.
This makes deployments more predictable and much easier to maintain.
Full Breakdown
I wrote a detailed step-by-step guide here (including SCCM setup and scripts):
Top comments (0)