Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Applies to: Patch My PC Cloud
If the Pause Updates feature of Patch My PC (PMPC) Cloud has been configured for an app that has since been updated, and you want to bring the app up-to-date to the latest version, you need to disable pause updates.
Note
If an app has more than one version of an update available, resuming updates will ensure it is updated to the latest version.
Also, if you paused a deployment with enabled, when you resume updates for that deployment, the Update Rings are re-enabled and function normally.
To resume updates for an app:
Click on the relevant deployment that has been paused.
Tip
Click the filter button () and select the Enabled option under the Updates section, followed by Apply Filters to see just those deployments that have updates paused.
Click the Pause Updates slider to disable it.
Note
Notice on the above screenshot that the Sync Now button is available, meaning one or more updates are available for this app.
Click the X to close the deployment properties page.
The list of deployments is displayed without UPDATES PAUSED under the deployment you just unpaused.
Updates for this app are now resumed.
You now need to decide how you want to install any updates for this app:
Install the updates now – If you want to install the updates as soon as possible, follow the process.
Wait for the nightly sync to run – If you are happy to wait for the updates to be installed the next time the daily sync runs (at 2 am by default), you do not need to do anything.
Note
You can change the Sync Schedule to a different time, as detailed in the process.
Applies to: All Patch My PC Products
To help you easily locate the Release notes for each Patch My PC (PMPC) product, links to the respective pages are included below:
Note
The current products do not currently have Release notes:
Official product documentation for Patch My PC Cloud
Note
You can access this page from within the portal by clicking the support button () in the header area and selecting Product Docs.
Official product documentation for Patch My PC
Note
If you have any feedback or comments on our docs, please email .
Streamlining your app management with a single SaaS portal that seamlessly integrates with our Publisher and Intune
Our all-in-one on-premises solution for managing third-party application updates across your enterprise
Our real-time vulnerability alerting and awareness tool that helps Security and IT teams cut through the noise, respond faster, and stay aligned
Our powerful suite that transforms your data into dynamic, visually rich dashboards, offering everything from software and update compliance to detailed hardware and device insights, trend analysis, and threat detection
Our free, easy-to-use tool that helps analyze your WSUS & ConfigMgr environments for known issues and provides recommended best practices
Helps you calculate the Return on Investment on the products supported in our current catalog you are using in your environment
Contains reference articles that apply to multiple products
Contains links to the relevant Release notes page for each product
Applies to: Patch My PC Cloud
This section contains various deployment-related articles for Patch My PC (PMPC) Cloud.
Latest product and feature updates
What's required to run our cloud product
How to sign up for a free trial of Patch My PC Cloud
The App Catalog contains all of the apps we currently support
Deploying and managing apps
Using the Update Rings feature
Understanding and working with events
Using the Migration feature to migrate from ConfigMgr to Intune
See which apps in our App Catalog are installed in your environment
Learn how Cloud can report on and manage your environment
Performing various management-related tasks
Deploying and managing your paid apps
Deploying and managing your in-house apps
Deploying and managing apps using Intune
Managing the macOS devices in your environment
Learn all about the MSP feature of Cloud
When things go wrong, how to fix them
Various reference articles about the product and its features
Definitions for the various terms and abbreviations we use
Applies to: Patch My PC Cloud
Patch My PC (PMPC) Cloud supports deploying apps and updates to the following app types and platforms:
Applies to: Patch My PC Cloud
The Configurations tab of the Patch My PC (PMPC) Cloud deployment wizard allows you to configure various configuration settings grouped into sections known as Tools.
These tools allow you to configure various settings for the deployment.
These are two types of Tools:
included in every deployment as they contain the most common settings.
Applies to: Patch My PC Cloud
If your deployments are using and both the deployments for the child and parent apps have Update Rings enabled, the following behavior occurs:
Each version of an app for the child deployment with update rings enabled must depend on the parent app with the version related to the last ring of the parent deployment.
When the last ring of the parent app is updated to a new version, we also move over the dependencies associated with the last ring.
Applies to: Patch My PC Cloud
To sort Deployments in Patch My PC (PMPC) Cloud:
On the Deployments page, click the relevant column heading to sort the entries by this column.
The column heading will be highlighted and a small arrow will show you whether the results are displayed in ascending or descending order.
To sort by a different column, just click the column name.
Additional Tools that can be optionally added to a deployment.
If Update Rings are disabled for the parent app, we rebuild the dependency with the app that used to be Ring 1, with the lowest delay/the latest version.
If the delay for the ring with the oldest version is decreased and this ring becomes the ring with the newest version, we will delete the previous dependency and build the dependency with the app that, after editing, has the oldest version.
Note
In the current release, you can only sort by certain columns.
Applies to: Patch My PC Cloud
The following is a list of Patch My PC (PMPC) Cloud Preview Features.
Important
You need to have Preview Features enabled in your company in order to access them.
Preview Features may not be fully functional or may contain bugs. By enabling them, you agree to accept that you may encounter some functionality issues and bugs.
Enabling Preview Features on a parent MSP company does not automatically enable them for child customers.
Links to the relevant documentation are included when available.
Note
Once a feature is released to General Availability (GA), it will be removed from the following list as it will be available to everyone.
Applies to: Patch My PC Cloud
To use Patch My PC (PMPC) Cloud, you need:
An Internet connection that can access Microsoft Azure services and the Patch My PC (PMPC) Cloud Platform (https://portal.patchmypc.com/).
A Microsoft Entra ID tenant
Note
We currently do not support for Patch My PC Cloud. You can help us prioritize this .
An Enterprise Plus, Enterprise Premium, or Managed Service Provider (MSP) Plus subscription.
Note
With an MSP Plus subscription, you can manage any number of devices. However, there is a minimum monthly charge based on 50 devices per tenant.
Important
We no longer allow customers whose Entra ID domain starts with "m365x" to start a Patch My PC (PMPC) Cloud trial. Such customers no longer see the option to start PMPC Cloud Trial and will either need to enter a PMPC Cloud license key or activate their license using their on-premises Publisher license key.
See for more information on our different subscription levels.
A minimum of two users, who will be granted privileges within PMPC Cloud.
Applies to: Patch My PC Cloud
Patch My PC (PMPC) Cloud supports the following methods for deploying apps:
The PMPC App Catalog contains apps for which there is a publicly accessible download of the installer that we can deploy and update. In the majority of cases, you should use the process to deploy your apps.
Some apps do not publish a publicly accessible download. These are typically apps:
You need to pay for.
The installer is behind a paywall that requires an individual login and password.
The vendor uses a compressed file for its installer.
We refer to such apps as Binary-free apps and you should follow the process.
Note
See our for a list of such apps that we’ve built and maintain.
If you have your own installer (EXE or MSI) that you want to deploy, then you should follow the and processes.
Applies to: Patch My PC Cloud
Patch My PC (PMPC) Cloud deployments include the following standard tools :
You can configure settings by either scrolling down the page until you find the relevant section or by clicking the relevant tool heading.
Note
The icons beside each Tool's name have the following meaning:
Grey tick - Some values have been pre-configured by PMPC
If you do not want to configure any additional settings, click Next to move to the tab.
Otherwise, navigate to the relevant tool to configure the required settings, which are explained in the relevant section.
Applies to: Patch My PC Cloud
The Install Parameters tool of the Patch My PC (PMPC) Cloud deployment wizard allows you to configure various installation parameters and arguments.
Install Parameter Summary
Shows any default installation parameters.
NOTE These cannot be modified or removed.
If you do not want to configure any additional settings, click Next to move to the tab.
Otherwise, navigate to the relevant tool to configure the required settings, which are explained in the relevant section.
Applies to: Patch My PC Cloud
The App Info tool of the Patch My PC (PMPC) Cloud deployment wizard allows you to define default values for items that will be included in the app’s metadata when it is packaged to Intune.
Any values set for the following items will appear in the app’s properties when viewed in the Intune admin center:
Vendor* - The vendor of the app.
Owner – The name of the owner of this app.
Description* - A description of the app.
Notes – Notes about the app that we send to Intune when we create a deployment.
Information URL - Link to a website or documentation that has more information about the app.
Privacy URL - A link for people who want to learn more about the app's privacy settings and terms
Developer – The name/contact details of the developer as this is a plain text field.
Set App as Featured - If checked, allows this app to appear as a featured app in the Company Portal. Once the app has been deployed, the Show this as a featured app in the Company Portal setting on the app’s properties should be set to Yes in the Intune admin center.
* denotes a required field
Tip
If you make a mistake and want to reset the information in this section, click Reset to Default followed by OK on the Are you sure you want to reset to the default values? dialog box.
Also, if the App Info section has been configured, you can view it as part of the app’s properties in the Microsoft Intune admin center.
To manage the App Info for a Deployment:
Click the App Info tool.
Configure the settings as required.
Note
We pre-populate this screen with the information received from the vendor/added by us.
If you do not want to configure any additional settings, click Next to move to the tab.
Otherwise, navigate to the relevant tool to configure the required settings, which are explained in the relevant section.
Applies to: Patch My PC Cloud
The Desktop Shortcut tool of the Patch My PC (PMPC) Cloud deployment wizard allows you to control whether a desktop shortcut of the app being deployed is created.
If checked, will remove the desktop shortcut created as part of the app installation.
To configure this setting:
Click the Desktop Shortcut tool.
Configure the settings as required.
If you do not want to configure any additional settings, click Next to move to the tab.
Otherwise, navigate to the relevant tool to configure the required settings, which are explained in the relevant section.
Applies to: Patch My PC Cloud
If an app supports built-in auto-updates, the Built-in Auto Updates tool will be available in the Patch My PC (PMPC) Cloud deployment wizard, but the Disable Self-Update checkbox will be selected by default, disabling any auto-updates.
Note
Although some apps may have built-in auto-updates, they may not support controlling updates by using this or a registry value. In such a scenario, this option will be unavailable.
To manage the settings for the Built-in Auto Updates tool:
Click the Built-in Auto Updates tool.
Configure the required settings.
If you do not want to configure any additional settings, click Next to move to the tab.
Otherwise, navigate to the relevant tool to configure the required settings, which are explained in the relevant section.
Applies to: Patch My PC Cloud
The Available Uninstall tool of the Patch My PC (PMPC) Cloud deployment wizard allows you to control whether Intune Apps can uninstall the app if the Company Portal installed it.
If checked, allows Intune Apps to uninstall the app if the Company Portal installed it.
To configure this setting:
Click the Available Uninstall tool.
Configure the settings as required.
If you do not want to configure any additional settings, click Next to move to the tab.
Otherwise, navigate to the relevant tool to configure the required settings, which are explained in the relevant section.
Applies to: Patch My PC Cloud
Patch My PC (PMPC) Cloud deployments include standard default settings. However, you can also add additional settings.
These optional settings are grouped into a series of related Additional Tools, which can be added (and, if needed, removed) to a deployment.
To add one or more optional Additional Tools to a deployment, click Add in the Additional Tools section, then select the relevant tool from the pop-up to add it to the list of Additional Tools.
Tip
You can check the checkboxes beside multiple tools to add them to the list of Additional Tools. You can also click the X beside an additional tools you want to remove from the list.
Any settings you configure for a deployment will be used for the current deployment and automatically applied to any new versions of the deployment as it's updated.
If you do not want to configure any additional settings, click Next to move to the tab.
Otherwise, navigate to the relevant tool to configure the required settings, which are explained in the relevant section.
Applies to: Patch My PC Cloud
Note
Using the Role Scope Tags tool is optional.
The Role Scope Tags tool of the Patch My PC (PMPC) Cloud deployment wizard allows you to leverage Intune Role Scope Tags (Scope Tags) in your deployments to help control which Intune admins can manage a specific deployment.
Important
Before you can use a Scope Tag in a PMPC Cloud deployment, it must have already been created in the Intune admin center. Follow the process of for more details and information on Scope Tags.
If you manage Intune using PMPC Cloud, you should avoid performing any actions in the Intune admin center that can be performed in PMPC Cloud, as doing so will cause unwanted behavior.
To add Role Scope tags:
Add the .
Click the Role Scope Tags tool.
In the Profile Name field, either:
Start typing the name of the relevant Scope Tag, then click the checkbox beside it to select it.
Click the dropdown to see a list of existing Scope Tags and click the relevant checkbox(es) to select it.
Tip
You can click the X beside a Scope Tag in the Profile Name field to delete it.
Note
See for details on how to check within Intune that the Scope Tags defined in the deployment have been assigned correctly.
The number of profiles selected is shown beside the Role Scope Tags tool.
If you do not want to configure any additional settings, click Next to move to the tab.
Otherwise, navigate to the relevant tool to configure the required settings, which are explained in the relevant section.
Applies to: Patch My PC Cloud
Note
Reviewing the Summary tab is optional, but recommended.
The Summary tab of the Patch My PC (PMPC) Cloud deployment wizard provides a summary of the deployment so you can confirm that it is configured correctly before you create it.
Review the summary of the deployment shown on the Summary page. If you are happy click Deploy. If you need to change something, click < Prev to backtrack through the Deployment Wizard to the relevant setting. Make the change, then step back through the wizard to this page. If everything is now correct, click Deploy.
Note
If you have configured this deployment to use , you will see the Deployment Summary screen, containing details on how you have configured the rings.
See for more information.
The App Catalog is redisplayed along with the Success - Created <deployment_name> notification.
Important
When a new version of software is released, it is automatically deployed using the settings of the existing deployment. The old version will be removed from the target user/device and replaced with the newer version.
Note
By default, the installation logs for an app will be created in the following folder regardless of the installer file type:
%ProgramData%\PatchMyPCInstallLogs
The only exception is for EXE files, where the specified value for the loggingSwitch variable will be used if it is not null or empty.
Applies to: Patch My PC Cloud
Once the Deployment Templates (Templates) feature of Patch My PC (PMPC) Cloud has been enabled for your PMPC Cloud company and you have created at least one template, you can start using templates for your new deployments.
Note
Templates are currently unsupported for use in existing deployments. To configure an existing deployment to use a template, you need to delete it and recreate a new one. When creating the new deployment, you can choose which template to use.
Also, if a template contains an option that is not supported by a deployment, that option will not be shown in the portal.
If a template contains an option that is supported by a deployment, that option will be shown in the portal with its configuration set as per the template. However, you can modify the configuration of that option if required.
To configure a new deployment to use a template:
Follow the relevant deployment scenario.
Once the Deployment Wizard has started, click Apply Template
Note
You can click Apply Template at any time, regardless of the tab you are working on.
On the Apply Template screen, select the radio button beside the template you want to apply, then click Apply.
Note
Only the templates created for the Operating System (OS) platform you are deploying to are shown.
The Deployment Wizard is redisplayed along with the Success - Template ‘<template_name>’ applied notification.
Note
You can click Apply Template again to select and re-apply a template (which overwrites any existing settings) at any time before you click Deploy to ensure the template settings are applied to this deployment.
Applies to: Patch My PC Cloud
The Update Rings feature of Patch My PC (PMPC) Cloud allows you to deploy apps and updates in a phased manner across your Intune estate.
For example, you may want to deploy software to a pilot group of users/devices to ensure it functions as expected. Then, after a set period of time, you want to deploy the update to a wider group of users/devices and pause a set amount of time to check for issues. Then finally, if there are no issues, deploy the update to the remaining users/devices in scope for the deployment.
Although this approach increases the amount of time it takes to deploy software, it can reduce the impact of deploying software with unforeseen issues that impacts your business in undesirable ways.
Notes
Update Rings do not use Intune's built-in capability to create delayed assignments using Availability and Deadlines.
The use of Update Rings is optional and is controlled at the individual deployment level.
See our YouTube video for an explanation of Update Rings, plus how to use our free script on GitHub which creates an interactive HTML visualization of app update deployment rings for staged rollouts. It calculates and displays a schedule based on specified parameters and helps you understand your version rollout cadence across different environments.
Learning Hub
See the video on our Learning Hub for a practical walkthrough of how Update Rings work, including how to enable them and how overlapping updates are handled.
Applies to: Patch My PC Cloud
If your Patch My PC (PMPC) Update Rings are configured with longer delays, a new version of a product may be released while an older version is still moving through the rings.
This is not a problem, as when a newer version becomes available, PMPC Cloud does not restart or override the Update Ring process already in progress.
Each version of the software must complete the full Update Ring lifecycle independently. In other words, version n will finish all rings exactly as configured, and version n+1 will follow the same path when its turn begins.
The diagram below illustrates how each version progresses through the rings independently.
Note
See the on our YouTube channel for more details.
To help you predict how your Update Rings will progress, we provide a that generates an HTML report. This report gives you a clear visual overview of your current Update Rings configuration and how each ring is expected to advance.
Note
See the on our YouTube channel for a detailed walkthrough of the script and the report.
Applies to: Patch My PC Cloud
To view the Update Rings configured for a Patch My PC (PMPC) Cloud deployment:
Follow the Edit a Deployment process to open the properties of the relevant deployment whose Update Rings you want to view.
Click More Info.
Any configured Update Rings are shown as tabs, which you can switch between to review your settings.
Note
If any rings have a status of Scheduled, it means that specific ring has yet to be created. See for more information.
Click the red X in the top right-hand corner to close the More Info page and return to the Deployments node.
Applies to: Patch My PC Cloud
In Patch My PC (PMPC) Cloud, the Delayed option for Update Rings doesn’t create an Update Ring until any configured delay has passed.
As a result, you cannot edit a deployment that uses Delayed Update Rings until all rings have been created.
Note
If you try editing a deployment that uses Delayed Update Rings and not all of the rings have been completed, you will see the following error:
To determine if a specific Update Ring has been created:
Use the process to navigate to the properties page of the deployment.
Each Update Ring is represented by a separate tab and the status of the ring shows you whether it has been created or not: • Success – The ring has been created. • Scheduled – The ring has not been created. In the following example, Ring 1 has been created as it has a status of Success.
However, as Ring 2 has a status of Scheduled, it has yet to be created as the configured delay has not passed.
Tip
If you look in the top right-hand corner of the deployment, the timestamp shows when the deployment was created. From this and looking at the number of days delay configured for a ring, you can work out when a specific ring will be created.
Applies to: Patch My PC Cloud
If you are using the Update Rings feature of Patch My PC (PMPC) Cloud, you may find that a version of an app deployed to a ring works fine and you now want to deploy this version to the next update ring without waiting for either the configured delay to be reached for that ring or the Sync Schedule to be run.
To update an individual Update Ring to a later version:
Navigate to the Deployments node.
Click the relevant deployment to open its properties then click More Info.
If you can update a ring to a newer version the Update Now button is available.
Important
Some important points to note:
The Update Now option is only available if the deployment has been deployed successfully. It will not be shown if the deployment is in any other state or if Pause Updates has been enabled for this deployment.
Click Update Now and select the relevant version you want to upgrade this ring to.
On the Update “<deployment_name>” ring to version <version_number> dialog box, click Confirm.
Applies to: Patch My PC Cloud
If you have already successfully deployed an app using Patch My PC (PMPC) Cloud, you can convert that deployment to use Update Rings.
To convert an existing deployment to use Update Rings:
Edit the deployment and navigate to the Assignments tab.
Any existing assignments for the deployment are shown.
Click Enable Update Rings.
On the Move Assignments or Delete dialog box, click Move to create the Update Rings and move any existing assignments to the first Update Ring.
Note
Clicking Delete will delete any existing assignments, not the deployment itself. It will also create the default two Update Rings with default settings.
Any existing assignments are moved into the first Update Ring.
Continue from Step 3 of the process to configure your Update Rings. For example, adding additional assignments, moving assignments between rings, etc.
Once you have completed reconfiguring the deployment, click Save.
Warning
When you convert an existing deployment to use Update Rings, the rings will be created with the Immediate option, i.e. immediately. As this is the expected behavior, it cannot be changed.
Applies to: Patch My PC Cloud
All Patch My PC (PMPC) Cloud deployments include a status.
Important
As PMPC Cloud is performing the deployment and not Microsoft Intune, you can only view the status of these deployments from within the PMPC portal. The status of PMPC Cloud deployments is not visible from within the Intune admin center.
To see the status of a deployment:
Sign in to the portal at .
Navigate to the Deployments node.
The Deployments page loads, showing all current deployments. The Status column shows the current status of each deployment, which will be one of the following:
Success – The application was successfully created in Intune.
In Progress – The application is being created in Intune.
Failed – The application failed to be created in Intune.
Applies to: Patch My PC Cloud
All deployment-related tasks for Patch My PC (PMPC) Cloud are performed from the Deployments node of the portal.
To manage deployments:
Sign in to the Portal at https://portal.patchmypc.com/.
Navigate to the Deployments node.
The Deployments page is displayed.
Clicking the ellipsis (⋮) beside a deployment opens the management menu, allowing you to:
Note
See for more details on how to view the properties of a deployment.
Applies to: Patch My PC Cloud
To view the properties of a Patch My PC (PMPC) Cloud deployment:
On the Deployments page, click the relevant deployment to open its properties screen.
To find out more details, click More Info to open the more info page.
More information about the deployment is shown.
Note
If have been used in a deployment, the script's name will be shown in the Configurations section of the deployment's properties.
Also, if the deployment has any , the Dependencies section allows you to view them.
Click X in the top-right corner to return to the Deployments page, or click Less Info to return to the deployment’s property page.
Applies to: Patch My PC Cloud
Using Patch My PC (PMPC) Cloud, you can delete software from Intune and recreate it to retrigger the deployment on the targeted resources.
To recreate a deployment:
From the Deployments page, click the ellipsis (⋮) beside the relevant deployment you want to recreate and click Recreate.
On the Are you sure you want to recreate <deployment_name> dialog box, click Yes.
The Status of the deployment changes to In Progress and the Recreating the deployment <deployment_name> has started message is displayed.
Once the deployment has been recreated, the portal auto-refreshes and the Status changes to Success.
Tip
You can also click Recreate on the property page of a deployment to recreate it.
Note
If the deployment you are recreating has enabled, clicking Recreate will result in duplicate versions of the apps being created in Intune. Any existing assignments will be automatically moved from the old version to the new, recreated version.
