Intune Patch My PC – Full Guide – Part 4

Intune Patch My PC – Full Guide – Part 4

This article will describe how to setup Intune Patch My PC. This will be a full guide! Because it was such a long blog post, I divided it in parts. Every part will be released day after day. Situation:

  • Azure AD Joined Intune managed devices


  • Implementing Patch My PC for 3rd party applications and 3rd party applications update management

Patch my PC’s mission is to simplify how enterprises create, manage, update, and deploy third-party applications within System Center Configuration Manager. Our solution is used by over 1,600 enterprises worldwide, helping to maintain applications on over 5 million devices. They also have a public preview running for integration with Intune. In my blog post we will go over this and set it up. You can find more info about Patch my PC on their website. Requirements for running Patch My PC Publishing service:

  • Microsoft .NET Framework 4.5
  • Supported Operating Systems
    • Windows Server 2008
    • Windows Server 2008
    • Windows Server 2012
    • Windows Server 2012
    • Windows Server 2016
    • Windows Server 2019
    • Windows 10 (x64) – Microsoft Intune only

Prerequisites for running Patch My PC Publishing service:

  • When using Windows Server operating systems, WSUS should be installed and configured.
  • If using Windows 10 client for Microsoft Intune only
    • Optional feature RSAT: Windows Server Updates Services Tools should be pre-installed

Be sure to check out the new updates blog post from Patch My PC also:


1. Scenario: assign mRemoteNG with Patch My PC

  • So, in our previous post (Intune Patch My PC – Full Guide – Part 3) we stopped at the moment where we completed Patch My PC Publishing Service settings and we went over some options. Now let’s start with pushing some applications!
  • Click on the ‘Intune Apps’ tab in the Patch My PC Publishing Service.

  • Now let’s deploy an applications in our scenario. Look for ‘mRemoteNG’ under ‘Next Generation Software’.
  • Check the box in front of the application
  • As we don’t want any desktop shortcuts deployed, right click on ‘mRemoteNG’ and check ‘Delete desktop shortcut(s) created by this application’.

  • Right click on the application again, and click on ‘Manage assignments’.

  • From this screen we can assign directly to ‘All Users’, ‘All Devices’ or Azure AD Groups.
  • Of course you can choose between ‘Available’, ‘Required’ or ‘Uninstall’. More info on that here.
  • Let’s deploy to an Azure AD Group and make the application ‘Available’, so choose a group to deploy to.

  • Verify the right group is assigned and click on ‘OK’ again.

  • Click on ‘Apply’.

  • Now we have to trigger a Sync so that our application gets send to Intune.
  • Go to the ‘Sync schedule’ tab.
  • Click on ‘Run Publishing Service Sync’ to trigger a sync.

  • You’ll see the ‘Run Now Successful’ dialog. Click on ‘OK’ to close it.


2. Check the Intune application for mRemoteNG

  • Click on ‘Properties’. And go over them. You’ll see everything is filled in nicely and the application is assigned as ‘Available’ to the group you choose in the Patch My PC Publishing Service.

  • Now go to the Company Portal on your device and let’s check if mRemoteNG is available there, as it should be.

  • As you can see it works like a charm! Big thumbs up to Patch My PC!


3. Conclusion

  • Pricing for the Intune version of Patch My PC is 2,5$/year/device. So in my opinion that makes it more than worth it.
  • The pricing of the VM in Azure is around 50-60 $’s a month, so you also have to take this in account.
  • If you`re interested yourself, just start a trial on the Patch My PC website.

That’s it for Part 4. Tomorrow I’ll post part 5 and we’ll start configuring notifications!  


Happy testing!

More articles on Patch My PC: