About a year ago I published a script which provided dynamic updates for Dell, HP, Lenovo and Microsoft systems which are managed by Intune. The script uses the Intune Management Extension to run the dynamic driver update process in a autopilot enrollment of a system, ensuring that you have the latest and therefore hopefully the most stable drivers. Recently however I have thought about developing a script or a tool that would always keep your Intune or standalone system up to date, similar to some OEM included applications.

Introducing Drivers as a Service version 1.0.0

This is the first version of what I like to call “Drivers as a Service”, a PowerShell developed solution that provides continuous automatic updating of drivers on supported hardware platforms. The solution consists of the following;

Single MSI installation

Supports the following environments; Intune Standalone Configuration Manager

Two core components; Windows Service

The Windows service runs under local system context and therefore allows update operations that the client can’t or at least should not be able to perform Tray Application

The tray application runs under the local user context in order to provide some functions to the Windows service along with presenting toast style notifications to the end user

Supported hardware platforms; Dell HP Lenovo Microsoft (coming in version 1.01)

Supported Operating Systems; Windows 10



Lets look at the solution and see how it works;

Installing DaaS

Download the DaaS installation MSI from Microsoft Technet (https://gallery.technet.microsoft.com/scriptcenter/Drivers-as-a-Service-ef36f155), in this example we will manually run the installation but of course you can silently deploy the MSI.

Launch the installer;

the installer; Click on next to view the read me and proceed through to complete the installation

on to view the read me and proceed through to complete the installation A restart is required in order to complete the installation

Once installed you will now notice that you have a new service listed in the list of your Windows services;

After restarting your machine the service will start up the tray application will receive status messages from the running service which will be presented to the user. These status messages are not verbose in nature and with feedback I might also introduce an issue to either make these more verbose or remove them entirely with the exception of update events. For now here is the experience for the end user;

Initial notification message – Checking for driver updates Zoomed notification;

Driver Update Maintenance Window

When coming up with the idea for this one thing that was an issue with updates is the fact that Intune in its current state does not have maintenance windows. I thought about adding in registry entries to allow you to specify these, however the Windows active hours is an option which the initial version of this tool to will use to prevent the updates applying within “business” hours. If a new version of the driver package is available to install, the end user receives a notification of this and the impending update;

In the above example we can see that the machine is running within the active hours specified in Windows, which by default at 8am to 5pm. After changing the active hours for demonstration purposes, we now can see that the drivers installation process starts;

The end user is notified of the update process taking place

Driver installation commences

Should a restart be required the end user will be prompted, otherwise they will be advised of the next check

Deployment via Intune

Deployment of the tool is very straight forward;

Simply log onto your tenant, go to Apps and click on the “+” icon to add an application

Select “Line-of-business app”

Select the MSI installer;

Click on the App Information section and fill in additional required fields;

Now deploy the application to a group or make it available as the example below;

Logs

The service by default automatically adds key steps to the application log;

Verbose logs are located at the following path: C:\Program Files\SCConfigMgr\Drivers As A Service\Logs. Below is a sample output from the Run-DriversAsAService log which contains output from the Windows service;

What about ConfigMgr environments?

For environments where ConfigMgr is managing your client estate you can also use the same solution, however the difference is that the administrator must have a task sequence configured to run the modern driver management solution in “DriverUpdate” mode. This value should be set in HKLM:\Software\SCConfigMgr\Drivers As A Servce\ConfigMgrTSID as below;

The client will then call the task sequence (which obviously will need to be deployed) in order to start the upgrade process and offload the restarting function to the task sequence / ConfigMgr client.

Invoke the Invoke-CMApplyDriverPackage.ps1 with the -DeploymentType “DriverUpdate” switch

with the switch Restart the computer to apply the updates

In this instance the user will be informed of the maintenance but the task sequence will restart the computer;

For more information on the Modern Driver Management solution, please visit – https://msendpointmgr.com/modern-driver-management/

Feedback

As always, test in isolation and if you find bugs, or have feedback please send an email through to [email protected]

(19943)