Also, if the deployment you are recreating has , clicking Recreate creates a new app, creates any dependencies, deletes the dependencies for the old app, and finally deletes the old app from Intune.
Applies to: Patch My PC Cloud
Once Patch My PC (PMPC) Cloud has successfully deployed an app, you need to decide how to manage any updates to that app.
Note
By default, every morning at 02:00 AM in the country you selected during onboarding, our Sync Schedule runs to check for any updates to apps you have successfully deployed. If a newer version is found, we:
Create a new version of the app in your Intune tenant.
Move the assignments for the current version over to the new version.
Install the new version on the relevant devices.
Also, if a deployment has (either this deployment has dependencies on another deployment or another deployment has dependencies on this deployment), at the time the runs, if a newer version is found, we:
Create a new version of the app in your Intune tenant.
Move all the dependencies for the current version over to the new version.
Install the new version on the relevant devices.
The next time the Sync Schedule runs, that is when we delete the old version of the Intune app, which includes removing it from any Enrollment Status Page (ESP) profiles.
All update-related tasks for an app are performed at the deployment level from the Deployments node of the PMPC portal by:
Navigating to the Deployments node.
The Deployments page is then displayed, showing any existing deployments and allowing you to:
Applies to: Patch My PC Cloud
The Pause Updates feature (which is disabled by default) of Patch My PC (PMPC) Cloud allows you to prevent an app that’s previously been successfully deployed from being updated whenever a new version is released.
Important
Pausing updates for an app only affects our portal. If a new version of an app becomes available and updates are paused, the portal won’t create a new version of that app while updates are paused.
However, any existing versions of apps already in Intune that are assigned will still be evaluated and, if applicable, installed by your devices.
To Pause Updates for an app:
Click on the relevant successful deployment you want to pause for updates.
Tip
Click the filter button () and select the Disabled option under the Updates section, followed by Apply Filters to see just those deployments that do not have updates paused.
Click the Pause Updates slider to enable it.
Click the X to close the deployment properties page.
The list of deployments is displayed and UPDATES PAUSED shows under the deployment name so you updates are paused for this specific deployment.
Note
If Pause Updates is enabled for an app and a newer version is available, the Update Now option will be available. See the process for more details.
Also, if your deployment has enabled and you experience a problem with any of the rings, Pause Updates prevents both an existing ring from being upgraded to a new version and any additional Update Rings from being created provided the Immediate option was set for the rings.
The Pause Updates option will be unavailable if your deployment uses
Applies to: Patch My PC Cloud
To delete a deployment in Patch My PC (PMPC) Cloud:
From the Deployments page, click the ellipsis (⋮) beside the relevant deployment you want to delete and click Delete.
On the Are you sure you want to delete <deployment_name> dialog box, click Yes.
Note
If the deployment you are deleting is for an app that another app is dependent on, the Are you sure dialog box will state which app has a dependency on this deployment and warn you that proceeding will delete this dependency, which could break the app dependent on this one.
The deployment is deleted and the Success - Deployment <deployment_name> deleted notification is displayed.
Warning
Deleting a deployment will also delete the:
latest and all old unassigned versions of this deployment if a has been configured.
Tip
You can also click Delete on the property page of a deployment to delete it.
Applies to: Patch My PC Cloud
To navigate between pages of Events in Patch My PC (PMPC) Cloud, in the Events page footer, click the relevant control to go to the first page, previous page, next page, or last page.
Applies to: Patch My PC Cloud
To search for an Event in Patch My PC (PMPC) Cloud, type what you are looking for in the Search box on the Events page.
Note
If the portal finds any matching entries as you type, they are displayed. However, if no results are shown when you’ve finished typing your search phrase, either press Enter or click the magnifying glass.
The search results of the matching entries is displayed.
To clear the search, either click the red X or manually clear the Search box.
Applies to: Patch My PC Cloud
You can display more information about a Patch My PC (PMPC) Cloud Event by clicking it.
The details page is displayed for the Event.
Either click the X or click outside of the details page to close it.
Applies to: Patch My PC Cloud
To configure the number of events shown per page in Patch My PC (PMPC) Cloud:
Click the down arrow next to Items per page in the Events page footer and choose the required number.
Applies to: Patch My PC Cloud
To sort Events in Patch My PC (PMPC) Cloud:
On the Events page, click the relevant column heading to sort the entries by this column.
The column heading will be highlighted and an arrow will show you whether the results are displayed in ascending or descending order.
To sort by a different column, just click the column name.
Note
In the current release, you can only sort by certain columns.
Applies to: Patch My PC (PMPC) Cloud
There are times when we need to remove a product from the Patch My PC (PMPC) App Catalog, primarily because the product either:
Goes End-Of-Life (EOL) and is no longer supported or maintained by the vendor.
Other compatibility issues related to silent install or versioning.
Applies to: Patch My PC Cloud
Welcome to the Deployment section for Patch My PC (PMPC) Cloud.
Important
You need to before you can use the Deployments feature.
Applies to: Patch My PC Cloud
Patch My PC (PMPC) Cloud can be used to deploy apps using Microsoft Intune.
Note
You can also:
Applies to: Patch My PC Cloud
Note
Using the Retention Policy tool is optional and is not supported by the MSP App Sets feature.
The Retention Policy tool of the Patch My PC (PMPC) Cloud deployment wizard allows you to determine how many versions of an app (both Windows and macOS) you want to keep. If deploying a later version of an app causes issues, you can redeploy an older version.
Applies to: Patch My PC Cloud
As the affects when your Portal checks for updates to your Patch My PC (PMPC) Cloud deployments, how often it runs can also affect how your Update Rings behave.
For example, if you have deployed an app that updates more frequently than your configured Sync Schedule, the ring with the lowest delay (for example, Ring 1) will have the latest suitable version applied.
Depending on how often you run your Sync Schedule and the delay between your rings, the scenario could arise where we have to skip versions to keep everything configured as per your ring strategy.
If this arises, we will not deploy a version of an app to any rings that has not been deployed to at least Ring 1. This ensures we only deploy apps to later rings that have been tested on at least one ring.
Applies to: Patch My PC Cloud
Before you can perform a migration using the Patch My PC (PMPC) Cloud Migration feature, you need to ensure that Publisher is connected to the same PMPC Cloud Company that you plan to migrate the objects to.
Note
See for further details.
You also need to ensure that the Enable Application Migration
Applies to: Patch My PC Cloud
The Migration feature of Patch My PC (PMPC) Cloud allows you to migrate applications from a Microsoft Configuration Manager (ConfigMgr) hierarchy to a PMPC Cloud company.
Rather than simply copying existing applications as-is, our migration experience is designed to support modernization by allowing you to move away from outdated, unsupported, or vulnerable applications and toward applications that are easier to manage and keep secure in a modern Microsoft Intune environment.
As part of the migration process, PMPC Cloud analyzes your existing ConfigMgr applications to help identify:
Applications that are outdated or no longer supported
Applies to: Patch My PC Cloud
The Migration feature of Patch My PC (PMPC) Cloud evaluates Microsoft Configuration Manager (ConfigMgr) applications using an initial full scan when the environment is first connected, followed by delta scans that run every 60 minutes by default, but can also be triggered manually.
These scans detect changes to application metadata and determine whether an application can be reliably migrated as a PMPC Catalog App, a PMPC Custom App, or is unsupported for migration.
Where possible, PMPC Cloud prefers migrating applications as catalog apps, as this ensures they can be automatically kept up to date. PMPC Cloud cannot automatically update PMPC Custom Apps when a vendor releases a new version, as Custom Apps are not tracked in the catalog.
Applies to: Patch My PC Cloud
If you upload as part of your Patch My PC (PMPC) Cloud Deployment, you can reference those files in any of the in the same deployment by building a path relative to the script's current location.
This ensures your script can reliably locate the files you uploaded, whether they are in the root or a subfolder.
Below are examples for referencing a file named file_to_be_copied.txt, either from the script root or a subfolder called MyFolder.
Applies to: Patch My PC Cloud
Welcome to the Events section for Patch My PC (PMPC) Cloud.
Applies to: Patch My PC Cloud
An event is written to the Events node whenever a user performs a task in the Patch My PC (PMPC) Cloud portal. Events are also created if the action a user performs triggers a component to perform an activity.
To access the Events node:
Using your portal account, sign in at .
Navigate to
Applies to: Patch My PC Cloud
Important
Events are only held in the portal for 30 days, after which they are automatically groomed from the database. If you wish to keep events longer than 30 days, you need to export them.
To export today's events from Patch My PC (PMPC) Cloud, plus the past 29 days of events, click Export in the header of the Events page.
Applies to: Patch My PC Cloud
You can use a Filter in Patch My PC (PMPC) Cloud to help you find only the relevant Events you require.
To filter Events:
Click the funnel button in the header of the Events page.
The filter sidebar opens.
Applies to: Patch My PC Cloud
Note
If an app has more than one version of an update available, using Sync Now ensures it is updated to the latest version as soon as possible, which could impact your users. So, think carefully before using this.
If you have for an app in Patch My PC (PMPC) Cloud and want to update it as soon as possible rather than waiting for the nightly sync job to run:
Applies to: Patch My PC Cloud
Applies to: Patch My PC Cloud
An event is written to the Events node whenever a user performs a task in the Patch My PC (PMPC) Cloud portal. Events are also created if the user's action triggers a component that performs an activity.
Events are created with one of the following severity levels:
Applications exposed to known Common Vulnerabilities and Exposures (CVEs)
Opportunities to upgrade to newer, supported versions that are available in the PMPC catalog.
Note
Migrating ConfigMgr Packages to Intune is unsupported.
All migrated applications benefit from additional customization and management capabilities to ensure they remain secure, maintainable, and aligned with modern desktop management practices.
PMPC Cloud supports two methods for migrating applications from ConfigMgr to Intune.
The migration path is determined through ongoing application evaluation, not when the migration is initiated.
Note
See How Migration Type Is Determined for more information on how PMPC Cloud determines the appropriate migration path.
Where possible, PMPC Cloud attempts to match a ConfigMgr application to an existing app in the PMPC catalog. A confident match is typically made using the hash of the main installer binary.
When the hash isn't recognized, PMPC Cloud evaluates application metadata, such as the application title and publisher, to suggest a potential catalog match.
When an application is migrated as a catalog app, it is automatically updated and maintained over time.
If PMPC Cloud cannot confidently match the application to an app in the PMPC catalog, the application is migrated as a PMPC Custom App.
Custom Apps migrate the exact version, including all installation arguments and customizations, allowing the app to be managed and modified in Intune through the PMPC Cloud Portal.
Unlike applications migrated as catalog apps, PMPC Custom Apps are not automatically kept up to date and require manual updates when new versions are needed.
Wherever possible, we attempt to match ConfigMgr applications to an existing app in our catalog using the installer hash. When a match is found, you can deploy the catalog app to Intune instead of the version in ConfigMgr, which may be out of support or exposed to known vulnerabilities.
When we migrate ConfigMgr applications using this method, we also migrate any installation arguments, customizations, and command lines you have defined for the ConfigMgr application.
The end result is that you now have a version of the app deployed that can be managed and kept up to date for the app's lifetime.
Note
See Publish the App in Intune as a PMPC Catalog App for more information.
In some cases, we cannot confidently match a ConfigMgr application to a catalog app using the installer hash alone. When this happens, we evaluate additional application metadata to determine whether a reliable catalog match can still be suggested.
This evaluation may include:
Application display name
Application vendor
Installer type (for example MSI or EXE)
Installer context (system or user).
If these indicators collectively align with a known catalog app, we may suggest migrating the application as a PMPC Catalog App even when a direct installer hash match isn’t available. This allows you to leverage our catalog-based updates while making it clear that the match is based on metadata rather than binary identification.
Note
See Publish the App in Intune as a Suggested PMPC Catalog App for more information.
For those ConfigMgr applications that we cannot find a direct match to an app in our catalog, we can still migrate them, but as a PMPC Custom App.
When we migrate ConfigMgr applications using this method, we migrate the exact version and include the migration of all installation arguments, customizations, and command lines you have defined for the ConfigMgr application.
You will be able to modify and manage the app from within the PMPC Cloud Portal and take advantage of the various customizations and features of PMPC Cloud Custom Apps.
Note
See Publish the App in Intune as a PMPC Custom App for more information.
A modern way to display branded notifications when apps are installed or updated on devices, using PSADT.
Also:
The Sync Schedule evaluates your Update Rings. When a ring’s configured Days Delay has been reached, the assignments for that ring are created.
As Update Rings are evaluated only during the Sync Schedule, the frequency of your sync sets the minimum pace at which the rings can progress. For example, if your Sync Schedule runs weekly, the Update Rings cannot move faster than a weekly cadence.
Note
If you want Update Rings to be evaluated more frequently, but prefer a slower schedule for packaging new versions, you can support this request by upvoting Update rings independent of sync schedule on our UserVoice page.
If you create your Update Rings with an Immediate start time, the Sync Schedule configuration only impacts the daily update of the rings and their assignments (promotion to the new version).
If you create your Update Rings with the Delayed start time, the Sync Schedule configuration impacts both the initial creation of the rings and the daily update of their assignments (promotion to the new version). For example, you create a deployment with two Update Rings with the default two-day delay between them. The first ring will be created when you deploy the software. The second ring won’t be created until two days have passed since the time the deployment was created and the next Sync Schedule run.
The following table summarizes how your Sync Schedule configuration determines how you can configure the delay between Update Rings.
Daily
Delays between rings can be configured as required.
Weekly
Ring 2 has to have a minimum delay of 7 days
Ring x has to be configured with a delay of at least 7 days apart from any other ring.
Monthly
Ring 2 cannot have a delay of less than 31 days
Ring x has to be configured with a delay of at least 31 days apart from any other ring.
These limitations ensure that the update delays align with your chosen sync frequency and is why we advise configuring your Sync Schedule to run on a daily basis when using Update Rings.
Radio button - Neither you or PMPC have configured any settings.
Additional Argument
Allows you to provide additional arguments to be appended to the installation command line. These can override the Patch My PC arguments in some cases (typically for MSI arguments). NOTE This field is limited to a maximum of 2,048 characters. See Supported Variables in Publisher and PMPC Cloud for a list of the variables we support in this field.
packaged win32 app from Intune.
To reference additional files you’ve uploaded, use $PSScriptRoot\file_to_be_copied.txt or $PSScriptRoot\MyFolder\file_to_be_copied.txt if the file is in a subfolder.
For example:
To reference additional files you’ve uploaded, use %~dp0file_to_be_copied.txt or %~dp0MyFolder\file_to_be_copied.txt if the file is in a subfolder.
For example:
To reference additional files you’ve uploaded, use scriptDir & "\file_to_be_copied.txt" or scriptDir & "\MyFolder\file_to_be_copied.txt" if the file is in a subfolder.
For example:
# File in script root
Copy-Item -Path "$PSScriptRoot\file_to_be_copied.txt" -Destination "C:\TargetFolder"
# File in subfolder
Copy-Item -Path "$PSScriptRoot\MyFolder\file_to_be_copied.txt" -Destination "C:\TargetFolder"
:: File in script root
copy "%~dp0file_to_be_copied.txt" "C:\TargetFolder"
:: File in subfolder
copy "%~dp0MyFolder\file_to_be_copied.txt" "C:\TargetFolder" Set fso = CreateObject("Scripting.FileSystemObject")
scriptDir = fso.GetParentFolderName(WScript.ScriptFullName)
' File in script root
fso.CopyFile scriptDir & "\file_to_be_copied.txt", "C:\TargetFolder\"
' File in subfolder
fso.CopyFile scriptDir & "\MyFolder\file_to_be_copied.txt", "C:\TargetFolder\" An individual update ring can only be updated to a later version than the one it is currently running.
An individual update ring can only be updated to a later version that has already been applied to the ring with the lowest delay.
You are only updating a specific ring to a later version, not the whole deployment or any other rings.
Once the deployment has completed successfully, if you navigate back to the ring, you will see the version number has changed and the Update Now button is unavailable.
Note
See How Products are Handled at End-Of-Life (EOL) or Become Incompatible for more information about how we handle EOL apps in general, other reasons for removing apps from our App Catalog, and a searchable List of Products Removed due to End-of-Life or Compatibility Issues.
In PMPC Cloud, when an app goes EOL:
The app no longer appears in App Catalog.
Any existing deployments of the app will be flagged with the EOL indicator in the Deployments node.
If the app has been discovered by PMPC Cloud Discovery and is currently being managed, the app itself will be flagged with the EOL indicator on the Managed tab of the Discovery node.
If an app that is part of an MSP App Set is marked as EOL:
Any existing deployments of the app will be flagged with the EOL indicator in the App Set.
Important
If an app includes multiple variants and only certain variants are marked as EOL, the other non-EOL variants continue to function normally and are not marked as EOL.
Any existing deployments of EOL apps can still be edited, recreated, etc., but you will be unable to create a new deployment of the EOL app. This also applies to EOL apps that are part of an existing App Set. EOL apps will not appear in the Select Application dropdown when creating a new App Set.
If an existing App Set contains a deployment for an EOL app, new assignments can be added to the deployment for new Child Companies managed by the MSP Parent Company.
The following examples show how EOL will appear in the Cloud Portal:
An existing deployment of an EOL app will be shown as follows.
A managed app in Discovery that is EOL will be shown as follows.
An EOL app deployment that is part of an existing App Set will be shown as follows.
An overview of the deployment feature
How to deploy an app
How to deploy the same app with multiple configurations
How to create a deployment without assignments
How to use a Template in your deployments
All about the Update Rings feature
Monitoring the status of a deployment
Managing updates to successful deployments
Deployment management tasks
To deploy an app using PMPC Cloud:
Sign in to the portal at https://portal.patchmypc.com/
Locate the required application on the App Catalog page.
Tip
Use the Search field to help you locate the app.
Note
If an app (for example, the Windows version of Slack) has multiple versions available for different variants/installer types, the App Catalog shows the total number of available versions. If you hover your mouse over this, you can see the list of variants grouped accordingly. Only that version will be displayed if a single version is available for all variants.
Click the app to open its properties.
Click Deploy to start the Deployment Wizard.
Note
If the app you are deploying is also supported for macOS, you will see a separate Deploy option for macOS and you should follow the Deploy a macOS app process.
Also, if the app you are deploying is already published by our on-premises Publisher, you will see the This app is already deployed warning dialog stating that deploying the same app through both Publisher and PMPC Cloud can cause potential issues if there are differences between the deployment configurations. We therefore strongly recommend you only deploy an app through either Publisher PMPC Cloud to avoid such issues.
The General Information tab is displayed, which needs to be completed.
Note
Once the Deployment Wizard starts, the Apply Template button becomes available, which allows you to apply any Deployment Templates you have created that contain preconfigured settings to your deployments.
For example, setting a Retention Policy of 1 for Google Chrome would mean you always have n-1 versions of Chrome, the latest and the previous version, until a newer version is deployed.
Important
The previous version (n-1) of an app may temporarily remain visible in Intune even when a Retention Policy is not configured.
The portal only deletes the previous version during the next Sync Schedule, not in the same sync that creates the new version.
This behavior is intentional as it prevents situations where if the new version (n) fails to package, no version of the app remains available.
If Update Rings are configured, the previous version may remain for more than one sync, and will only be deleted after the next steps are completed.
To configure a PMPC Cloud deployment to use a Retention Policy:
Add the Retention Policy tool.
Click the Retention Policy tool.
In the Versions to Retain box, either type the required number or use the controls to configure the number of versions of this app you wish to retain in your environment.
Note
The default value of 0 means only the most recent version of the app is retained. You can retain up to ten versions of an app.
Tip
See Check App Version Retention for details on how to check within Intune that the correct number of versions of an app are being retained as defined in your Retention Policy.
If you do not want to configure any additional settings, click Next to move to the Assignments tab.
Otherwise, navigate to the relevant tool to configure the required settings, which are explained in the relevant section.
Note
Other important points about App Version Retention:
Modifying the Versions to Retain setting is supported. The next time the Sync Schedule runs (or you manually update an app), the changes will be applied to the deployment.
Deleting a deployment or disconnecting will delete the latest and all old unassigned versions of all of your deployments.
Modifying an existing deployment with a Retention Policy configured will only affect the current version, not all previous versions. For example, if you edit a deployment and add an extra file, the file is only added to the latest version, not all previous versions.
You should avoid deleting versions of apps manually using the Intune admin center. Inadvertently deleting a previous version from Intune will not break the Retention Policy for the deployment. When a newer version is deployed, we will delete the relevant previous version(s) accordingly to keep everything in sync.
Note
If you do not see the Enable Application Migration checkbox on the Cloud tab, ensure you are running the required version of Publisher as detailed in Migration Requirements.
By default the Publisher polls the ConfigMgr Site Database every 60 minutes for application changes.
Important
If you click Disconnect on the Publisher's Cloud tab, all of the Migration features data will be deleted from your PMPC Cloud company. You should therefore avoid doing this until you have completed the migration of all required items from ConfigMgr to PMPC Cloud.
Next, sign in to your PMPC Cloud company and verify that the Migration node is visible in the Cloud Portal.
Tip
The following log files can be used for more information and for troubleshooting the migration feature:
"%ProgramFiles%\Patch My PC\Patch My PC Publishing Service\Logs\PatchMyPC-AppMigrationService.log”
"%ProgramFiles%\Patch My PC\Patch My PC Publishing Service\Logs\PatchMyPC-CloudFileUploadBackgroundService.log”
"%ProgramFiles%\Patch My PC\Patch My PC Publishing Service\PatchMyPC.log”
Note:
For new installations of Patch My PC Publisher, the PatchMyPC.log file will exist in the following folder:
"%ProgramFiles%\Patch My PC\Patch My PC Publishing Service\Logs"
Important
Only users assigned the Full Admin role will be able to see the Events node.
See User Roles for more information.
The Events page is then displayed, allowing you to:
Important
Events are only held in the portal for 30 days, after which they are automatically groomed from the database. If you wish to keep events longer than 30 days, follow the Export Events process.
Note
The number in parentheses beside the Export button shows how many events will be exported.
A CSV file called events_log_entries.csv is downloaded to your computer. This contains the number of entries shown in parentheses and can then serve as an archive or be imported to another application for onward manipulation.
We export the following:
Date
Title
Architecture
Installer Type
User
Category
Operation
Type
Version
Description
Here is an example:
Tip
You can use Filters to control which events you export, rather than exporting all events. See Filter Events for more information.
Configure your required filters, then click Apply All Filters.
Only the Events matching the filter criteria are displayed.
Note
You can click the filter button to close the filter sidebar to see more details about the results without affecting the filter.
Tip
When a filter is applied, a green dot appears beside the Filter button.
To clear a Filter:
Click Clear All at the bottom of the filter box or navigate to a different page of the portal.
Verify the green dot beside the Filter button has gone.
Click on the relevant deployment which has been resumed.
Click Sync Now to install any updates for the app immediately.
Note
If the Sync Now button is greyed out, no updates are available for this app.
On the Are you sure you want to update <app_name> to the latest version popup, click OK.
The Deployment <app_name> updated notification is displayed and the deployment Status changes to In Progress.
Once the deployment has been completed successfully, the Status changes to Success.
Tip
If you look in the Events node, you will see the following event:
Deployment <app_name> Updated.
An overview of the Events feature
How to search for an Event
How to filter Events
How to export Events
How to sort Events
How to find out more information about an Event
How to change the number of Events shown on a page
How to navigate between pages of Events
Details the various Events generated
How apps are migrated when the primary installer file is an .exe
How apps are migrated when the primary installer file is an .MSI
How apps are migrated when the primary installer file is either .bat, .cmd, .ps1 or .vbs
How apps are migrated when PSADT is detected
Applies to: Patch My PC Cloud
The Return Codes tool of the Patch My PC (PMPC) Cloud deployment wizard allows you to configure Return Codes for a deployment (a Return Code is a numerical code an app typically logs and reports once it has completed running its installer).
You can manage Return Codes from within the properties of a:
Deployment
Custom App
Note
See the section of for details on how to configure Return Codes within the properties of a Custom App.
Also, macOS apps also do not support Return Codes.
To manage Return Codes for a Deployment:
Click the Return Codes tool.
Note
The number beside the Return Codes tool shows the number of return codes currently configured for the app being deployed.
The default Return Codes defined for the app are shown, plus any defined for the app if this is a Custom App.
Note
If a vendor supplies a list of Return Codes for their app, we include it. If they don’t, we automatically populate the list of Return Codes with industry-standard codes.
If you do not want to add a new Return Code, proceed to Step 5.
To add a new Return Code for this deployment, enter the numerical value in the Return Code field, select its meaning from the Code type dropdown, then click Add.
The new Return Code is added to the list.
If you do not want to edit a Return Code, go to Step 9.
To edit a Return Code, click the pencil icon beside it.
Make any required changes.
Click the green tick to save your changes.
The Code type field is updated.
To delete a Return Code, click the red trash can beside the relevant code.
Note
You cannot delete either the default Return Codes for a deployment or any that have been added as part of the Custom App’s configuration. However, you can edit them.
If you add a Return Code to a deployment, you will be able to edit or delete it from the deployment if required.
Important
If the Return Codes you define in a deployment differ/conflict with those defined for a Custom App, the Return Codes defined on the deployment take precedence.
The code is deleted from the list.
If you do not want to configure any additional settings, click Next to move to the tab.
Otherwise, navigate to the relevant tool to configure the required settings, which are explained in the relevant section.
Applies to: Patch My PC Cloud
Note
Using the Scripts tool is optional.
The Scripts tool of the Patch My PC (PMPC) Cloud deployment wizard allows you to configure settings for install and uninstall scripts.
Note
Scripts will be run in the same context as the application.
Each install script is limited to 1 MB per script, with a total size limit of 4 MB for all scripts.
There is a limit of 50,000 characters per script.
Important
Currently, scripts containing "${env:ProgramFiles(x86)}" or "${env:ProgramFiles}" cannot be uploaded as Cloudflare is falsely identifying them as a false positive related to Log4j exploits. We are actively working with them to resolve this, but as this is outside our control, we cannot provide an estimated resolution time.
To work around this issue, see the section of .
To add a script:
Add the .
Click the Scripts tool.
Note
If the app includes our recommended scripts, you will see the Customer Scripts | PMPC Scripts toggle shown above the Install Scripts section.
See for more details on the options you have for managing these scripts.
Click Add beside the relevant script option to add a script, then configure the required settings as per the relevant articles:
- a script that can be run before the installer runs.
- a script that can be run after the installer runs.
- a script that can be run before the uninstaller runs.
Note
If you upload as part of your Patch My PC (PMPC) Cloud Deployment, you can reference those files in any of the in the same deployment by building a path relative to the script's current location. See for more information.
Also, if any PSADT commands are detected in any of the scripts configured in the Scripts section, a warning is displayed about ensuring that any devices to which this deployment is assigned have at least .NET Framework 4.7.2 installed.
If you do not want to configure any additional settings, click Next to move to the tab.
Otherwise, navigate to the relevant tool to configure the required settings, which are explained in the relevant section.
Applies to: Patch My PC Cloud
A Post-Install Script is a script that can be run after the installer runs.
To add a Post-Install script:
Click Add beside the Post-Install option.
The Add Pre-Install Script page is shown, highlighting that the default Script Format is .ps1, with built-in support for PSADT functions.
To import an existing script, click Import, browse to the location containing the script, and select it.
The Script Name field is populated with the filename of the script selected, and the Add Post-Install Script page is populated with the imported script.
To manually add a script, enter a unique name for the script in the Script Name field.
Select the type of script from the Script Format dropdown.
In the script editor, type your script.
Note
We currently have a limit of 50,000 characters per script. Use the Number of characters used counter to keep track of the number of characters you’ve entered in the script editor.
Tip
Under the script editor, we include example syntax to help you understand the required syntax for referencing any additional files you've uploaded, which updates depending on the Script Format selected.
In the Arguments field, enter any arguments you want to provide to the script.
Tip
You can use variable names as arguments, provided they are enclosed by percentage signs (%). We provide common variables under this field, which you can add by clicking the plus (+) symbol or relevant variable name.
%ReturnCode% is currently only supported on post-scripts.
Important
Using script Arguments is currently unsupported when deploying an app to macOS.
Also, if you add any PSADT scripts to your deployments, you need to ensure .NET version 4.7.2 is installed on any devices to which this app will be deployed.
Click Save to save your script.
The Configurations tab is re-displayed with the name of the configured script beside it.
Tip
You can click Edit to edit a script or its settings. You can also click the red “x” beside a script to delete it.
If you do not want to configure any additional settings, click Next to move to the tab.
Otherwise, navigate to the relevant tool to configure the required settings, which are explained in the relevant section.
Applies to: Patch My PC Cloud
A Post-Uninstall Script is a script that can be run after the uninstaller runs.
To add a Post-Uninstall script:
Click Add beside the Post-Uninstall option.
The Add Pre-Install Script page is shown, highlighting that the default Script Format is .ps1, with built-in support for PSADT functions.
To import an existing script, click Import, then browse to the location containing the script and select it.
The Script Name field is populated with the filename of the script selected, and the Add Post-Uninstall Scripts page is populated with the imported script.
To manually add a script, enter a unique name for the script in the Script Name field.
Select the type of script from the Script Format dropdown.
In the script editor, type your script.
Note
We currently have a limit of 50,000 characters per script. Use the Number of characters used counter to keep track of the number of characters you’ve entered in the script editor.
Tip
Under the script editor, we include example syntax to help you understand the required syntax for referencing any additional files you've uploaded, which updates depending on the Script Format selected.
In the Arguments field, enter any arguments you want to provide to the script.
Tip
You can use variable names as arguments, provided they are enclosed by percentage signs (%). We provide common variables under this field, which you can add by clicking the plus (+) symbol or relevant variable name.
%ReturnCode% is currently only supported on post-scripts.
Important
Using script Arguments is currently unsupported when deploying an app to macOS.
Also, if you add any PSADT scripts to your deployments, you need to ensure .NET version 4.7.2 is installed on any devices to which this app will be deployed.
Click Save to save your script.
The Configurations tab is re-displayed with the name of the configured script beside it.
Tip
You can click Edit to edit a script or its settings. You can also click the red “x” beside a script to delete it.
If you do not want to configure any additional settings, click Next to move to the tab.
Otherwise, navigate to the relevant tool to configure the required settings, which are explained in the relevant section.
Applies to: Patch My PC Cloud
Note
Using the Extra Files tool is optional.
The Extra Files tool of the Patch My PC (PMPC) Cloud deployment wizard allows you to upload additional configuration files for a deployment.
To add extra folders and/or files:
Add the .
Click the Extra Files tool.
Either:
Drag and drop the relevant folders or files to the relevant area.
Click the relevant button to browse to and select the relevant folders or files.
Note
See for a list of filenames and extensions we do not support for upload.
Also, adding a folder will add any files and folders (including their files) within the selected folder.
We support uploading files with the same name, provided they are in different folders. We also support uploading folders with the same name, provided the selected paths are unique.
Click Upload when your browser prompts you to upload the content.
The hash will be calculated for any folders/files you upload, which will appear at the bottom of the Extra Files section.
Note
The total number of extra folders/files is not limited, but their total size must not exceed the storage limits for your license type. See for more details.
Also, if the Installer Type on the General Information page is set to .msi, the MST File section will be shown, allowing you to upload a single MST file. This file must have the .mst extension.
Repeat the above steps to add any additional folders/files as required.
Note
Once a deployment has been successfully created, you can add or remove any additional folders or files as required.
If you do not want to configure any additional settings, click Next to move to the tab.
Otherwise, navigate to the relevant tool to configure the required settings, which are explained in the relevant section.
Note
If you upload as part of your Patch My PC (PMPC) Cloud Deployment, you can reference those files in any of the in the same deployment by building a path relative to the script's current location. See for more information.
Applies to: Patch My PC Cloud
Note
Using the Categories tool is optional.
The Categories tool of the Patch My PC (PMPC) Cloud deployment wizard allows you to leverage Intune App Categories (Categories) in your deployments to help users find apps in the Company Portal.
Note
See the section of for more information on App Categories.
To add a Category to a deployment:
Add the .
Click the Categories tool.
Go to Step 6. to add a new category or in the Add Category field, either:
Start typing the name of the relevant Category, then click the checkbox beside it to select it.
Click the dropdown to see a list of existing Categories and click the relevant checkbox(es) to select it.
Tip
You can click the X beside a Category in the Add Category field to delete it from the list.
Repeat this process to add any additional categories.
Go to to step 8. if you do not want to add a new Category.
To add a new Category, type its name in the Add Category field.
Note
You can create up to 200 categories per Intune tenant. Each category name must:
Be unique
Press ENTER and the Success – The category “<category_name>” has been created notification is shown, confirming the new category has been added to both Intune and this deployment.
The number of categories selected is shown beside the Categories tool.
Note
See for details on how to check within Intune that the Categories defined in the deployment have been assigned correctly.
Also:
If different Categories are configured in the portal and Intune admin center they are combined to be the same.
If you do not want to configure any additional settings, click Next to move to the tab.
Otherwise, navigate to the relevant tool to configure the required settings, which are explained in the relevant section.
Applies to: Patch My PC Cloud
Note
Using the ESP Profiles tool is optional.
The ESP Profiles tool of the Patch My PC (PMPC) Cloud deployment wizard allows you to configure your deployments created in our portal to be part of one or more profiles configured on the Enrollment Status Page (ESP) of the Microsoft Intune admin center.
Note
See for more details about the ESP and working with ESP profiles.
To configure a PMPC Cloud deployment to use an ESP Profile:
Add the .
Ensure the ESP Profile(s) you want this deployment to belong to have already been created in Intune.
Note
At the time of writing, Intune supports a maximum of 51 profiles plus the default profile (so 52 in total) per tenant.
Click the ESP Profiles tool.
In the Add Profile field, either:
Start typing the name of the relevant ESP Profile, then click the checkbox beside it to select it.
Click the dropdown to see a list of existing ESP Profiles and click the checkboxes beside the relevant profiles to select them.
Note
If an ESP Profile already contains the maximum of 100 apps, you will be unable to select it from the dropdown. If you hover over it, you'll see the Total limit reached tooltip.
The selected ESP Profile(s) are added to the Add Profile field.
Tip
You can click the X beside an ESP Profile in the Add Profile field to delete it from the list.
Also, the number in brackets shows the number of apps currently added to an ESP Profile, with 100 being the maximum.
Note
See for details on how to check within Intune that a PMPC Cloud deployment has been successfully added to an ESP Profile.
Repeat this process to add any additional ESP Profiles.
The number of ESP Profiles selected is shown beside the ESP Profiles tool.
Note
To avoid potential conflicts, we highly recommend creating all deployments within the PMPC Cloud portal and using the ESP Profiles feature to control which apps belong to which ESP profiles. You should only use the Enrollment Status Page in the Intune admin center to create an ESP Profile.
Other important points about ESP Profiles:
If you do not want to configure any additional settings, click Next to move to the tab.
Otherwise, navigate to the relevant tool to configure the required settings, which are explained in the relevant section.
Applies to : Patch My PC Cloud
Welcome to the Update Rings section for Patch My PC (PMPC) Cloud.
This section contains articles covering the various Update Ring-related tasks for PMPC Cloud.
Applies to: Patch My PC Cloud
In Patch My PC (PMPC) Cloud, there are two different types of Update Rings, both of which depend on the start time of the relevant deployment and how you have your Sync Schedule configured:
Note
Only once the configured start time has passed will the assignments under an Update Ring be created in Intune for the corresponding Win32 app.
The Delayed option works as follows:
The first Update Ring is created immediately, and the software is deployed to the assigned test users/devices (usually known as a pilot group).
After waiting the configured number of days from when the deployment was created (to allow testing to be performed), the next Update Ring is created, and the software is deployed to the assigned users/devices (usually a bigger group/all assigned users/devices).
Step 2 is repeated until all Update Rings have been created and the software has been deployed to all users/devices requiring it.
The advantage of the delayed option is:
As the next ring (and therefore the next set of assignments) has not been created, if the software causes an issue that is detected in the first ring, the issue cannot propagate to other rings as they haven’t been created.
Your full Update Ring workflow is followed, starting with the current version.
Useful when you want every version to follow the same controlled rollout.
The disadvantages of the delayed option are:
The deployment will be in a scheduled state until at least one version has passed through all rings.
Your Sync Schedule configuration can impact both when the initial rings are created and when the Sync Schedule runs, which will update your rings and their assignments, including promoting a new version to your relevant rings.
You cannot edit a deployment that uses delayed Update Rings until all of the rings have been created. If you try, you will see the
The Immediate options works as follows:
All Update Rings are created immediately with their relevant delays and assignments.
Assignments from all of the Update Rings will be applied to the version of the app you created the deployment with.
Update Rings will not begin to work until the next version (current plus one or n+1) of the software is released. At this point, the assignments from the previous version are moved to the latest version and Update Rings start to function as configured.
The advantages of the immediate option are:
All rings are created and configured once.
The deployment can be edited and adjusted as required.
You can make configuration changes at any time.
Helpful for first-time deployments where version
The disadvantages of the immediate option are:
If the software in one ring causes an issue, if the admin forgets to pause the deployment or remove any additional rings, the issue could be spread to the next ring, even if a delay between rings is configured.
All assignments from all Update Rings are applied to the same version of the application that the deployment was created with. However, this is only true for the initial creation of the Update Rings. All other functionality of Update Rings will continue to work as normal in any new app versions.
Important
You need to consider the following when working with Update Rings:
You cannot mix standard deployments (that don’t use Update Rings) and Update Rings in a single deployment.
Applies to: Patch My PC Cloud
As detailed in "Assignments" tab of a Patch My PC Cloud Deployment and Create a Deployment without Assignments in Patch My PC Cloud, there are several different types of assignments you can configure for a Patch My PC (PMPC) Cloud deployment.
This article focuses on some caveats and considerations specific to configuring assignments, which, if overlooked, can sometimes lead to errors.
To quickly recap from the public documentation, there are two ways to deploy applications:
These deployments can use four assignment types:
Required - The software installation is enforced on targeted devices.
Available - The software appears in the Company Portal for users to install.
Uninstall - The software is removed from targeted devices.
The Cloud Portal is the source of truth for these deployments. All edits should be made in the Portal, not manually in Intune.
By default, the Cloud Portal checks daily for new software versions.
If you make manual changes in Intune, packaging a new version from the Portal can fail.
Following the Portal as the source of truth ensures your assignments are applied correctly and avoids deployment errors.
These apps allow manual control in Intune and come in two types:
Install App – A base installation. You can assign it in Intune as Required, Available, or Uninstall.
UpdateOnly App – A conditional Win32 update. Intune evaluates whether a device has an older version installed before applying the update.
For these apps, Intune is the source of truth. You manage assignments manually in Intune, and the Portal does not enforce them.
If the Copy-Forward option is enabled, the Portal will copy these manual assignments to new versions automatically.
If Copy-Forward is not enabled, assignments are not carried over, and you must manage them manually for each new version.
Once a deployment is created without assignments in the Portal, you cannot switch it later to a deployment with pre-configured Cloud Portal assignments. You must create a new deployment if you want that functionality.
Applies to: Patch My PC Cloud
Important
If a Patch My PC (PMPC) Cloud deployment is created with Delayed Update Rings, you cannot edit it until all of the rings have been created. If you attempt to edit a deployment with incomplete Update Rings you will see the Error - Editing is not allowed until all rings are created after the configured delay message.
Also, if you make any changes to Return Codes for a deployment where Update Rings are enabled, these changes are only applied to the latest ring (newest version).
To edit the Update Rings configuration for a deployment:
Navigate to the Deployments node.
Click the relevant deployment whose Update Ring configuration you want to edit.
Tip
Click the filter button () and select the Enabled option under the Update Rings section, followed by Apply Filters to see just those deployments that have update Rings configured.
Click Edit.
Click the Assignments tab.
Applies to: Patch My PC Cloud
Applies to: Patch My PC Cloud
The Patch My PC (PMPC) Cloud Migration dashboard includes the following options:
Note
See the section below for troubleshooting tips.
The Refresh option is available directly from the dashboard toolbar.
Clicking Refresh triggers an immediate delta sync from Publisher to PMPC Cloud, bypassing the normal scheduled sync interval configured in Publisher (60 minutes by default). This is useful when new applications or recent changes are available in Publisher, and you want them reflected in Cloud as soon as possible.
A refresh only processes incremental changes and does not rebuild existing migration metadata.
The Full Resync option is accessed by clicking the ellipsis beside the Refresh option.
Clicking Full Resync clears all migration metadata in both Cloud and the Publisher, then rebuilds it from scratch using the latest migration logic in PMPC Cloud. Non-migrated applications are removed and reimported, while migrated applications remain unchanged.
This option is intended for scenarios where migration metadata is missing, incomplete, or corrupted, such as missing file access or invalid values like a file size of zero, and where the issue cannot be resolved through normal application revision updates.
Because a full resync re-evaluates all applications, the process may take some time and cannot be cancelled midway through.
If the Refresh or Full Resync options are unavailable, it means PMPC Cloud has lost connectivity to the Publisher.
To restore the connection, open the Publisher console, go to the About tab, and select Restart Service, which will re-establish communication with your PMPC Cloud company.
Applies to: Patch My PC Cloud
When migrating a Configuration Manager (ConfigMgr) application as a suggested Patch My PC (PMPC) Catalog App, the migration flow depends on how many catalog matches are found.
If multiple PMPC Catalog Apps match the ConfigMgr application, you are first presented with the Matched App step, which allows you to review the available matches and select the PMPC Catalog App to migrate to.
After you select the appropriate match, the migration continues into the deployment flow with the selected application pre-selected.
If only a single unique PMPC Catalog App match is identified, the Matched App step is skipped entirely and the migration moves straight into the deployment flow with that application automatically pre-selected.
Note
Where possible, details such as architecture and installer type are inferred from the original ConfigMgr application and populated automatically to reduce manual configuration.
From this point, continue following , where the remaining steps of the deployment flow are completed.
Applies to: Patch My PC Cloud
To use the Patch My PC (PMPC) Cloud Migration tool, you need to have a:
A supported version of Microsoft Configuration Manager (ConfigMgr).
Patch My PC Publisher, version 2.1.99.0 or later.
PMPC Cloud Company:
To which you have an account that has been granted the Full Admin user role (either by having this account created directly in the Cloud Company or by being a member of an Entra ID Group that has been granted this role).
A valid Enterprise Premium or Enterprise Plus license:
Enterprise Premium allows you to:
Use Publisher to retrieve a list of applications from your ConfigMgr site and send it to your PMPC Cloud Company.
Important
Because the Migration feature is part of our Enterprise Premium license SKU, if your PMPC Cloud company is using an Enterprise Plus license, the Migrate button will be locked, preventing you from migrating the app to PMPC Cloud.
However, the is available and can be used to give you an overview of the detected ConfigMgr applications and to see a list of the ConfigMgr applications detected, along with their associated information.
Note
The Migration feature is unsupported if your PMPC Cloud company is running an MSP license.
Applies to: Patch My PC Cloud
Configuration Manager (ConfigMgr) applications that can be migrated to Patch My PC (PMPC) Cloud and deployed as one of our Custom Apps have a Match Type of Custom App.
Once you click Migrate to migrate a ConfigMgr application to a PMPC Custom App, the Custom Apps Deployment Wizard starts, and you can follow Create a Custom App, but please note the following:
As a double-check, verify that the information on each tab is correct before clicking Next.
On the General Information tab, ensure the Version and Apps & Features Name fields are completed. These are required to complete the deployment wizard and are also important if you choose to switch from custom detection rules carried over from ConfigMgr to the PMPC detection rule on the Detection Rules tab.
On the Configurations tab, under the Install Parameters tool/section, check that the Additional Argument field is correct and includes any required additional arguments/command line options. If the application's primary installer file is a .MSI, we automatically extract it and populate the Conflicting processes field on this tab.
On the Assignments tab, you can click ConfigMgr Assignment List to see a list of the current assignments in ConfigMgr, so you can then review this and set these up in Intune accordingly.
Tip
If you don’t want to deploy this app now, click Install App under App Without Assignments on the Assignments tab, then click Migrate to create the app in Intune only. When you are ready to assign the app, you can and add the required assignment.
On the Detection Rules tab, you can either continue with the Use Custom option, i.e. what we detected in ConfigMgr, or select the Patch My PC Default (Recommended) option instead.
When you click Migrate, the Deployment Created, Migration Pending notification is shown.
The Status field also updates to In Progress whilst the deployment is created, with any required content zipped (e.g., the primary installer file and any extra files) and sent to Azure Blob Storage.
You can also monitor the deployment progress by clicking the Deployments node and watching for the deployment status to change to Success.
Tip
To see the migrated app in Intune, within the Microsoft Intune admin center navigate to:
Home | Apps | Windows | Windows | Windows Apps | <app_name>
Applies to: Patch My PC Cloud
When migrating a Configuration Manager (ConfigMgr) application to a Patch My PC (PMPC) Catalog App, the deployment wizard starts, and you can follow Deploying an App using Cloud, but please note the following:
Verify that the information on each tab is correct before clicking Next.
On the Configurations tab, under the Install Parameters tool/section, check that the Additional Argument field is correct and includes any required additional arguments/command line options.
On the Assignments tab, you can click ConfigMgr Assignment List to see a list of the current assignments in ConfigMgr, so you can then review this and set these up in Intune accordingly.
Important
We do not match ConfigMgr assignments to Entra ID groups. You need to manually configure your assignments during app deployment.
Once you have added your assignments, click Migrate and the Deployment Created, Migration Pending notification is shown.
The Status field also updates to In Progress whilst the deployment is created, with any required content (such as extra files) being zipped and sent to Azure Blob Storage.
You can also monitor deployment progress by clicking the Deployments node and watching for the deployment Status to change to Success.
Tip
To see the migrated app in Intune, within the Microsoft Intune admin center navigate to:
Home | Apps | Windows | Windows | Windows Apps | <app_name>
Applies to: Patch My PC Cloud
All Patch My PC (PMPC) Cloud management-related tasks are performed through the Cloud Portal, which is browser-based and is what you see when you sign in at
The Cloud Portal is split into two key areas:
Navigation pane - Allows you to navigate through the different nodes
Applies to: Patch My PC Cloud
The General Information tab of the Patch My PC (PMPC) Cloud deployment wizard allows you to configure various general settings (explained below) for how you want the app to be deployed.
Note
If an app has multiple variants with different version numbers, you will see a yellow triangle with an exclamation mark next to the Version number. This is a warning to you to double-check that you are deploying the correct version.
Applies to: Patch My PC Cloud
A Pre-Uninstall Script is a script that can be run before the uninstaller runs.
To add a Pre-Uninstall script:
Click Add beside the Pre-Uninstall option.
The Add Pre-Install Script page is shown, highlighting that the default Script Format is .ps1
Applies to: Patch My PC Cloud
Note
Using the Dependencies tool is optional.
The Dependencies tool of the Patch My PC (PMPC) Cloud deployment wizard allows you to create dependencies within a deployment, whereby the app being deployed requires one or more other apps to have already been installed on the targeted resource before it can be deployed.
Applies to: Patch My PC Cloud
For a Patch My PC (PMPC) Cloud deployment with Update Rings enabled, you can either:
Applies to: Patch My PC Cloud
In Patch My PC (PMPC) Cloud, a successful deployment can be edited (changed) should you wish to change any of its settings (e.g., assignments, command line parameters, etc.).
Note
Some notes about Deployments:
Applies to: Patch My PC Cloud
Some large organizations want to be able to create deployments in Intune Apps for Patch My PC (PMPC) Cloud without any assignments.
Note
See for more details about assignments and how they work in PMPC Cloud.
Then, their local IT organization adds and manages the assignments to the relevant deployments to meet their needs by using Intune admin center.
Applies to: Patch My PC Cloud
This article lists the various that are generated with the Security severity by Patch My PC (PMPC) Cloud.
Applies to: Patch My PC Cloud
Note
Support for Script-based apps is still in development and is expected to be available soon.
When applications are inventoried from Microsoft Configuration Manager (ConfigMgr), Patch My PC (PMPC) Cloud analyzes the application metadata to determine how the application is installed and should be migrated. As part of this process, the installation command line is evaluated, and the primary installer file is identified from the application’s content source folder.
An overview of the Update Rings Feature
Explains how Update Rings are created
How the Sync Schedule Affects Update Rings Explains how the Sync Schedule configuration affects Update Rings
Explains how Update Rings handle new versions
How to create Update Rings for a deployment
How to edit Update Rings configured for a deployment
How to view the Update Rings configured for a deployment
Check if an Update Ring has been created How to check if an Update Ring has been created
Update an Update Ring How to manually update an Update Ring immediately
How to convert an existing deployment to use Update Rings
How to delete one or more Update Rings for a deployment
Reference section for the Update Rings Feature
Overview of Migration An overview of the Migration feature
Migration Requirements What's required to use the Migration feature
Setting up Migration How to set up the Migration feature
How Migration Type is Determined What logic is used to evaluate how we migrate ConfigMgr apps
How Different Applications are Migrated How PMPC Cloud identifies and handles different types of ConfigMgr apps for migration
Performing an Application Migration How to perform an application migration as a catalog app, suggested catalog app, or a custom app
Refresh Migration Data How to refresh migration data by triggering an immediate sync from Publisher
Post Migration What to do once a migration is complete
How the Sync Schedule Affects Update Rings for more information on how your configuration of the Sync Schedule will affect how Update Rings behave.
How Update Rings Handle New Versions for more information about how update rings handle new versions, including worked examples.
Click Migrate (when supported) to migrate the application to Intune, which creates either a:
Deployment for a PMPC catalog app (if we match to a catalog app).
Custom App and a Deployment (if we match to a Custom App).
In both cases, you can specify the configuration and assignments in the same way as a regular Cloud deployment.
Enterprise Plus only allows you to:
Use Publisher to retrieve a list of applications from your ConfigMgr site and send it to your PMPC Cloud Company.
Use PMPC Cloud to review and evaluate if an application can be migrated to Intune.
Sign up for an Enterprise Premium Trial from Enterprise Plus, which allows you to migrate up to five applications.
Not contain the backslash (\) or quote (") characters
Not be the name of a script.
If a Category is created in the portal and then removed from the Intune admin center, it will be re-added by the portal.
Categories are also copied forward to a new version of an app.
.BAT
.CMD
.PS1
.VBS
If this warning is not displayed, you should not check the Enable PSADT Module checkbox.
Different ESP Profiles can be used in different Update Rings if required.
If you edit an ESP Profile that is used in a deployment that uses Update Rings, the changes will only be applied to the version of the deployment that is applied to the ring with the lowest delay.
If during a Sync Schedule the number of apps within an ESP Profile exceeds 100, we do not fail the deployment. The deployment will be completed with any new versions being assigned. However, we will display a warning indicator in the portal and the message “Failed to add application with version “<version_number>” to “<esp_profile_name>”.
Approved
A user successfully completed the "Recover Your Company" process.
Company Ownership Rejected for <user_name>
Access
Rejected
A user failed to complete the "Recover Your Company" process.
Customer Support Settings Updated for Company <company_name>
Company
Updated
The settings for a company are updated.
Group role with id <entra_id_security_group_id> was created with role <user_role_assigned>
Group Role
Created
When an Entra ID Security Group is added to the portal
Group Role Removed
Group Role
Removed
When an Entra ID Security Group is removed from the portal
Group role with name <group_name> and id <entra_id_security_group_id> was changed to role <new_user_role>
Group Role
Updated
When the role of an Entra ID Security Group is changed within the portal
Intune Connection Added
Intune
Connected
An Intune tenant is connected to the portal.
Intune Connection Removed
Intune
Disconnected
An Intune tenant is disconnected from the portal.
Invitation Sent to <user_name>
Invitation
Created
A user invitation is sent.
Preview Features Setting Updated by <user_name>
Company
Updated
A user changes the Preview Features setting for a company
User Account Created for <user_name>
User
Created
A user is created.
<user_name> Removed by <admin_name>
User
Removed
A user is deleted.
<user_name> Role Changed by <admin_name>`
User
Role changed
A user's role is changed.
Company Ownership Approved for <user_name>
Access
**
Uploading a .mst file automatically adds the following to the Additional Argument field of the Install Parameters section:
TRANSFORMS=[<mstfile>].mst
where <mstfile> is the name of the uploaded MST file.
Make any required changes, for example:
Move Assignments between rings using drag and drop
Rename rings by clicking the pencil icon beside the relevant ring
Modify the delay for a ring by clicking the minus (-) or plus (+)
Add a ring by clicking Add Update Rings
Delete a ring by clicking the red x after the delay.
Click Save to save your changes.
If you make any changes that affect how the Update Rings will work, you will see the “<app_name>” Deployment Summary asking you to either confirm or cancel your changes. For example, reducing the delay for Corel All Users ring from 3 days to 2 results in the following.
Either click Cancel to return to the Assignments tab and make any required changes or click Confirm to save your changes. The Deployments node is redisplayed along with the Success – Edited <deployment_name> notification.
The Navigation pane consists of the following nodes:
Clicking the App Catalog node (selected by default) lists all apps we currently support, which you can deploy and manage.
From the App Catalog you can:
Search for a specific app.
Create a new Custom App by clicking Add App.
Modify your view of the App Catalog and whether you see it as a grid view (the default view) or a list view.
Sort the App Catalog by App Name (both forward and reverse sort) and the date apps were Last Updated (both forward and reverse sort).
Apply Filters to help you refine the results you see.
.
Clicking the Deployments node lets you view all your current deployments and their status.
Note
See Deployments for more information.
Clicking the Events node lets you view and manage all of the Cloud-related Events created by the various tasks performed from the Cloud Portal.
Note
See Events for more information.
Clicking the Migration node allows you to migrate items from a Microsoft Configuration Manager (ConfigMgr) hierarchy to your PMPC Cloud Company.
Note
See Migration for more information.
Clicking the Discovery node lets you see which apps in our App Catalog are installed in your environment, including any Binary Free Apps or Custom Apps you may have added.
Note
See Discovery for more information.
Clicking the Advanced/Patch Insights node lets you view a wealth of information about your organization to monitor, maintain, and enhance your environment.
Note
See Advanced/Patch Insights for more information.
Clicking the Settings node lets you perform various administrative tasks related to how your PMPC Cloud Company is set up and configured.
Note
See Administration for more information.
Once you have finished configuring the relevant options, go to Next Steps.
Allows you to apply a Template of pre-configured settings to this deployment.
Important
If you apply a Template to a Deployment and a setting in the Template conflicts with a setting configured in App Catalog, you will see an error.
For example, you have configured a Requirement Rule in a Template and then applied the Template to a deployment. If the setting in App Catalog conflicts with that in the Template, you will see an error indicating the minimum acceptable value to which it should be configured. You will need to change the relevant setting to dismiss the error before you can continue.
Shows the type of connection. Currently, we only support connections to Intune.
The unique name for this deployment. This is also the name of the app as it will appear on the target devices.
Note
This Display Name has to be unique per operating system. For example, you can have two deployments for the same app if one is targeted to macOS and the other Windows. You cannot have two deployments with the same name if they are both targeted to either macOS or Windows.
Multiple language entries will be present if the vendor offers separate installers for that language. For example, an EXE installer for en-US, de-DE, etc. The majority of installers are multi-language (one installer, multiple languages), and the software can be configured in different languages by:
Specifying additional installation parameters
Configuring .config or .xml files
Setting registry values.
In such cases, it is the vendor that determines the level of support and the behavior.
The architecture of the installer to be deployed:
64-bit installers can only be installed on 64-bit devices
32-bit installers can typically be installed on either 32-bit or 64-bit devices.
Unspecified installers typically contain install logic for both architectures.
The context in which to install the application:
System – Available to all users.
User – Available only to the specific user.
The available installer types you can choose from to install this app.
We currently support the following Windows installer types:
.exe
.msi
Note
If the .msi option is greyed out, it's probably because this is a Binary Free app, i.e. you need to manually download the installer from the vendor and create it in PMPC Cloud as a Binary Free App (the "Upload the required installer via 'Manage Files' to enable selection of this variant" message indicates this).
.msp
Note
As per the tooltip, if you select the msp installer type, you will only be able to create a deployment with an Update Only assignment. If you want to create a deployment using the other assignment types, you will need to select the exe installer.
We currently support the following macOS installer types:
.dmg
.pkg
Once you have finished configuring the relevant options, click Next to move to the Configurations tab.
To import an existing script, click Import then browse to the location containing the script and select it.
The Script Name field is populated with the filename of the script selected, and the Add Pre-Uninstall Script page is populated with the imported script.
To manually add a script, enter a unique name for the script in the Script Name field.
Select the type of script from the Script Format dropdown.
In the script editor, type your script.
Note
We currently have a limit of 50,000 characters per script. Use the Number of characters used counter to keep track of the number of characters you’ve entered in the script editor.
Tip
Under the script editor, we include example syntax to help you understand the required syntax for referencing any additional files you've uploaded, which updates depending on the Script Format selected.
In the Arguments field, enter any arguments you want to provide to the script.
Tip
You can use variable names as arguments, provided they are enclosed by percentage signs (%). We provide common variables under this field, which you can add by clicking the plus (+) symbol or relevant variable name.
Important
Using script Arguments is currently unsupported when deploying an app to macOS.
Also, if you add any PSADT scripts to your deployments, you need to ensure .NET version 4.7.2 is installed on any devices to which this app will be deployed.
Check the Don’t attempt software uninstall if the pre script returns an exit code other than 0 or 3010 checkbox if you don’t want the app to be uninstalled if the pre-script returns an exit code other than 0 or 3010. If you do not check this checkbox, we will attempt to uninstall the app regardless of the exit code returned by the pre-install script.
Check the Run the pre-uninstall script before performing any auto-close or skip process checks checkbox if you want to run the pre-uninstall script before the conflicting process notification is displayed (if relevant). If you do not check this checkbox, we will run the pre-uninstall script after the conflicting process notification.
Click Save to save your script.
The Configurations tab is re-displayed with the name of the configured script beside it.
Tip
You can click Edit to edit a script or its settings. You can also click the red “x” beside a script to delete it.
If you do not want to configure any additional settings, click Next to move to the Assignments tab.
Otherwise, navigate to the relevant tool to configure the required settings, which are explained in the relevant section.
Important
Before you can create an App Dependency in a PMPC Cloud deployment, the deployment for the parent app(s) must:
exist already
have been deployed successfully
The parent app can be packaged without assignments and used in a Dependency chain rule, provided the parent app is deployed first.
Also, apps that have not been successfully deployed (such as those with a status of Failed, Retrying, Processing, etc.) cannot be used to create an app dependency, nor can apps with Uninstall or Update Only assignments.
Note
Like Intune, we do not support circular dependencies (i.e. App A has a dependency on App B, and App B has a dependency on App A).
As per Intune, you can create a maximum of 100 dependencies, which includes the dependencies of any included dependencies, as well as the app itself. See Step 5: Dependencies of Add, assign, and monitor a Win32 app in Microsoft Intune for more information.
Also, the parent app must have been deployed successfully before you can create a dependency between apps.
To add a dependency:
Add the Dependencies tool.
Note
If we are aware that an app requires a dependency, we automatically add the Dependencies tool with a yellow dot after the tool name. If you click the Dependencies tool, we show you the name of the app we recommend you add as a dependency for this deployment.
Click the Dependencies tool.
From the Add Dependencies field, either:
Start typing the name of the relevant app that this app depends on already being successfully installed on the target device.
Click the dropdown and select the relevant app that this app depends on already being successfully installed on the target device.
The selected app appears under the Parent Deployment section.
Note
Click the trashcan beside the relevant app under the Parent Deployment section to delete a dependency.
Repeat Step 3. to add any additional dependencies.
Tip
Once a dependency has been configured, you can view it as part of the app’s properties in the Microsoft Intune admin center.
For more information, see Step 5: Dependencies of Add, assign, and monitor a Win32 app in Microsoft Intune.
Note
If a dependency is set up in the Intune admin center between an app managed by PMPC Cloud and an app managed directly in Intune, we will always copy-forward any dependencies from the PMPC Cloud app whenever we update the PMPC Cloud app.
Warnings
If we encounter any problems with app dependencies, we display a yellow exclamation mark (“!”) warning. Hovering over this will display more information.
We typically generate warnings in the following scenarios:
If a dependency fails to be created. In this case, a warning is shown on the impacted child app(s) at the deployment level.
If a dependency fails to be carried forward. In this case, a warning is shown on the impacted child app(s) at the deployment level.
When multiple parent dependencies exist, any warnings will specify which particular dependency failed to be created to help you troubleshoot the issue.
If an entire deployment fails before the dependencies stage is reached, no warnings are shown, as we only show warnings for successful deployments.
If you do not want to configure any additional settings, click Next to move to the Assignments tab.
Otherwise, navigate to the relevant tool to configure the required settings, which are explained in the relevant section.
Note
All deletion tasks for Update Rings are performed from the Assignments tab of the respective deployment.
To delete all Update Rings for a deployment:
Edit the relevant deployment and navigate to the Assignments tab.
If you want to delete a single Update Ring, use the Delete a Single Update Ring process. To delete all Update Rings for this deployment, click Remove all Rings.
On the Move Assignments or Delete dialog box, click Move to remove the Update Rings but keep all the existing assignments.
Note
Clicking Delete will delete any existing assignments but not the deployment itself.
The Update Rings are removed and any existing assignments are kept.
Click Save to save your changes.
Important
As removing all Update Rings disables Update Ring functionality for this deployment (which could result in unintended results), the "<deployment_name>" Deployment Summary is shown detailing the impact of your proposed change. For example, this version of the app will be deployed immediately to all of the following assignments without any of the delays enforced by using Update Rings.
Note
If the existing deployment had different versions applied to different assignments, we use the version that was applied to the lowest delay ring before the deployment was edited.
Click Cancel to return to the Assignments tab to make any required changes, or click Confirm to save your changes. The Deployments node is displayed along with the Success – Edited <deployment_name> notification.
Tip
If you edit the deployment and click More Info, you will see the tabs representing the Update Rings are no longer present.
To delete a Single Update Ring:
Navigate to the Assignments page of the deployment.
Click the red X beside the Update Ring you want to delete.
Note
Deleting an Update Ring also deletes any assignments controlled by that ring. If you want to keep the assignment, drag and drop it to another ring before you delete the ring.
The ring and any assignments it contains are deleted.
Click Save to save your changes.
As you’ve removed an Update Ring and it’s assignments, the "<deployment_name>" Deployment Summary is shown detailing the impact of your proposed change. For example, by deleting the 7-Zip Pilot +7 Days ring, this app will not be deployed to the 03 - Patching - Production - All - 7 Days Entra ID group.
Click Cancel to return to the Assignments tab to make any required changes, or click Confirm to save your changes. The Deployments node is displayed along with the Success – Edited <deployment_name> notification.
Tip
If you edit the deployment and click More Info, you will see the tab representing the deleted Update Ring is no longer present.
Only successful deployments can be edited.
If you edit a deployment with App Dependencies configured and edit just the dependency, the app won’t be republished in Intune from scratch. However, making any other changes could result in the app being republished.
If the Apply Template option is unavailable when editing a deployment, as templates are currently unsupported for use in existing deployments. See Use a Template in Deployment for more information.
When you edit an existing deployment, if a default template has been configured for the OS platform that this deployment uses, the default template is not applied when you save the deployment.
If when you edit an existing deployment several variants of the app are available, we prevent you from changing any settings that could lead to issues such as different installer variants of the same app being installed on devices with the currently deployed one already installed.
Editing a Return Code in an existing deployment does not trigger the recreation of app.
There are two ways to edit a deployment:
To edit an existing deployment from the Deployments node:
Navigate to the Deployments node.
Click the relevant deployment you want to edit.
On the deployment's property page click Edit.
The Deployment Wizard starts.
Follow the process.
Note
Be mindful of any changes you make, as you are editing the existing deployment, not creating a new one.
Tip
You can also edit a deployment from the Deployments node by clicking the ellipsis (⋮) beside the relevant deployment you want to edit, then click Edit.
To edit a deployment from the App Catalog:
Navigate to the App Catalog and click on the app whose deployment you wish to edit.
Tip
Any apps already deployed by Intune Apps have the green cloud icon with a tick () next to the version number.
Click Edit Deployment on the deployment's property page.
The behavior of the Edit Deployment button depends on whether there is at least one existing, successful deployment:
If there is only deployment for an app, clicking the Edit Deployment button starts the Deployment Wizard.
If there is more than one deployment for the same app, clicking the Edit Deployment button provides a dropdown list of all deployments for this app, from which you can select the relevant deployment to edit. Clicking a deployment starts the Deployment Wizard.
Note
If there is more than one deployment for the same app but any of them are in Processing, Retrying or Failed state, the Edit Deployment button still provides a dropdown list of all deployments for this app, but you can only select those that have successfully completed to edit.
The Deployment Wizard starts.
Follow the Deploy an App process.
Note
Be mindful of any changes you make, as you are editing the existing deployment, not creating a new one.
Follow the Deploy an App process until you reach the Assignments tab where you can add an assignment. When you click Add Assignment, you will see the App Without Assignment sub-menu containing the following two items:
Install App - Allows the Intune admin to add Required, Available, or Uninstall assignments from within the Intune admin center.
Update Only App - Allows the Intune admin to add only an Update Only assignment from within the Intune admin center if the Installer Type is .msp.
Note
If you are deploying a Microsoft patch file (.msp), only the Update Only App option is shown under the App Without Assignment section as .msp files cannot be used to install an app, only update it.
Tip
You can also Add a Template with the App Without Assignments options configured. Then when you create the deployment, simply click Apply Template and select the relevant template to have its settings applied to this deployment.
Select the relevant option.
Uncheck the Copy-Forward checkbox if required. This checkbox is checked by default, which means that whenever we update the app, we remove all assignments from the previous version and add them to the new version. If the Copy-Forward checkbox is unchecked, we keep all assignments from the previous version.
Note
The Copy-Forward checkbox also affects the behavior of assignments when you recreate a deployment:
If the Copy-Forward checkbox is checked, any existing assignments will be copied.
If the Copy-Forward checkbox is unchecked, any existing assignments will be deleted.
Click Deploy and wait for the deployment to complete successfully.
Once the deployment has successfully completed, if you look in the Intune admin center you will see that the app has been created without any assignments.
Your local IT teams can now follow the Assign apps to groups with Microsoft Intune process to add the relevant assignments for this app.
Note
If you checked the Copy-Forward checkbox, the next time the Sync Schedule detects a new version, the assignments are copied forward to the new version. The old version of the app will be removed immediately once the new version has been created and the assignments moved over to it.
Also, a deployment without assignments can be edited and managed in the same way as a regular deployment. See the Manage Updates and Manage Deployments sections for more details.
Important
The current release of this feature has the following restrictions:
A deployment cannot contain both regular assignment types and no assignment types.
If you edit a deployment with no assignments, you cannot add a regular assignment type.
If you have a regular deployment with update rings enabled, you cannot edit that deployment, disable update rings, remove all the assignments and then add a new no assignment type.
ConfigMgr does not explicitly label an application as Script-based. In most cases, the easiest way to confirm that an application is Script-based is to select the application from the Migration dashboard and review the Installation Program field.
If the Installation Program contains a .ps1, .cmd, .bat or .vbs file reference, the application can be considered Script-based.
During the migration deployment flow, the File tab also indicates when an application is being treated as Script-based, and the script content is displayed.
If the application is identified as Script-based, as much of the existing metadata as possible is captured to support migration. This includes any supporting content to ensure the application behaves the same way after migration to Intune.
Script-based apps can only be migrated as PMPC Custom Apps.
When the application is migrated, PatchMyPC-ScriptRunner.exe becomes the new primary installer and invokes the original script defined in the installation command line. This approach preserves the original installation behavior whilst allowing the deployment to leverage additional PMPC customizations that would be unavailable with a "lift and shift" migration.
In the example below, a PowerShell-based Windows Update script is being migrated. The installation script content is displayed inline within the migration flow, allowing it to be reviewed or edited before proceeding. The script is currently not code-signed, as indicated by the warning below the editor. The script can be exported for signing and then re-imported, or migrated "as-is," depending on your organization’s script-signing requirements.
Important
If the script is code-signed, any modification on the File tab will invalidate the existing signature. For this reason, editing should only be performed on unsigned scripts. Signed scripts should be exported, re-signed after any changes, and then re-imported before completing the migration.
The following information indicates the properties that are carried forward from the ConfigMgr application to the migration deployment flow when the application is migrated as a PMPC Custom App:
Source Files
DisplayName
Vendor
Description
Version
Return Codes
Information URL
Privacy URL
Detection Rules.
Applies to: Patch My PC Cloud
Details the production release history for Patch My PC (PMPC) Cloud, the most recent release being shown first.
Note
We aim to release new features, updates, and fixes at 12:00 CEST every Wednesday.
Production Release means we have released that item to our Production environment i.e. customers can access it, although a specific feature maybe in one of the following three production states:
Private Preview, which is invitation-only.
Public Preview for which you will need to have in your company to access it.
General Availability (GA) which is available to everyone.
Please see the relevant docs for a feature for more information which will indicate the state of the feature, plus you can see a list of for more information.
You can also access this page from within the Cloud Portal by clicking the support button () in the header area and selecting Release Notes.
Release Notes for previous years can be accessed using the following links:
|
Resolved an issue where after adding an additional script for PSADT to an existing Custom App, when installing the app on a VM, it failed with "Failed to unzip".
Resolved an issue with apps that use different languages for the Add/Remove Program entry, with ScriptRunner not searching for the app based on the RegEx of all possible names.
Resolved an issue where some properties are not shown on the Summary tab during migration.
Resolved an issue with the Template feature not validating the relationship between Update Ring delays and the Sync Schedule frequency. When the delay between rings was less than the Sync Schedule frequency, no warning was shown, which could lead to ineffective or misleading deployment timing.
No release.
Applies to: Patch My PC Cloud
The installation of some apps cannot be completed if the app:
is currently running
uses a shared process that needs to be closed, but in doing so, could impact that process and other apps using it.
The Conflicting Process tool of the Patch My PC (PMPC) Cloud deployment wizard allows you to manage those conflicting processes (also known as "Conflicting Process"), and control what happens in such scenarios using one of the following options.
To manage the conflicting process for a Deployment:
Click the Conflicting Process tool.
Configure the required settings as detailed below.
This is the default option for software that can install, update, or uninstall, even when conflicting processes are running.
Automatically closes the app/process causing the conflict to allow this app to be installed.
Important
This can result in data loss, so use it with care.
The installation is skipped until the conflicting process is no longer in use. This will generate a 1602 error in the PatchMyPC-ScriptRunner.log and AppWorkload.log on the client side. In Intune, the status will shows as follows when you look under the Device/User Install Status blade of the package:
The user cancelled the app installation. (0x80070642)
Note
If the user snoozes/defers the update, Intune reports the installation as a failure and retries 24 hours later.
See for more information about the retry behavior of Win32 packages in Intune.
This option can be configured with either of the following options:
Don't notify users - The user is not notified that the installation has been skipped because the app is open.
Notify user to close the app after trying silently for x days - The user will be notified to close the app after the app install is tried silently for the configured number of days (x), which can be from 1 to 100 days.
This is the default option for software that cannot successfully install, update, or uninstall when conflicting processes are running. The user sees a notification requesting they close the app, which is preventing this install. These apps will leverage your .
Note
If the user snoozes/defers the update, Intune reports the installation as a failure and retries 24 hours later.
Tip See for a list of products we know will generally fail to update if they are in use.
Clicking the Settings button allows you to configure the following Advanced Settings for Conflicting Processes.
How long in minutes (5 by default and up to a maximum of 1,380 minutes with a 60-minute buffer) before the notification times out.
How the notification behaves if the app is currently running and Focus Assist is enabled:
Discard the Notification (default)
Always show the notification
Show the notification if the deferred policy is reached
The user cannot defer the installation. The app will close and update when the timeout expires.
When an installation is postponed, Intune interprets the installation as a failure and automatically retries it 24 hours later.
Using this option, the user can defer the installation:
Indefinitely – If selected, Intune will retry the installation forever, giving the user the option to postpone it every 24 hours.
Up to X times - The user can postpone the installation for the configured number of times with a 24-hour gap between retries. Intune will retry the installation every 24 hours until the user has no more deferrals. At this point, the notification will appear, but without the option to Defer / Snooze.
First notification displayed – If a conflicting process is detected, the notification is shown immediately. The user can defer the installation or update up to the maximum number of days set in this option. During that period, Intune retries the installation about every 24 hours. If a conflicting process is still detected at a retry, the notification is shown again. Once the maximum deferral period is reached, the user can no longer postpone, and the installation will proceed.
Two options exist for this setting:
Defer the installation on behalf of the user (default)
Note
When selected, the notification closes after the timeout expires, and the deferral is automatically applied on the user's behalf. This counts toward either the configured deferral count or deferral time window. If a deferral limit is reached (such as 5 missed notifications when the deferral count is set to 5), the application will be closed, and the update will proceed automatically.
Close the application and perform the update
Note
The Close the application and perform the update settings is incompatible with Modern (PSASDT) branding.
Prevents the app from opening whilst it is being updated.
Note
See the section of for more information about this option.
Clicking the Conflicting Process button lets you see any conflicting processes we have identified that will prevent an app from updating.
You can also add or remove entries to suit your environment.
If you do not want to configure any additional settings, click Next to move to the tab.
Otherwise, navigate to the relevant tool to configure the required settings, which are explained in the relevant section.
Applies to: Patch My PC Cloud
The Assignments tab of the Patch My PC (PMPC) Cloud deployment wizard allows you to configure various assignments (explained below) for how you want the app to be deployed.
Note
See Understand Patch My PC Cloud Assignments for more details about assignments and how they work in PMPC Cloud.
You can deploy an app without assignments as detailed in .
From the Assignments page you can also:
Apply a of pre-configured settings to this deployment.
for this deployment.
To add an Assignment to a deployment:
Click Add Assignment and then choose the assignment type you want to add for this deployment:
Add Required – A mandatory application that will be installed automatically for all users or devices it is assigned to.
Add Available – An optional application that will be available to install via the Company Portal for the primary user of the device.
Note
Assignments configured in the portal are the source of truth for deployments with assignments. If you manually add any assignments outside the portal, these will not be retained when a new version is created. To ensure your assignments persist, configure them directly in the portal.
Also:
If your deployment uses a
d. Add Uninstall – A mandatory uninstall that will remove the application from any users or devices it is assigned to, using the apps uninstaller.
Note
We do not support the Uninstall assignment type for pkg installers.
See for more details on how the Custom Apps uninstall feature works and its limitations.
e. Install App - Allows the Intune admin to add Required, Available, or Uninstall assignments from within the Intune admin center.
f. Update Only App - Allows the Intune admin to add an Update Only assignment from within the Intune admin center.
Note
See for more details on deploying apps without assignments.
Note
Adding an Available assignment allows you to add an Update Only application. This ensures that any applications assigned as Available are updated automatically when installed via Microsoft’s Company Portal.
On the Add <assignment_type> Assignment screen, choose the relevant Entra ID security groups to target for this assignment, then click Save.
Note
You will be unable to select any options under the Add update only app for section for an Available Assignment until you select at least option.
Also, as our portal uses application permissions to read Entra ID groups, all groups will be visible whenever you manage assignments.
The Assignments page updates to show the newly added assignments, including their configuration.
Make any of the following optional modifications to the assignment(s).
Note
We automatically configure these settings based on our experience and best practices, but you can modify certain settings if necessary.
Tip
You can click Deploy on this page if you don’t want to add additional assignments or see the Summary page, which allows you to double-check the settings you’ve configured for this deployment.
Add any additional assignments for this deployment by clicking Add Assignment and repeating the steps in this section.
If you are happy you have entered all of the details for the deployment correctly, click Deploy to deploy the app. However, we recommend you click Next to move to the tab, where you can verify the settings for this deployment before you deploy this app.
Applies to: Patch My PC Cloud
To create Update Rings for a new Deployment in Patch My PC (PMPC) Cloud:
If you are unfamiliar with creating a deployment, follow the Deploy an App process until Step 7.
On the Assignments page, click Enable Update Rings.
From the Update ring start time dropdown, choose how you want your Update Rings to handle the start times for their assignments: • •
By default, two Update Rings are created with a two-day delay between them.
If you do not want to add additional Update Rings, go to step 7. To add an additional Update Ring, click Add Update Ring.
On the Add Update Ring dialog box, enter the name for the new ring in the Name field and click Save.
A new ring is added.
Important
Whenever you add a new Update Ring, it is created with a default delay of 0 days, i.e. the deployment will be installed immediately on any targeted users/devices.
If you already have another ring with a default delay of 0 days, you will see the Two rings cannot have the same delay value message besides the second ring with the duplicate delay.
Repeat step 4 to add any additional Update Rings.
Note
You can add up to a maximum of 10 Update Rings per deployment.
If you do not want to change the names of any of the rings, go to Step 10. If you want to change the name of any of the rings, click the pencil icon () beside the relevant ring.
Enter the ring's name in the Name field of the Edit Update Ring dialog box, then click Save.
The updated name appears.
Change the name of any other rings.
If you do not want to change the delay for any of the rings, go to Step 11. If you want to change the delay for a ring, click the plus (+) or minus (-) sign beside the relevant rings.
Click Add Assignment and add the relevant assignments for each ring, configuring the settings for each assignment as required.
Note
See the section of the process for more information.
Tip
You can drag assignments between Update Rings by clicking the double ellipsis () beside the relevant assignment and dragging and dropping it to the relevant Update Ring.
Click Deploy.
The “<deployment_name>” Deployment Summary dialog box appears, summarizing what you are deploying, to which groups, and when.
Note
If your is set to anything other than Daily, the UI will warn you that some rings may not be evaluated as expected.
This is why we recommend you set your to Daily if you plan to use Update Rings.
Either click : a. Cancel to return to the Assignments tab to make any changes (after which you need to click Deploy). b. Click Confirm to continue.
When you click Confirm, the Deployments node appears showing the deployment as In Progress and the Success – Created <deployment_name> notification.
Applies to: Patch My PC Cloud
When applications are inventoried from Microsoft Configuration Manager (ConfigMgr), Patch My PC (PMPC) Cloud analyzes the application metadata to determine how the application is installed and how it should be migrated. As part of this process, the installation command line is evaluated, and the primary installer file is identified from the application’s content source folder.
ConfigMgr does not explicitly label an application as PSADT-based. In most cases, the easiest way to confirm that an application is PSADT-based is to select the application from the Migration dashboard and review the Installation Program field.
If the Installation Program contains a Deploy-Application.exe, Deploy-Application.ps1, Invoke-AppDeployToolkit.exe or Invoke-AppDeployToolkit.ps1, the application can be considered PSADT-based.
During the migration deployment flow, the Configuration tab indicates when an application has been identified as PSADT-based. Detection is based on the presence of PSADT functions in the script; when detected, the PSADT module is automatically enabled. The script content is analyzed and logically split into pre-install and post-install scripts.
When migrating PSADT-based applications, AI can assist with parsing the PowerShell script and identifying key components, including the primary installer and the MARK: Pre-Install, MARK: Install, and MARK: Post-Install sections. This allows the script to be accurately split around the main installer and mapped to the appropriate pre-install and post-install execution stages.
Without AI assistance, reliably separating PSADT scripts into pre-install and post-install logic can be challenging, particularly when scripts are heavily customized or do not follow common PSADT structures. AI-assisted analysis improves accuracy in identifying the primary installer and its surrounding MARK logic, enabling more applications to be migrated successfully.
Note
AI usage is optional and can be disabled at any time from the Cloud Portal settings. See for more information.
When the application is migrated, PatchMyPC-ScriptRunner.exe becomes the primary installer and orchestrates execution of the pre-install script, main installer, and post-install script. This model preserves the original installation behavior whilst enabling PMPC–specific enhancements that would not be possible with a simple “lift and shift” migration.
In the example below, the Rainbow application has been identified as PSADT-based, and the PSADT script has been automatically split during the migration flow. Logic originally contained within the MARK: Pre-Install section of the PSADT script has been mapped to the Pre-install script.
In the original PSADT script for Rainbow, both the MARK: Pre-Install and MARK: Install sections contain executable actions.
The pre-install section runs a prerequisite installer (vstor_redist.exe), whilst the install section performs the primary application installation (Rainbow_Installer_Machine_Offline.msi). During migration, these sections are analyzed and separated so that prerequisite logic is mapped to the Pre-install script, and the primary installer is executed as the main install action, preserving the original execution order.
You can edit any generated Pre-install and Post-install scripts to review whether PMPC Cloud has correctly identified the MARK: Pre-Install, MARK: Install, and MARK: Post-Install execution order.
Important Because the original PSADT script is split into separate Pre-install and Post-install scripts during migration, any existing code signature is invalidated. If script signing is required in your environment, export the generated script blocks, re-sign them, and then re-import them before completing the migration.
Also, you need to ensure .NET version 4.7.2 is installed on any devices to which this app will be deployed.
The following information indicates the properties that are carried forward from the ConfigMgr application to the migration deployment flow when the application is matched to:
Note
See to understand how ConfigMgr applications are matched during migration.
Source Files (the main installer file will be replaced with the current version of the matched application in the Patch My PC catalog)
DisplayName
Return Codes
Vendor
Note If more than one action is detected in a MARK install section, additional actions are reassigned to the MARK: Pre-Install or MARK: Post-Install scripts, as only one action can run in the main install stage.
Source Files
DisplayName
Vendor
Description
Note If more than one action is detected in a MARK install section, additional actions are reassigned to the MARK: Pre-Install or MARK: Post-Install scripts, as only one action can run in the main install stage.
Detection Rules
Applies to: Patch My PC Cloud
There are three different types of application migrations we currently support in Patch My PC (PMPC) Cloud, depending on the results of the Migration scan:
Important
As detailed in , to use the Migrate button to perform the migration, your PMPC Cloud Company must be using an Enterprise Premium license.
The process for starting a migration is the same regardless of the type of target app that will be created in PMPC Cloud/Intune.
To perform a Migration:
Sign in to your PMPC Cloud Company.
Navigate to Migration.
Find the application you want to migrate.
Tip
You can use the Search box and start typing the name of the application to help you find it.
Alternatively, click the filter button and select the checkbox next to the Match Type of the application you wish to migrate (PMPC App or Custom App). Then, click Apply All Filters to view only the matching applications.
If a warning triangle is not present in the Info column for the application, go to step 11.
If a warning triangle is shown in the Info column, click it to open the application's properties.
In the application's properties, locate the tab(s) with a warning triangle beside them.
The behavior of the Migrate button depends on both the application Match Type and the Migrate button state shown in the UI. The image below highlights two possible Migrate button states:
Button State 1 – Single Migrate button Clicking Migrate immediately starts the migration wizard.
Button State 2 – Migrate button with dropdown Clicking Migrate displays additional options, allowing you to choose how the application should be migrated.
If the application is identified as a Catalog App, click Migrate and follow the process.
If the application is identified as a PMPC Custom App and no alternative catalog match is available, the migration will proceed directly as a custom app. Click Migrate and follow the process.
If the application is identified as a Custom App, but a potential catalog match was identified based on application metadata instead of the file hash, the drop-down menu will present two options:
Match to Catalog App - Select this to migrate the application using the suggested catalog match and follow the process.
Create a Custom App - Select this to migrate the application as a PMPC Custom App and follow the process.
Applies to: Patch My PC Cloud
Important
This documentation is for a pre-release feature still under development and, therefore, incomplete. As a result, both functionality and documentation are subject to change.
Once this feature is released, it will be announced and this banner removed.
For certain applications in the Patch My PC (PMPC) App Catalog, we include scripts to enhance the installation and configuration of the app, based on our experience. By default, if an app includes one of our recommended scripts, these are automatically executed at the time the app is installed.
However, this default behavior can cause issues for some customers who are not aware of the scripts and their contents.
To give you better visibility and to allow you to customize the deployment process, for those apps that include our recommended scripts, you will now see the Customer Scripts | PMPC Scripts toggle on the Scripts tool page of the Configurations tab of the PMPC Cloud Deployment Wizard.
Contrast this to an app that does not include any recommended scripts.
Using this feature allows you to:
To view the PMPC scripts, click the PMPC Scripts toggle.
Any recommended scripts included with the app are shown.
Once you have clicked PMPC Scripts, you can:
Hover over the script’s name to see its location.
Click the script, which will open it in a new browser tab so you can see its contents.
Click Edit to open the script in the relevant script editor window.
Note
In the current release, you cannot modify the script’s name, format, contents, or arguments. You can disable the script as detailed in .
If you do not want to use our recommended scripts in your deployments, you can disable them (although we’d recommend you do not do this unless you have a genuine reason for doing so).
To disable a PMPC script:
Either or for the relevant app.
Navigate to the Configurations tab.
Click the Scripts tool if it is not already selected.
Click PMPC Scripts
Click Edit beside the relevant script.
If the app includes a recommended Post-Install script, go to Step 9.
If the app includes a recommended Pre-Install script, you have the option of checking either or both of the following checkboxes:
Don’t attempt software update if the pre script returns an exit code other than 0 or 3010
Go to Step 10.
If the app includes a recommended Post-Install script, check the Disable the Patch My PC Recommended Post-Install scripts for this product checkbox.
Click Save
The Configurations tab is displayed.
If either a Pre or Post-Install script has been disabled, a red circle is shown beside the script to indicate this and that it will not be included as part of the deployment.
Note
Checking the Don’t attempt software update if the pre script returns an exit code other than 0 or 3010 checkbox for a Pre-Install script does not cause the red circle to be displayed.
If you have previously , you can re-enable it by and following the section, but uncheck the Disable the Patch My PC Recommended <script_type> for this product checkbox.
When you click Save to save the deployment, a new deployment will be created that includes the script.
If you create a deployment for an app and disable the PMPC Scripts, when your Sync Schedule runs and creates a new deployment for the new version, we check the existing deployment. If you have disabled any scripts, we will also disable them for the new deployment of the new version.
Applies to: Patch My PC Cloud
You can deploy the same app with different configurations using Patch My PC (PMPC) Cloud.
Important
For this to work, you must use a different Display Name for the deployment. If you don't, you will receive the deployment with the same name already exists error.
To deploy the same app with a different configuration:
Sign in to the portal at .
Locate the required app on the App Catalog page.
Tip
Use the Search field to help you locate the app.
Note
The green cloud icon beside the version number tells you this software has already been deployed using PMPC Cloud.
Click the app to open its properties, then click Deploy to start the Deployment Wizard.
Note
See the for more details. You can also apply a deployment template to this deployment by clicking Apply Template and following the process.
On the General Information tab, in the Display Name field, enter a unique name for this deployment, then click Next.
On the Configurations tab, configure the settings to add any required scripts or additional installation parameters, then click Next.
On the Assignments tab, click Add Assignment, then select the assignment type you want to add for this deployment.
On the Add <assignment_type> Assignment page, select the relevant options, then click Save.
Note
If you add an available assignment, as shown below, we recommend selecting the same options in the Add update only app for section. Doing this will automatically make the current version of the app and any updates (current or future) available.
The Assignments page updates to show the newly created deployment.
Configure the settings for deployment, if required.
Note
We automatically configure these settings based on our experience and best practices, but you can modify certain settings if necessary.
Tip
You can click Deploy on this page if you don’t want to add additional assignments or see the Overview page, which allows you to double-check the settings you’ve configured for this deployment.
Add any additional assignments for this deployment by clicking Add Assignment and repeating Steps 6 to 8, then click Next.
Review the deployment summary shown on the Summary page. If you are happy, click Deploy.
If you need to change something, click < Prev to backtrack through the Deployment Wizard to the relevant setting. Make the change, then step back through the wizard to this page. If everything is now correct, click Deploy.
The Deployments page is displayed along with the Success - Created <deployment_name> notification.
Note
By default, the installation logs for an app will be created in the following folder regardless of the installer file type:
%ProgramData%\PatchMyPCInstallLogs
The only exception is for EXE files, where the specified value for the loggingSwitch variable will be used if it is not null or empty.
Applies to: Patch My PC Cloud
When applications are inventoried from Microsoft Configuration Manager (ConfigMgr), Patch My PC (PMPC) Cloud analyzes each application's metadata to determine how it is installed and should be migrated. As part of this process, the installation command line is evaluated, and the primary installer file is identified from the application’s content source folder.
ConfigMgr does not explicitly label an application as MSI-based. In most cases, the easiest way to confirm an application is MSI-based is to select the application from the Migration dashboard and review the Installation Program field.
If the Installation Program contains both msiexec and a reference to a .msi file, the application can be considered MSI-based.
During the migration deployment flow, the Installer Type field also indicates when an application is being treated as MSI-based.
If an application is identified as MSI-based, as much existing metadata as possible is captured to support migration, drawing from both the ConfigMgr application and the MSI properties table.
This includes analyzing the following to help ensure the application behaves the same way after it is migrated to Intune:
installation command line
primary installer file
conflicting processes
any supporting content.
The information analyzed is used to determine how the application is migrated and how the installation is executed. All supporting files in the original content source folder are included in the migration.
Note
The only exception is the primary installer itself. When an application is migrated as a PMPC Catalog App, the original installer and version are replaced with the latest version available in the PMPC catalog. When migrating as a PMPC Custom App, the original installer and version are retained and used.
MSI properties (PROPERTY=value) are preserved and applied to the created deployment.
Detection rules are carried across during migration; however, the default PMPC detection rule (which detects applications based on the MSI product code) is enabled by default in the migration flow. If required, this can be changed to Use Custom on the Detection Rules tab to use the detection rules defined in ConfigMgr instead.
When the application is migrated, PatchMyPC-ScriptRunner.exe becomes the new primary installer and invokes the original MSI. This approach preserves the original installation behavior whilst enabling the deployment to leverage additional Patch My PC customizations that would be unavailable with a "lift and shift" migration.
The following information indicates the properties that are carried forward from the ConfigMgr application to the migration deployment flow when the application is either matched to a PMPC Catalog App or a PMPC Custom App.
Note
See to understand how ConfigMgr applications are matched during migration.
Source Files (the main MSI-based installer will be replaced with the current version of the matched application in the Patch My PC catalog)
DisplayName
MSI Properties (not visible in the Deployment created, but are present in the app metadata)
Source Files
DisplayName
Vendor
Description
Applies to: Patch My PC Cloud
When applications are inventoried from Microsoft Configuration Manager (ConfigMgr), Patch My PC (PMPC) Cloud analyzes the application metadata to determine how the application is installed and how it should be migrated. As part of this process, the installation command line is evaluated, and the primary installer file is identified from the application’s content source folder.
ConfigMgr does not explicitly label an application as EXE-based. In most cases, the easiest way to confirm an application is EXE-based is to select the application from the Migration dashboard and review the Installation Program field.
If the Installation Program references an .exe file, the application can be considered EXE-based.
Note
When evaluating EXE-based applications, references to helper executables such as msiexec.exe, powershell.exe, and the PowerShell App Deployment Toolkit (PSADT) are not classified as EXE-based installers; instead, they are treated as , , or .
During the migration deployment flow, the Installer Type field also indicates when an application is being treated as EXE-based.
If the application is identified as EXE-based, as much of the existing metadata as possible is captured to support migration. This includes analyzing the install command line, the main installer file, and any supporting content to ensure the application behaves the same way after migration to Intune.
The information analyzed is used to determine how the application is migrated and how the installation is executed. Any custom command-line arguments defined in ConfigMgr are preserved, and all supporting files in the original content source folder are included in the migration.
Note
The only exception is the primary installer itself. When an application is migrated as a PMPC Catalog App, the original installer and version are replaced with the latest version available in the PMPC catalog. When migrating as a PMPC Custom App, the original installer and version are retained and used.
When the application is migrated, PatchMyPC-ScriptRunner.exe becomes the new primary installer and invokes the original EXE with the existing command-line arguments. This approach preserves the original installation behavior whilst allowing the deployment to leverage additional PMPC customizations that would not be available with a "lift and shift" migration.
In the following, an older version of Notepad++ has been matched to a PMPC Catalog App. The original ConfigMgr application included an additional command-line argument, /noupdater, which has been preserved and carried through into the migration flow to ensure the application is deployed with the same installation behavior.
This section details the properties that are carried forward from the ConfigMgr application to the migration deployment flow when the application is either matched to:
Note
See to understand how ConfigMgr applications are matched during migration.
Source Files (the main EXE-based installer will be replaced with the current version of the matched application in the Patch My PC catalog)
DisplayName
Additional Arguments
Return Codes
Source Files
DisplayName
Vendor
Description
Applies to: Patch My PC Cloud
A Pre-Install Script is a script that can be run before the installer runs.
To add a Pre-Install script:
Click Add beside the Pre-Install option.
The Add Pre-Install Script page is shown, highlighting that the default Script Format is .ps1
Description
Information URL
Privacy URL
PSADT Script
"MARK: Pre-Install" mapped to Pre-install Script
"MARK: Post-Install" mapped to Post-Install Script
Version
Return Codes
Information URL
Privacy URL
PSADT Script
"MARK: Pre-Install" mapped to Pre-install Script
"MARK: Post-Install" mapped to Post-Install Script
Vendor
Description
Information URL
Privacy URL.
Version
MSI Properties
Installer Type
Return Codes
Information URL
Privacy URL.
Vendor
Description
Information URL
Privacy URL
Version
Silent Install Parameters
Installer Type
Additional Arguments
Return Codes
Information URL
Privacy URL
Detection Rules
Resolved an issue where the PMPC read-only script was displayed as unsigned when creating a deployment with an Update-only assignment.
Resolved an issue where, during the analysis of an app, it was showing as being available for migration even though the analysis had not completed. Now an app will be unavailable for migration until the analysis has been completed.
Resolved an issue where some properties completed during migration were not shown on the Summary page.
Resolved an issue where if an app has both binary and binary-free variants, the binary-free logic did not work.
Resolved an issue where customers were receiving different variants of the app or configurations than the ones they had originally set.
Resolved an issue that when trying to edit an existing deployment, the following error was shown Validation error on "getProductInfoByProductIdForDeployments", Expected object, received undefined.
Resolved an issue where an app fails to install if the Registry path contains custom requirements such as HKLM: or Registry::
Resolved an issue where changing variants in a deployment did not update the list of Tools on the Configuration tab.
Resolved an issue where after deleting an assignment for a deployment containing ESP Profiles, the ESP Profiles themselves were not reevaluated, potentially highlighting errors in their configuration.
Resolved an issue when creating a deployment for an app that was previously migrated, resulting in An error occurred while processing your request error.
Multi-variant support in App Sets – You can now add the same app with different variants to the same App Set.
Resolved an issue where, if a deployment was initially created without assignments, when editing the deployment, we allowed users to add Update Rings. This conflicted with the intended logic (deployments without assignments may rely on manual Intune assignments, and adding rings later could create inconsistencies). You can no longer add Update Rings when editing a deployment created without assignments.
Resolved an issue where applying a deployment template to a deployment and then switching the Installer Type did not trigger the dialog warning that doing so would cause the values of the deployment to be reset based on the new installer type, potentially resetting those set in the template.
Resolved an issue where applying a default deployment template cleared all existing form errors, even if the inputs were still invalid.
Resolved an issue where unsupported deferral-related variables were allowed in various fields for localizations defined in Branding apps. The UI now shows the correct values under each relevant field.
Resolved an issue where if an app was migrated from one variant to a different ProductId, the deployment could not be edited.
“Apps & Feature” updated – Given that Windows 11 uses the Installed Apps applet to view installed software, we have now renamed all instances of Apps & Feature in the product to Installed Apps instead.
Improved Visibility of Trial Limits – Now on the Subscription page, we show you the product limits when you are using a trial account to help you familiarize yourself with the product and our different subscription levels.
Resolved an issue where clicking Add App or Add Version for an existing Custom App resulted in an HTTP 500 error.
Resolved an issue where editing an App Set containing two variants of the same product caused broken deployments.
Resolved an issue where if there were two updates available for an app, it generated an error. Now only the latest update is shown.
New Scripted App Matching – The Migration feature can now match scripted apps from ConfigMgr to a Public App Catalog app to allow you to migrate these apps as Public so you can keep them up-to-date.
Resolved an issue where clicking either Add App or Add Version (for an existing Custom App) resulted in an HTTP 500 error.
Resolved an issue where adding a new Detection Rule resulted in a Type of 0 and no content.
Resolved an issue where editing an App Set took an extended amount of time and resulted in an AbortError:signal is aborted without reason error.
Resolved an issue where deployments were recreated incorrectly in scenarios when they should not have been.
Resolved an issue where a newly created Custom App is not visible in Publisher after it has been deployed.
Resolved an issue where the failed validation (red ’x’) is shown on the General tab when migrating an app, instead of the Files tab, if the app being migrated has no Installation Script defined.
Resolved an issue where the deployment status for a migration was not updated after a successful migration.
Resolved an issue where if a Custom App is deployed for the ARM architecture and then edited to uncheck ARM, the ARM option remains unchecked once the deployment is saved.
Changed the default timeout settings for Conflicting Processes Notifications to a maximum of 1,380 minutes with a 60-minute buffer before the notification times out to improve deployments.
Resolved an issue where macOS deployments were recreated on the Sync Schedule even if the app that was deployed had not been updated.
Resolved an issue where editing the deployment for an app and changing the assignment type and variant resulted in the app being recreated with a new revision. Now the app is recreated with the current revision whenever it is edited.
Resolved an issue where if the Disable the Patch My PC Recommended scripts option was selected for a script that used a disallowed filename, the deployment could not be completed.
Resolved an issue where if a user edits the Notify Timeout Configuration value for a deployment, the change does not appear in the Installation time required property in Intune.
Resolved an issue where if an app belonging to an AppSet is marked End of Life, any deployments to new customers of that AppSet get stuck In Progress and then eventually fail.
Resolved an issue where the status of a migration was not updated to Success upon the successful migration of an app.
Various fixes and improvements to how app updates are handled.
Various fixes and improvements to how app updates are handled.
Improved performance when migrating apps.
Improved error handling by Publisher when migrating apps.
Resolved an issue where the most matched app was shown in the middle of the list instead of the top.
Resolved an issue where adding a new revision to a Custom App did not force the associated deployment to be recreated.
Resolved an issue where, if a deployment has been manually recreated in between Sync Schedules, the deployment was recreated again at the next Sync Schedule.
Improved Webhook handling – Now, if you have multiple Webhooks and one is invalid, the rest will still function. Previously, if one Webhook was invalid, it prevented notifications from being sent by other Webhooks, even if they were valid.
Improved Limits Warnings – Now, when you reach 90% of the limits for your Cloud Company, we will display a banner warning you about this, so you can perform some housekeeping or consider upgrading to a different version with increased storage limits.
Officially released to General availability.
Improved Intune Disconnection – To help you better understand the consequences of disconnecting your Intune connection, we now require you to take additional steps before we let you do this.
Resolved numerous issues as we continue to develop this feature.
New "Report Admin” User Role – This new user role only has Read-Only access to the Reporting and Settings nodes.
Resolved an issue where editing a deployment with no assignments and changing the architecture resulted in older versions being removed from Intune. We now no longer support changing the architecture for a deployment with no assignments.
Resolved an issue where editing a Custom App caused the Max Storage Limit to be increased even if no additional files were added.
Resolved an issue where an app with several dependencies was not applying the dependencies correctly.
Resolved an issue where if an app has multiple Windows assignments and a macOS deployment, editing the Windows deployment brings up details for the macOS deployment.
Resolved numerous issues as we continue to develop this feature.
Resolved an issue where editing a macOS deployment resulted in the pkg installer type being selected incorrectly instead of the pkg (LoB) option for LOB apps.
Resolved numerous issues as we continue to develop this feature.
Also, if your Sync Schedule is configured for anything other than Daily, this will affect the delay you can configure between rings. For example, assuming you have your Sync Schedule configured for Monthly, when you add a new ring you will not be able to configure a delay between rings of less than 30 days as shown below.
Add Update Only – Creates a separate Win32 package in Intune that exclusively updates existing installations. It will not install the software on devices where it isn't already present, and only applies if the installed variant matches the one configured in the deployment.
Intune does not support using the Update Only assignment type with a deployment that is also configured to use ESP Profiles. If you try to use this configuration, the Deploy button will be greyed out and the Configurations tab will show a red "X". In this scenario, you either need to:
Remove the Update Only assignment type
Or remove all ESP Profiles.
Include
If checked, all of the items in this group will receive the assigned app.
Exclude
If checked, all of the items in this group will not receive the assigned app. Can be used in conjunction with Include to exclude a subset of devices when you have an Include of a superset of devices. For example, you want to target all of your computers except for your test devices. To achieve this, you'd configure your Entra ID groups as follows: o Check Include for your All Company Devices Entra ID group. o Check Exclude for your Test Devices Entra ID group.
Add Filter
The ability to add Assignment Filters you have already created in Intune to target specific managed devices for the deployment.
Note We currently do not support using managed app filters. See Use assignment filters to assign your apps, policies, and profiles in Microsoft Intune for more details. TIP: You can click the red X beside a filter to remove it.
Notifications
When to display notifications related to this deployment.
Content Download
How to download the content for the deployment: o Foreground - The default for initial installs. o Background - The default for updates.
Click the relevant tab and look for the items with the warning triangle beside them.
Review the warning and determine your course of action.
If you are happy to proceed with the migration, go to step 11.
If you cannot proceed with the migration, close the application's properties and click Cancel to close the Migration Wizard. You now need to assess how to address the warnings to determine your next course of action for this application.
Use the following sections to determine which action to take based on the application’s Match Type and the Migrate button state shown:
To import an existing script, click Import, then browse to the location containing the script and select it.
The Script Name field is populated with the filename of the script selected, and the Add Pre-Install Script page is populated with the imported script.
To manually add a script, enter a unique name for the script in the Script Name field.
Select the type of script from the Script Format dropdown.
In the script editor, type your script.
Note
We currently have a limit of 50,000 characters per script. Use the Number of characters used counter to keep track of the number of characters you’ve entered in the script editor.
Tip
Under the script editor, we include example syntax to help you understand the required syntax for referencing any additional files you've uploaded, which updates depending on the Script Format selected.
In the Arguments field, enter any arguments you want to provide to the script.
Tip
You can use variable names as arguments, provided they are enclosed by percentage signs (%). We provide common variables under this field, which you can add by clicking the plus (+) symbol or relevant variable name.
Important
Using script Arguments is currently unsupported when deploying an app to macOS.
Also, if you add any PSADT scripts to your deployments, you need to ensure .NET version 4.7.2 is installed on any devices to which this app will be deployed.
Check the Don’t attempt software update if the pre-script returns an exit code other than 0 or 3010 checkbox if you don’t want the app to be installed if the pre-script returns an exit code other than 0 or 3010.
If you do not check this checkbox, we will attempt to install the app regardless of the exit code returned by the pre-install script.
Check the Run the pre-update script before performing any auto-close or skip process checks checkbox if you want to run the pre-install script before the conflicting process notification is displayed (if relevant). If you do not check this checkbox, we will run the pre-install script after the conflicting process notification.
Click Save to save your script.
The Configurations tab is re-displayed with the name of the configured script beside it.
Tip
You can click Edit to edit a script or its settings. You can also click the red “x” beside a script to delete it.
If you do not want to configure any additional settings, click Next to move to the Assignments tab.
Otherwise, navigate to the relevant tool to configure the required settings, which are explained in the relevant section.
Applies to: Patch My PC Cloud
To sign up for a free trial to PMPC Cloud:
Navigate to https://portal.patchmypc.com/
Click Sign Up.
On the Sign in screen, enter the Entra ID you want to use to onboard to PMPC Cloud or click to select the relevant account from the list of already signed-in accounts. Then click Next.
Enter the password and click Sign in.
If the Permission requested screen is not displayed, go to Step 7.
Review the Permission requested screen, clicking Accept if you are happy to continue.
Note
This dialog box is for the Enterprise Application Registration process. We require these permissions to authenticate you.
See for more details.
You do not need to check the optional Consent on behalf of your organization checkbox, which is only visible to Global Administrators or a user with the Privileged Role Administrators role.
However, if you are assigned one of the above roles, and want to accept the request to read the profile for all users in your tenant and prevent this message from being displayed for them, you should check it.
Tip
You can click the down arrow beside each permission to get more information.
If do have previously created a Cloud Company and do not see the Select the Company You Want to Sign-In To screen, go to Step 9.
On the Select the Company You Want to Sign-In To screen, select the relevant option:
If you are setting up a new company, click Create Company and continue to Step 9.
Enter an optional Reason for Request then click Submit. The Request Access text changes to Renotify and the Success - Access request sent notification is shown.
You now need to wait for a user with the Full Admin with Access Management role to review and approve your request.
Tip
You can click the Remember my Selection checkbox to on the Select the Company You Want to Sign-In To screen to save your choice to save you having to chose the company you want to sign into each time.
Note
Users will receive an email from the mailbox advising whether their request to join a company was accepted or rejected.
On the Company Info screen, click Select for the location where your company’s data will be stored.
In the Company Name field, type your company’s name.
Important
You cannot use the AT symbol (@), forward slash (/) or plus (+) symbols in your Company Name.
Select your company’s country from the Country dropdown.
Click Continue.
On the User Info screen, verify your First Name and Last Name are correct, amending as required.
Enter a valid email address in the Contact Email field.
Click the Terms and Conditions link to see these for using PMPC software and services.
The Terms and Conditions page is displayed. Once you’ve reviewed them, click the X in the top right-hand corner to close this window.
If you agree with our terms and conditions, check the Accept all Terms and conditions checkbox.
Note
You cannot proceed with the onboarding without checking this checkbox.
Click Continue.
The PMPC Portal loads, showing the App Catalog page.
Note
The first time you sign into a new PMPC Cloud Company, you will see the following message at the top of your screen:
You currently have only one user with Access Management privileges. To prevent access issues in the future, please add a second user with Access Management privileges.
This is warning you that you only have one user who can control access to this company and that we recommend you create at least another user in this company with the role. See for more information.
Now that you've finished onboarding to PMPC Cloud, you should consider:
Connecting Publisher by following the process.
Note
You only need to connect Publisher if you are using the Custom Apps or other features that require our On-Premises Publisher. If you are just using PMPC Cloud, you do not need to connect to Publisher.
Connecting your Intune tenant by following the process.
if you have already purchased a PMPC Cloud license.
Note
If you decide to activate a license without first connecting your PMPC Company to your Intune tenant, you will be unable to start a trial directly from the portal. If you are using an Enterprise Plus license, you will be able to , once you have .
Applies to: Patch My PC Cloud
When you click the Migration node in the Patch My PC (PMPC) Cloud Portal, the Migration page opens with the Dashboard tab selected by default, which provides an overview of the detected ConfigMgr applications.
The dashboards are:
Provides a breakdown of detected ConfigMgr applications by match type.
Note
See the Match Type field in the section below for more information on how apps are matched.
This chart shows the number of known vulnerabilities (CVEs) associated with applications discovered in your ConfigMgr environment.
If we recognize the hash of a ConfigMgr app, we check whether that hash is associated with any published CVEs. If matches are found, the CVEs are grouped by severity (Critical, High, Medium, Low).
In the screenshot example, we found:
1 x Critical CVE
12 x High-severity CVEs
6 x Medium severity CVEs
2 x Low severity CVEs
Giving us a total of 21 CVEs across all ConfigMgr applications, where we recognized the hash of the installer.
Shows the total number of ConfigMgr applications discovered and their current migration progress.
Displays the number of ConfigMgr applications that cannot be migrated, with reasons based on validation errors.
Displays ConfigMgr applications in your environment that are out of date.
From the Migration Dashboard, you can click the Apps tab to see a list of the ConfigMgr applications that have been detected with their associated information.
Note
The last column displays the Migrate button, which you click to migrate the application.
If there are multiple matches for the application, the Migrate button will show as either of the following:
Without a down arrow if we’ve matched the app to at least one Public app, but not a Custom App. When you click
Applies to: Patch My PC Cloud
Important
This documentation is for a pre-release feature still under development and, therefore, incomplete. As a result, both functionality and documentation are subject to change.
Once this feature is released, it will be announced, and this banner will be removed.
Either way, checking or unchecking this checkbox does not affect PMPC Cloud functionality.
Once you accept the permissions, you will not see this dialog box again on subsequent sign-ins.
If your email address is not associated with a user in a PMPC Cloud company, you can click Request Access beside the company you want to join.
The Request Access to join <company_name> popup appears.
If there are further information/warnings about this application that we want you to review (e.g. we’ve detected a setting in the ConfigMgr application we cannot migrate), a warning triangle is displayed in the Info column. The triangle includes a number indicating the number of warnings. If you hover your mouse over the triangle, you will see a summary. If you click the triangle, it opens the properties of the application and displays the triangle beside the items we are warning you about. Clicking the triangle shows more details you should review before continuing the application migration.
With a down arrow, which, when clicked, shows a dropdown with two options:
Migrate as Catalog, which either shows the single matching app or the available multiple matches to the Catalog apps from which you can select the one you want to migrate this app to.
Migrate as Custom, will start the migration of the app as a Custom App without the option to select any other app.
Also note that the Migrate button will be unavailable if:
The application cannot be migrated or has already been migrated to PMPC Cloud.
You do not have the correct license for your PMPC Cloud Company.
Match Type
The result of our attempt to match the ConfigMgr application to an app in our App Catalog, which will be one of the following:
Catalog App – We have successfully matched the ConfigMgr application to a version in our catalog. These apps can be deployed into Intune as a PMPC App and kept up to date by us for you.
Custom App – We have been unable to successfully match the ConfigMgr application to a version in our catalog, but we can still help you migrate it to Intune.
Publisher App – We have identified that the application was created by Patch My PC Publisher. These apps are not supported for migration.
Multiple Matches - We have found multiple matches in our catalog to the app that is to be migrated.
Unsupported – We cannot migrate the ConfigMgr application. See for more details. TIP: You can hover over the “(i)” for an unsupported match type to see why it is unsupported for migration.
Matched App
The name of the app we have matched the ConfigMgr application to in our catalog.
Status
The migration status of the ConfigMgr application, which will be one of the following:
Not Started – The migration process has not been started.
Pending – The migration process has been initiated.
Importing - The app is currently being processed by the Publisher and is being imported to the PMPC Cloud Portal.
In Progress – The migration is in progress.
Migrated – The application has been successfully migrated to PMPC Cloud.
Failed - The migration encountered an error.
Info
The Requirements tool of the Patch My PC (PMPC) Cloud deployment wizard allows you to configure custom optional requirements (including requirement rules) that must be met for the app to be deployed to the target audience.
This includes:
Configure these settings as required and detailed below.
Important
If you are deploying a Custom App created with Requirement Rules, some of the fields in this section will be prefilled. Although you can modify the fields as required, you will be unable to specify a value that is lower than that configured in the properties of the Custom App.
From the Minimum operating system dropdown, select the minimum operating system required by this app.
Note
The default Minimum operating system value is set to match the first value in the dropdown, which corresponds to the oldest version of Windows still supported by Microsoft. As Microsoft deprecates a Windows version, this value and the values in the dropdown list will automatically update to the oldest version still supported by Microsoft.
Tip
We recommend leaving the Minimum operating system dropdown at its default unless you need to configure a specific value. If an app/deployment is configured for a specific Windows version, when Microsoft retires that version, you will no longer be able to deploy the app unless you update this field to a supported Windows version.
Configure the minimum amount of RAM required to run this app.
Configure the minimum CPU speed required to run this app.
Configure the minimum number of logical processors required to run this app.
The OS Architecture Requirements section lets you specify which operating system (OS) architectures the app can be deployed to.
By default, the relevant checkbox is checked based on the value configured in the Architecture field.
Note
For example, if Architecture is configured:
As 64-bit, the 32-bit checkbox under OS Architecture Requirements will be unchecked and cannot be checked.
As 32-bit, the 32-bit checkbox under OS Architecture Requirements will be checked and cannot be unchecked. As this is a 32-bit app, the 64-bit checkbox is checked by default, but it can be checked.
You also cannot uncheck the checkbox in the OS Architecture Requirements section that corresponds to the selected Architecture.
The ARM checkbox in the OS Architecture Requirements section can always be checked/unchecked, regardless of the configured Architecture.
Configure the relevant settings as required.
Using the Additional Requirements Rule section, you can create up to 10 optional requirement rules based on the following:
File
Registry
Script
To configure an Additional Requirement Rule:
Click Add in the Additional Requirements Rules section.
On the Add Requirement Rule screen, select the relevant type of rule from the Rule Type dropdown, then configure the required options as required.
Note
To configure a script-based Requirement Rule requires the PowerShell script to already exist.
File
Path – The path to the folder you are checking for.
File or Folder – The folder containing the file you are checking for.
Property – Various options, such as whether the item exists or does not, the date it was created, modified, etc.
Registry
Key Path – The path to the Registry key.
Value name (optional) – The name of a value contained within the specified Key Path that you want to check for.
Registry key requirement – Various options, such as whether the key exists or does not, comparisons, etc.
Script
Script Name – The name of the script, which you can leave blank if you want to use the name of the script you are going to import.
Import Script – Allows you to browse to an existing PowerShell script to import.
NOTE If the script is unsigned, you will see the Script was detected as unsigned warning.
Configure the following additional options based on the type of rule you are creating.
File or Registry
Associated with a 32-bit app on 64-bit clients – If enabled, allows the rule to expand any path environment variables in the 32-bit context on 64-bit endpoints.
Script
Run script as 32-bit process on 64-bit clients – If enabled, allows the script to be run in a 32-bit process on 64-bit clients. If disabled, the script runs in a 64-bit process on 64-bit clients and in a 32-bit process on 32-bit clients.
Run this script using the logged on credentials - Run the script using the credentials signed in to the device.
Enforce signature check – If enabled, verifies that the script is signed by a trusted publisher, allowing the script to run without warnings or prompts. The script will run unblocked. If disabled, will require the end user to confirm they are happy for the script to run, but without signature verification.
Note
In terms of Scripts, in the current version:
We only support PowerShell (.ps1) scripts
You can only import a single script per Requirement Rule.
We do not sign your scripts if we use them in one of our deployments. If this is a requirement, you will need to sign the scripts yourself.
Click Add Rule to add the requirement rule.
The rule is added to the list of requirement rules.
Note
You will notice that a default Script Requirement Rule is added to the deployment, which cannot be edited or deleted. This is only actually used if you add an Update Only assignment to this deployment. Previously, we automatically added this script in the background in this scenario. We now highlight this so you can see the contents of this script.
Also, you can:
Edit a Requirements Rule by clicking the pencil icon beside the relevant rule, making the required changes, then clicking Save Rule to save the changes.
Delete a Requirements Rule by clicking the red trash can beside the relevant rule to remove it from the list of rules.
Tip
You can click the eye icon beside the Script rule to open the View Requirement Rule screen, where you can see the content of the script.
Repeat the steps in this section to add any additional requirement rules.
Note
Editing a deployment and changing any Requirement Rules will apply any changes in Intune immediately after the deployment is updated successfully in Intune.
Important
Using Add Version will not update the original deployment with any changes made to the Requirement Rules. If you edit the original deployment, you will see errors highlighting where settings with higher values for the new version have been configured compared to those in the original deployment.
If you configure Requirement Rules in both the Cloud Portal and Intune, the rules in the Portal will overwrite those in Intune. Likewise, if you have configured requirements in Intune and not in the Cloud Portal, we will not copy these to the Portal and will copy these requirements forward.
If you do not want to configure any additional settings, click Next to move to the Assignments tab.
Otherwise, navigate to the relevant tool to configure the required settings, which are explained in the relevant section.
Applies to: Patch My PC Cloud
This article lists the various that are generated with the General severity by Patch My PC (PMPC) Cloud for the following categories:
NOTE You cannot modify the script in the Script window.
Select output data type - Various options, such as type, version, etc.
NOTE If the script imported is unsigned, you will be unable to enable this option.
Removed
An app is removed
Intune Application Discovered
Created
Created the first time Discovery is run in your PMPC Company
Intune Discovered Applications Refreshed
Updated
Created whenever someone clicks Refresh Data to refresh your discovery data.
Managed Company Relationship for <child_company_name> Removed by <user_name>
Removed
A child company is unlinked from a parent MSP company
NOTE This event is shown on both the parent and child companies
Removed
PMPC Client deployment is deleted
Created
A child company of an MSP is created
Removed
A Branding App is deleted.
Custom Branding <branding_app_name> Updated
Updated
A Branding App is updated.
Default Branding - <branding_app_name> Created
Created
The default Branding App is created.
Default Branding - <branding_app_name> Deleted
Removed
The default Branding App is deleted.
Recreated
An Intune deployment is recreated.
Deployment <deployment_name> was updated by scheduled synchronization
Synchornized
A deployment is updated by the Sync Schedule.
Removed
A user deletes an invitation to an MSP company
Invitation Declined by <users_email_address>
Rejected
A user declines an invitation to an MSP company
Application <app_name> Created
Created
An app is created
Application <app_name> Changed by <user_name>
Updated
An app is updated
Client Deployment Created for <preview_or_production>
Created
PMPC Client has been deployed
Client Deployment Updated for <preview_or_production>
Updated
List of Entra ID Groups PMPC Client deployed to has been updated or the Uninstall Client feature is used.
Company <company_name> Created by <user_name>
Created
A company is created
Company <company_name> Updated by <user_name>
Updated
A company is updated
Environment <environment_name> Updated
Updated
An environment is updated
Custom Branding <branding_app_name> Created
Created
A Branding App is created.
Custom Branding <branding_app_name> Recreated
Recreated
A Branding App is recreated.
Deployment <deployment_name> Created
Created
An Intune deployment is created.
Deployment <deployment_name> Deleted
Removed
An Intune deployment is removed.
macOS (Trial) Applied
Applied
A macOS trial begins
macOS (Full) Applied
Applied
A full (not trial) macOS license is applied
Invitation Accepted by <users_email_address>
Approved
A user accepts an invitation to an MSP company
Invitation Sent to <users_email_address>
Created
An invitation to an MSP company is sent to a user
Publisher Connection Added
Connected
Publisher is connected to the PMPC Cloud portal.
Publisher Connection Removed
Disconnected
Publisher is disconnected from the PMPC Cloud portal.
Application <app_name> Removed by <user_name>
Client Deployment Deleted for <preview_or_production>
Managed Company <child_company_name> Created by <user_name>
Custom Branding <branding_app_name> Deleted
Deployment <deployment_name> Recreated
Invitation Deleted by <users_email_address>
Applies to: Patch My PC Cloud
Let’s assume you want to deploy an app in a controlled manner using Patch My PC (PMPC) Cloud.
First, you want to deploy the software to a pilot group containing a few users who want to test the software.
Then, a couple of days later, once you are happy the app functions correctly, you want to deploy it to a different group containing more users.
You could:
Create a single deployment targeted to the pilot users group.
Two days later, either:
Modify the deployment targeted to the pilot users group to add the other group containing more users.
Create a new deployment targeted to the other group containing more users.
This approach is admin intensive and relies on the admin remembering to create the deployment two days later to ensure the other group containing more users gets the app.
Alternatively, you can create a single deployment and enable Update Rings with:
One ring assigned to the pilot users group.
A separate ring assigned to the other group containing more users, but with a two-day delay to allow the pilot users to perform testing.
How Update Rings behave depends on which Update ring Start Time you chose at the time of creating the rings:
For this example, we will assume you want to deploy version 2019.1 of dBase:
Initially to the dBase Pilot Users group.
Two days later, you want to deploy the software to the dBase All Users group.
This is how you would configure this deployment in the PMPC Cloud portal to use Delayed update Rings.
In this scenario, when you deploy the app the Deployments node is displayed along with the Success – Created <app_name> notification.
Once the deployment has been completed successfully, if you look in the Microsoft Intune admin center under All apps and search for the app, you will see that version 2019.1 has been successfully deployed.
If you click the app and navigate to Manage | Properties, then scroll down to the Assignments section, as you are using delayed update rings you will only see the assignments for the first Update Ring has been created and applied to this version.
If you click on the deployment in the portal, then click More Info, then click Ring 2, you will see that this ring is scheduled to be created two days after the deployment was created.
Two days after the deployment was created and after the next Sync Schedule runs, the second update ring will be created and the assignment added for the dBase All Users group to install the software to all of the members of this group.
You can now edit the deployment if required, as all of the rings have been created.
If you also look at the deployment's properties, you will see that the second ring has been created successfully and assigned to the dBase All Users group.
As the following table shows, the software is installed immediately for any users in the dBase Pilot Users group.
Any users in the dBase All Users group will not have the software installed until two days later.
0
dBase Pilot Users dBase All Users
Yes No
1
dBase Pilot Users dBase All Users
Yes No
Now, let’s assume a new version (2019.2) gets released.
In this scenario, you can:
Wait until the overnight sync runs to pick up the new version.
Run the Sync Now process to update just this deployment immediately.
Note
This is one of the many reasons why we recommend configuring your Sync Schedule to Daily if you are using Update Rings.
We also use the release date of the new version to validate if it is the right time to update the assignments to upgrade rings to later versions.
Once the deployment has been updated, you can now edit it as all of the rings have now been created. If you look at the deployment’s properties, you will see that for the Ring 1, version 2019.2 has now been assigned to the dBase Pilot Users group.
But if you click on Ring 2, you will see that version 2019.1 is still assigned to the dBase All Users group.
If you check in the Intune admin center, you will now see both the existing app (version 2019.1) and the new version we have just deployed (version 2019.2).
If you check the assignments for the original deployment (version 2019.1), you will see it is now only assigned to the dBase All Users group.
Whereas, if you check the assignments for the new deployment (version 2019.2), you will see it is only assigned for now to the dBase Pilot Users group.
Two days after the new version of the app is released and after the next Sync Schedule runs, the assignment for the dBase All Users group will be automatically moved from the version 2019.1 deployment to the 2019.2 deployment, automatically upgrading the members of the dBase All Users group to version 2019.2.
The old version of the app (2019.1), will remain, but will no longer show as Yes under the Assigned column in the Intune admin center. At the next sync, the old version of the app will be deleted.
This update process is summarized in the following table:
0
dBase Pilot Users dBase All Users
2019.1 2019.1
Yes No
2019.2 2019.1
* Number of days after the new version of the app is released
** Any new users/devices added to the group will receive the version applicable to the group.
For this example, we will assume you want to deploy version 2024.1 of PaintShop Pro:
Initially to the Corel Pilot Users group.
Two days later, you want to deploy the software to the Corel All Users group.
This is how you would configure this deployment in the PMPC Cloud portal to use Immediate Update Rings.
When you deploy the software, you see the Deployment Summary of how the deployment will be handled.
Once the deployment has completed successfully, if you look in the Microsoft Intune admin center under All apps and search for the app, you will see that version 2024.1 has been successfully deployed.
If you then click the app and navigate to Manage | Properties, then scroll down to the Assignments section, you will see all of the assignments for each of the Update Rings have been created and applied to this version.
As the following table shows, when using Immediate Rings, the software is installed immediately for any users in any of the groups assigned to any of the update rings.
0
Corel Pilot Users Corel All Users
Yes Yes
1
Corel Pilot Users Corel All Users
Yes Yes
It is only when a new version of the targeted software gets released (current plus one or n+1), do the assignments from the previous version get moved to the latest version and Update Rings start to function as configured.
Now, let’s assume a new version (2024.2) gets released.
In this scenario, you can:
Wait until the overnight sync runs to pick up the new version.
Run the Sync Now process to update just this deployment immediately.
Note
This is one of the many reasons why we recommend configuring your Sync Schedule to Daily if you are using Update Rings.
We also use the release date of the new version to validate if it is the right time to update the assignments to upgrade rings to later versions.
Once the deployment has been updated, if you look at its properties, you will see that for the Ring 1, version 2024.2 has now been assigned to the Corel Pilot Users group.
But if you click on Ring 2, you will see that version 2024.1 is still assigned to the Corel All Users group.
If you check in the Intune admin center, you will now see both the existing app (version 2024.1) and the new version we have just deployed (version 2024.2).
If you check the assignments for the original deployment (version 2024.1), you will see it is now only assigned to the Corel All Users group.
Whereas, if you check the assignments for the new deployment (version 2024.2), you will see it is only assigned for now to the Corel Pilot Users group.
Two days after the new version of the app is released, the assignment for the Corel All Users group will be automatically moved from the version 2024.1 deployment to the 2024.2 deployment, automatically upgrading the members of the Corel All Users group to version 2024.2.
The old version of the app (2024.1), will remain, but will no longer show as Yes under the Assigned column in the Intune admin center. At the next sync, the old version of the app will be deleted.
This update process is summarized in the following table:
0
Corel Pilot Users Corel All Users
2024.1 2024.1
Yes No
2024.2 2024.1
* Number of days after the new version of the app is released
** Any new users/devices added to the group will receive the version applicable to the group.
2
dBase Pilot Users dBase All Users
Yes Yes
1
dBase Pilot Users dBase All Users
2019.2 2019.1
No** No
2019.2 2019.1
2
dBase Pilot Users dBase All Users
2019.2 2019.1
No** Yes
2019.2 2019.1
2
Corel Pilot Users Corel All Users
Yes Yes
1
Corel Pilot Users Corel All Users
2024.2 2024.1
No** No
2024.2 2024.1
2
Corel Pilot Users Corel All Users
2024.2 2024.1
No** Yes
2024.2 2024.2
Applies to: Patch My PC Cloud
Details the production release history for Patch My PC (PMPC) Cloud during 2024, the most recent release being shown first.
Note
See Release Notes for details of the releases made throughout the current year.
Entra ID Security Groups - The ability to use feature is now generally available (GA).
App Dependencies - The feature is now avialble in Public Preview.
Resolved an issue with the validation for the Additional Argument field of a deployment not working correctly.
Resolved an issue where an error was displayed when a user with the Read-only Admin role enables Pause Updates.
Create a Deployment with No Assignments - has now been released.
Entra ID Security Groups - The ability to use feature is now in Public Preview.
Extra Files - The feature (also known as Deployment configuration files) is now in Public Preview.
Resolved an issue with the portal not auto-refreshing the Status when creating a new deployment.
New Visual Indicator for Public Preview Features – If you have in your PMPC Cloud company, we now show you how many and which Public Preview features you have enabled.
Support for Role Scope Tags - We now support
Ability to enable auto-updates for an app – If an app supports auto-updates, you can now choose whether to enable this behavior.
Script name auto-populated – Now when you now import a script to a deployment, the Script Name field is auto-populated with the script’s name.
Resolved an issue where Webhook notifications were not sent for some Update Rings.
Restriction on M365x Tenants Starting a Trial - We no longer allow customers whose Entra ID domain starts with m365x to start a Patch My PC (PMPC) Cloud trial. Such customers will not see the option to start a PMPC Cloud Trial and will either need to enter a PMPC Cloud license key or activate their license using their on-premises Publisher license key.
Resolved an issue with Custom Apps becoming “stuck” or taking a long time to be created.
Resolved an issue with old versions of apps not being deleted from Update Rings.
Resolved an issue with being unable to connect to Intune after deleting the connection for a linked MSP company.
New service unavailable notification – If one of our regional services is unavailable, you will now see a banner notification informing you of this.
Resolved an issue where enabling email notifications resulted in the first email showing all historical information, not just the relevant notifications.
Resolved an issue with webhook notifications not being received if the payload exceeds 28kb.
Various improvements to the daily update report email.
Resolved an issue with the Install and Update App no assignment type being available incorrectly when deploying a .MSP file.
Resolved an issue with icons not appearing in AppCat after adding an app.
Resolved an issue where the Add Assignment button is unavailable if the Entra group for an existing assignment has been deleted from Entra. We now display an error and force you to remove the assignment in this scenario.
Maximum delay for an Update Ring has been increased to 180 days.
Improved overall
Resolved an issue where the email and webhook notifications were not received after creating a deployment with no assignments.
New .MSP Installer Type added to AppCat – We now support the .msp installer type in AppCat.
New “Read-Only Admin” user role – This new role can view all pages in the portal but cannot make any changes. This role is intended for audit purposes.
New “Tenant Recovery” option – If enabled, prevents a PMPC Company from being recovered using the process. [NOTE: You will need to contact support to get this feature enabled due to the potential consequences of enabling it.]
Warning when changing from Daily Sync Schedule – We now have a new warning when changing your Sync Schedule from Daily as this can affect how Update Rings work.
Update Rings Deployment Summary warns if you are not using a Daily Sync Schedule – When creating or editing a deployment that uses Update Rings, the Deployment Summary popup includes a warning against using anything but a Daily Sync Schedule with Update Rings.
Update Rings now detects the Sync Schedule – If the Sync Schedule is configured to run on anything but a Daily
Resolved an issue with the user’s first name and last name fields not being automatically populated on sign-up.
Resolved the Unable to deploy. Product data was not found error.
Deployments without assignments – You can now create a deployment without assignments [Note: You need to be using the Update Rings Feature currently in Public Preview to be able to use this functionality].
Update Rings can now be updated at the Ring level – You can now update a ring to any available version that is higher than the current version.
Discovery now shows the icon for an app – now shows the relevant icon for each app that’s managed/unmanaged.
Daily Updates Email Report includes newly created Deployments – The daily Updates Report now includes the details of any new deployments created in the previous 24 hours [Note: You need to be using the Update Rings Feature currently in Public Preview to receive the report with these improvements].
Discovery now shows Publisher apps – The Managed tab of now includes apps deployed by our on-premises Publisher.
Recommended default name for the Branding App – We now provide a recommended default name for the branding app, which you can override.
Update Rings [PUBLIC PREVIEW] - The feature of Patch My PC (PMPC) Cloud allows you to deploy apps and updates in a phased manner across your Intune estate.
Increased number of characters for Additional Arguments - The maximum number of characters you enter in this field has been increased to 500.
Resolved truncating issue with App Cat app names – When opened, apps with long names are no longer truncated but are displayed in full on the app’s properties page.
Resolved “No Files Added” bug – After uploading a new version of the app.
Discovery – The feature is now available in Public Preview. This feature lets you see which apps in our App Catalog are installed in your environment, including any Binary Free Apps or Custom Apps you may have added.
Note
As this is a preview feature, you must for the Discovery node to appear in your portal.
Folder installation log now shown – We now show the path to the installation log in the new Installation Logging section of the Summary tab. We currently do not support changing this.
Sync Schedule – GMT is no longer shown in the UI of the to avoid confusion.
Note
No public facing changes were made on the 4th September.
Company ID shown during recovery – When you , we now include the company ID as well as the name of any companies you can recover in the Company to Claim dropdown.
Vendor Verbose Logging enabled – Resolved an issue with vendor verbose logging not being enabled by default for IntuneSync.
On Restart Notifications incorrectly configured – Resolved an issue where if the notifications for a deployment are configured for On Restart, the Show All option is actually selected on the dropdown, and not On Restart.
Recover Your Company – We now provide a facility for you to regain access to your company by using the new process.
Latest Version added to app properties – Now when you open an app’s properties, we show the latest version number.
Link to vendor download – When you upload the installer, we now provide a link to the official vendor’s website to ensure you download the most recent and official version.
Notifications – Resolved an issue with emails not being sent for some apps after the daily sync job ran.
Users – Resolved an issue where changing a user’s role resulted in several notification emails being sent instead of one.
Naming Conventions – Resolved an issue where any tag added after a string was not recognized.
Link to product documentation added to the support menu.
Users – The portal now displays a confirmation if you try deleting yourself.
Improved App Icon UI – We now show the supported file types in the UI for the App Icon.
Improved language support - English variants are now exposed. Previously, we only exposed English as a language for apps. We now expose all available variants such as English - Canada, English - United Kingdom, English - United States, etc.
Update-only assignments for user-based apps – You can now create update-only assignments/packages with Intune Apps in the same way as you can with our OnPrem Publisher.
Resolved an issue with Silent Install Parameters not being copied over when adding a new version of an app.
Sync Schedule changed to UTC – To help avoid confusion, the Sync Schedule time is now based on .
Customer Support – Resolved an issue with being unable to edit a timer with less than 4 hours remaining.
Deployments – Resolved an issue with some Custom Apps being stuck with the status of Retrying.
Ability to opt-in to Preview Features – You can now opt-in to automatically gain access to pre-release features we mark as Public Preview.
Customer Support feature re-designed – You can now set a timer to limit the amount of time Patch My Support has access to your environment and the level of access.
Test buttons for Notifications – New buttons to allow you to send test notifications/emails when setting up Notifications to check they are configured correctly.
Allow Available Uninstall – You can now configure a deployment to allow an app installed by the Company Portal to be uninstalled by Intune Apps.
Increased upload limits for pre/post scripts – Previously, the total size of all pre/post scripts for a deployment was limited to 1 MB. This has now been increased to 1 MB per script, with a total size limit of 4 MB.
Deployments – Resolved an issue with the Edit button not being displayed if an app has already been successfully deployed.
Resolved an issue with the MSI Product Code being displayed for a Custom App created with an EXE as the primary installer file.
Improved sorting by column – Columns can be sorted by more headings in various nodes when working in the portal.
Improved user access requests — Users can now enter a message giving more information about why they are requesting access to a company.
Improved access denied flow – Admins can now provide a reason for declining a user's access request.
Branding – Resolved an issue where uploading a new logo with the same name as the existing one shows the old logo.
Notifications – Resolved an issue with Teams and Slack notifications cutting off CVE data and not containing release notes.
Update reports – Resolved an issue with the formatting of file sizes on the deployment email report.
Users – Now you cannot remove the Access Management right for the last admin user in your company. This prevents you from locking yourself out of the portal. If you are the last user and there is at least one other account with this right, if you try revoking it from your account, you are prompted to confirm because of the consequences.
Users – The Application Deployment Admin user role has been renamed Intune App Admin.
Naming Conventions - You can now use the new feature to configure custom naming conventions for all deployments created in Intune Apps for Cloud. This allows you to standardize the naming convention across all your Intune deployments.
Deployments – Resolved an issue with two Update-only apps being created in Intune if the first one fails. Now, if an app fails to be created in Intune, we delete it.
Onboarding – Resolved a sign-in issue when a user accepts an invitation.
Resolved an issue with the Naming page not being accessible.
New user role added.
General – Clicking our logo in the top left-hand corner of the portal returns you to the App Catalog and forces a refresh.
App Catalog – If the name of an app is truncated, hovering over it now shows the full name as a tooltip.
Contact Form – Resolved a memory exception error when sending attachments to us through the Contact Form in the portal. You can now send up to 25 MB of attachments when using this form.
Deployments – Resolved issues :
Resolved an issue with the user being able to add the same conflicting process multiple times when creating a Custom App. We now do validation to prevent this.
Contacting Support – You can now modify the From email address when using the form.
Environments node – New button added under the Intune connection.
Licensing – If you already have an active license with us and click Start Trial, we detect this and use your existing license to activate your portal.
Various improvements to notification messages and tooltips to improve readability.
The “Prevent from opening an application while the application is updating” checkbox is no longer checked by default on the Conflicting Processes settings pop-up.
Resolved an issue with the configuration of Conflicting Processes not being honored.
Various other bugs.
Deployment method icon shown in Discovery – When you view the Managed tab of Discovery, we show the method used to deploy the app i.e. PMPC Cloud, on-premises Publisher, or both.
Cooldown Timer for Company Recovery – Recovering a company is now limited to three attempts every 12 hours.
Search – General improvements to search.
Sync Schedule – The new feature allows you to set a different time and frequency for the sync job to run.
with Pause Updates being disabled when editing an existing deployment where Pause Updates has been enabled.
when editing a deployment, any required assignments with an availability date set to ASAP are not modified until the next day at 12 AM.
Deployment Filters – When adding a deployment filter to an app deployment, we now only show filters for the Windows 10 and later platform, instead of all filters.
Various improvements to notification messages and tooltips to improve readability.
Notifications node – New tooltips have been added so you know when you will receive notifications.
Primary buttons in the UI re-designed based on user feedback.
Applies to: Patch My PC Cloud
Details the production release history for Patch My PC (PMPC) Cloud during 2025, the most recent shown first.
Note
See Release Notes for details of the releases made throughout the current year.
Advanced/Patch Insights for Intune
Resolved an issue where if a user deletes a device, an event is not written to the Events node.
Resolved an issue when deploying version 1.0.54.17 of the PMPC Client being stuck as In Progress
Portal
Resolved an issue where a deployment is synchronized and updated, but the wrong version of the app shows in the portal.
Advanced/Patch Insights for Intune
Portal
Multiple Domain Support– that allows you to configure multiple Entra ID custom domains for your PMPC Cloud company.
Multi-Language Support improvements – For those apps that provide multi-language installers, we’ve now updated the metadata for those apps in our App Catalog instead of defaulting the language to en-US.
Portal
Resolved an issue with Discovery showing incorrectly some apps deployed by Publisher as Unmanaged.
Resolved an issue where if you applied filters in the Events node and close them, when you re-open the filters the applied filters are no longer present.
Intune Apps
Improved support for macOS LOB deployments – We have improved support and flexibility when deploying macOS Line-of-Business (LOB) apps.
PSADT
Intune Apps
Resolved an issue where clicking Reset to Default in a deployment cleared all fields of all values instead of resetting them to their default values.
Resolved an issue for macOS LOB deployments where the LOB suffix was not shown in all relevant places in the portal.
Intune Apps
Resolved an issue where if a deployment is created without any assignments and the Copy Forward option is disabled, when a new version of an app is released, any assignments from the previous version were deleted when the app version was updated. Now the following occurs:
Intune Apps
New Update Only Assignment behavior – Now, when you deploy an app and add an Update Only Assignment, rather than hiding this option if it is not supported for the file type selected, we now show it as greyed out, along with a tooltip explaining why.
Portal
Resolved an issue with some optional configuration settings for a deployment not showing on the Summary tab.
Custom Apps
Portal
Resolved an issue with incorrect results when sorting the portal by the Architecture column.
Intune Apps
Portal
Increased Number of Templates – You can create up to 200 templates in the portal.
Binary Free Apps
Portal
Resolved an issue when setting a date for a Detection Rule, the calendar would close unexpectedly when clicking the back button.
Intune Apps
Custom Apps
Resolved an issue with a new version of a Custom App not being created in the Intune tenant.
Intune Apps
Portal
New “OS Architecture” Tool – This new tool allows you to specify which operating system architectures and device types a deployment should be targeted to. Available for regular and MSP App Set deployments, as well as in the Migration Tool.
Custom Apps
Resolved an issue when editing a Custom App created for an EXE. After adding a Detection Rule for an MSI product code, the app could not be saved.
Migration
Portal
Custom Deployment Info - You can now customize information about the app when creating a deployment.
Portal
Resolved an issue with apps in the App Catalog not sorting in the correct order when sorted by the Last Updated column.
Resolved an issue with quote-related actions not appearing in the Events section.
Managed Service Provider
Resolved an issue where creating a new Child Company resulted in a Validation Error.
Resolved an issue with AppSets being hidden after applying an MSP license.
Intune Apps
Resolved an issue with multiple Teams notifications being received when a new version of an app is added and updated, instead of just a single notification.
Resolved an issue with the Retention Policy being calculated incorrectly after editing an assignment.
Portal
Notifications – We’ve now added links to the relevant docs when setting up Notifications, based on customer feedback.
Portal
Resolved an issue when trying to delete a PMPC Cloud Company resulted in an Error – Customer has active connections message.
Custom Apps
Portal
End-of-Life Apps – Any apps that go End-of-Life (EoL) are now removed from our App Catalog.
Managed Service Provider
Portal
Resolved an issue with Microsoft SQL Server Management Studio 21 only supporting the UpdateOnly or Install assignment types.
Portal
New User Profile feature – When you click your user name in the top right-hand corner, you will now see a new Profile option that allows you to manage the details of your user account.
Portal
Resolved an issue with there being two separate entries in the App Catalog for Docker Desktop (one of each type of installer). There is now one combined entry.
Resolved an issue with some apps not correctly supporting four-character language combinations such as “fr-FR” and defaulting to English.
Portal
Changes to new trials – All new trials of Patch My PC Cloud will default to our Premium SKU.
Binary Free Apps
Portal
Resolved an issue where some customers stopped receiving summary emails of app updates.
Intune Apps
Portal
Customer Feedback – Now, when you complete certain workflows for the first time, we give you the option of providing feedback on your experience.
Managed Service Provider
Portal
Resolved an issue where the ConfigMgr version of an app migrated to PMPC Cloud was deployed instead of the newer version in our App Catalog.
Binary Free Apps
Custom Apps
Uninstall Arguments – We’ve now added the ability for you to specify uninstall parameters for a Custom App.
Intune Apps
Portal
Resolved an issue with Microsoft SQL Server Management Studio 21, where assignments could only be created to either install or update this app. Now we support both.
Custom Apps
Portal
Resolved an issue with some users receiving an “An error occurred while processing your request” when working with Branding.
Resolved an issue with a Limit showing as red when it reached 99%, not 100%.
Portal
Resolved an issue where if the macOS trial banner was closed for one PMPC Cloud Company, if you logged into another company, the banner was also disabled.
Resolved an issue with overlapping elements in the portal if a resolution lower than 1324 x 724px was used.
Portal
Resolved an issue with Company Recovery being referred to as Tenant Recovery in the Events section.
Portal
New “Items per page” options – We’ve added new values to the Items per page dropdown in the portal to allow you to choose to display more items per page in the portal.
Increased character limits –
Discovery
Resolved an issue where if a single Intune discovered app was mapped to two different products from our App Catalog, and one of them was managed and the other was unmanaged, one of them would appear under the Managed tab and the other would appear in the Unmanaged tab. Now, if one of them is managed and the other is unmanaged, the managed app is displayed in the Managed tab and the unmanaged app is hidden in the Unmanaged tab.
Custom Apps
Portal
New "Usage" page – We now show the usage limits for your PMPC Cloud company and your current usage to allow you to see when what you are using and when you are approaching a limit.
New tooltip for MSP deployments – Now if you select the
Portal
Resolved an issue with Entra ID Groups not being sorted alphabetically in the portal when searching to add them to an assignment.
Portal
Granting PMPC Support Access – We now provide a dropdown to allow you to choose the number of hours you want to grant our Support Team access to your PMPC Cloud company.
Portal
Resolved an issue when sorting by operating system within Discovery not sorting correctly.
Portal
Improved UI for multi-versions –Now if an app has multiple versions in the App Catalog that can be deployed, we indicate the number of versions available and allow you to select the relevant version you want to deploy from a dropdown on the app’s tile in the App Catalog.
Intune Apps
Intune Apps
Resolved an issue where a user could create a Windows Deployment Template with an ESP Profile and an Update Only Assignment. It should not be able to create such a combination.
Binary Free Apps
Improved validation – Previously, you could upload one bitness of an app, but attempt to deploy a different bitness. It was only when you got to the end of the Deployment Wizard that we informed you of this mismatch.
Portal
Resolved an issue with the text entered in the Reason for Request field when requesting access to a PMP Cloud Company not being populated in the portal.
Intune Apps
Improved error handling for deployments when permissions are removed – We have improved error handling for various deployment-related scenarios when permissions are either removed or amended when managing deployments.
Intune Apps
Resolved an issue with the incorrect error message being displayed when Company limits have been reached. We now show the correct error for the relevant cause.
Portal
Templates – You can now set the default type of Update Rings from within a Template.
Templates – The Tools menu has been added to the Configurations
Portal
Resolved an issue with the list of languages on the Branding List page showing the language that was configured first when it should be the default language.
Resolved an issue where inserting a variable in the middle of text when defining naming standards actually inserted the variable at the end of the field and not at the chosen point in the text.
Portal
Change to Self-Update template behavior – Now when you create a Template, we check the Disable Self-Update option under the Built-in Auto Updates section by default (previously this was unchecked).
Custom Apps
Various bugs squashed to resolve issues with deployments getting stuck.
Resolved an issue with the Custom App Admin not having access to the App Catalog page.
Intune Apps
Resolved an issue when adding extra files to an existing deployment (either through editing it or adding a new version) of those files missing from the deployment.
Resolved an issue with config files larger than 28.6 MB failing to upload.
Number of available versions now shown for apps in the App Catalog – If multiple versions are available for different variants of the same app, App Cat will show the number of available versions. If you hover over the number, you can see the list of variants grouped accordingly. If only one version is available for all variants, only that version will be displayed.
No release.
Resolved numerous other issues as we continue to develop this feature.
Intune Apps
Resolved an issue where deleting a deployment with a status of Retrying does not delete the win32 app in Intune.
Managed Service Provider
Resolved an issue when an MSP tries adding an AppSet to a customer, they get the One or more customers do not have a valid Intune connection error.
Migration
Resolved numerous issues as we continue to develop this feature.
Resolved numerous issues as we continue to develop this feature.
Custom Apps
Resolved an issue where an error is thrown when attempting to upload new files or new versions of files to an existing Custom App.
Migration
Resolved numerous issues as we continue to develop this feature.
PSADT Branding – A new notification style now in Public Preview that uses Fluent UI dialogs.
Intune Apps
Resolved an issue where, for some apps, there was a difference in versions between the UI and the PatchMyPC.xml (cab file).
Resolved an issue when deploying an app and selecting the Skip installation when conflicting processes are in use setting, which was ignored, and the app was installed.
Resolved an issue where if a macOS LoB PKG was created with Install as managed disabled, the deployment failed.
Managed Service Provider
Resolved an issue where Premium subscription features were displayed for MSP license holders.
Resolved an issue where a user invited to a company gets an error when accepting the invitation and creating a new company.
Resolved an issue with App Sets not being shown on the App Sets page.
Migration
Resolved numerous issues as we continue to develop this feature.
Reporting (Advanced/Patch Insights)
Resolved numerous issues as we continue to develop this feature.
Migration
Moved to Public Preview.
Reporting (Advanced/Patch Insights)
Moved to Public Preview.
Resolved an issue where clicking Edit to edit a deployed App Set resulted in an error.
Migration
We no longer show apps that are retired in the list of unsupported apps.
Reporting (Advanced/Patch Insights)
Resolved an issue where the Reporting node would disappear at the end of a trial.
On the sync of a new version with Copy Forward enabled, all assignments for the previous version are removed and re-added to the new version.
When a deployment is recreated with Copy Forward disabled, all assignments are deleted.
When a deployment is recreated with Copy Forward enabled, all assignments are copied.
Resolved an issue for macOS deployments where you could add macOS scripts even when uninstall assignments were present, leading to invalid deployment configurations.
Managed Service Provider
Resolved an issue with some App Sets being stuck In Progress.
Intune Apps
Resolved an issue with PSADT scripts being incorrectly available for macOS apps.
Managed Service Provider
Resolved an issue with the Enable PSADT Module checkbox being unavailable when editing an App Set.
Resolved an issue where the Subscription node was still showing in the portal after the user accepted an invite from an MSP.
Migration
Resolved numerous issues as we continue to develop this feature.
Reporting (Advanced/Patch Insights)
Resolved numerous issues as we continue to develop this feature.
Resolved an issue where unsupported Return Codes were shown on the Summary tab of a macOS deployment.
Resolved an issue where the OS Architecture Requirements tool was shown incorrectly for a macOS deployment.
Managed Service Provider
Resolved an issue where, after a child company is unlinked from the parent, it is still listed at the parent.
Resolved an issue where a Validation error is returned for an App Set after a child company that the App Set is targeted to is removed.
Resolved an issue where an error notification was returned when attempting to downgrade from an MSP license, instead of the expected Downgrading from an MSP Plus license is currently not supported notification.
Resolved an issue where the Invitations tab could not be opened when inviting users to an MSP company.
Migration
Resolved numerous issues as we continue to develop this feature.
PSADT
Resolved an issue where the PSADT module was displayed incorrectly for a macOS app, as macOS does not support PSADT.
Managed Service Provider
Resolved an issue when inviting a user failed with An error occurred while processing your request error.
Migration
Resolved numerous issues as we continue to develop this feature.
Managed Service Provider
Resolved an issue with App Sets where if the assignments for an app were set to All Users and All Devices for one company, these same assignments couldn’t be used in different companies for the same deployment.
Migration
Resolved numerous issues as we continue to develop this feature.
Resolved an issue where the Upload app button was not shown after receiving a notification that a new version was available.
Managed Service Provider
Resolved an issue where if an MSP uses an email address that doesn’t exist to send an invite, the event is recorded incorrectly in the Events section.
Resolved an issue with null being added to the Install Parameters field when adding an app to an App Set.
Migration
Resolved numerous issues as we continue to develop this feature.
Resolved numerous issues as we continue to develop this feature.
Resolved an issue with an app being removed from an App Set still showing as being managed.
Migration
Resolved an issue with a .exe ConfigMgr App with an MSI product code detection rule not being detected.
Managed Service Provider
Resolved an issue where Entra ID Groups were not displayed when creating an App Set using an invitation link for a Child Company.
Resolved an issue when adding assignments for Branding with the “All Users” and “All Devices” groups not being shown.
Intune Apps
Editing a Deployment to use Update Rings – Now, when you edit an existing deployment and configure it to use Update Rings, we show the start time for the Update Rings.
Resolved an issue where if a vendor changes an installer’s architecture (e.g., from x86 to Unspecified) in a new revision of their app, the system fails to match existing deployments for that app, which remain stuck on the old version.
Managed Service Provider
Resolved an issue where accepting an MSP invite link did not show the list of Custom Apps relevant to the Child Company.
Managed Service Provider
App Set Details – You can now expand an App Set to see a list of the apps it contains and summary information for each app within the App Set.
Intune Apps
Resolved an issue where attempting to add an assignment to an existing deployment failed with a 400 Bad Request error.
Managed Service Provider
Resolved an issue where adding a Child MSP company to an App Set containing a Custom App resulted in the app being stuck with a status of In Progress on the Child Company.
Resolved an issue where adding a Child MSP company generated a Bad request error.
Resolved an issue with a Discovery data failing to load, sometimes with a TypeError: Failed to fetch error.
Custom Apps
Resolved an issue with Custom Apps getting stuck at stage of 3/3 after editing.
Managed Service Provider
Resolved an issue with assignments not being shown correctly for MSP App Sets.
Resolved an issue where if you had the Remember my Selection checkbox checked on the sign in page, then signed out, and selected a different company to sign into, you were signed into the company that was remembered, not the new one you selected to sign into.
Custom Apps
Resolved an issue with an app’s icon not being displayed in a webhook when the deployment of a Custom App is updated via the Sync Schedule.
Intune Apps
Resolved an issue when running Discovery for a new PMPC Cloud Company generating an error, which was resolved by clicking Refresh.
Resolved an issue with the sorting of apps in Discovery not working correctly.
Resolved an issue with excluding an Entra ID group from Branding now working.
Managed Service Provider
Resolved an issue with adding a scripts and arguments to an MSP App Sets not being saved, as when you edited the App Set, the script and it’s arguments were missing.
Install Parameters Additional Argument
Silent Install Parameters
Additional Silent Uninstall Parameters
Custom Apps
Version number replaced with “%” – Now, when you add a Primary Install File that is an MSI, when populating the various properties, if we detect a version number in the Apps & Features Name field, we replace it with a "%".
Resolved an issue with a Custom Apps icon not being shown in a webhook when its deployment is updated via Sync Schedule.
Managed Service Provider
Resolved an issue with an MSP not being able to unlink a child customer if their license had expired.
New default variant logic – We’ve now replaced our existing language-only priority when creating a deployment with logic based on language, installation context, architecture, and installer type.
Ability to create an "Uninstall Branding" app – You can now create this app which will create an Intune Win32 app, assigned as required with an uninstall intent, to remove any custom branding files from devices.
Resolved an issue with Exclude filters configured on a deployment actually being applied as an Include filter.
Intune Apps
Resolved an issue with Scope Tags manually added in Intune not being copied forward.
New Update rings start time dropdown – Previously, when creating a deployment, on the Assignments page, after clicking Enable Update Rings you had the choice of choosing to create either Delayed or Immediate rings. We’ve now moved the choices under a new Update rings start time dropdown, recommending Delayed and including tooltips to help guide you.
Resolved an issue with two deployments being created in Intune after a deployment with No Assignments is recreated.
Various bugs squashed to resolve issues with deployments getting stuck.
Resolved an issue with failed deployments not being shown in the Updates Report.
&Resolved an issue with email addresses being displayed incorrectly when a deployment has a large number of update rings.
Resolved an issue when uploading extra files with the same name but in different folders, the UI didn’t process the folder structure and instead uploaded all of the files as independent files.
Native Detection Rules – Patch My PC (PMPC) Cloud deployments now support Native Detection Rules.
Pre/Post Scripts now support Arguments – Our Pre and Post Scripts now support additional arguments.
New “Product Docs” and “Release Notes” options added to the support menu – Now when you click the Support Menu (?) you’ll see links to both the PMPC Cloud Product Docs and Release Notes to help you find the information you need to work with and keep up-to-date on what we’re doing with PMPC Cloud.
Changing certain settings on a deployment now warns you we are resetting other values – Now if you change settings such as the installer type, architecture or installation context, you’ll be warned that doing so will reset all configurations from the other tabs because some settings are only available for specific options.
Resolved an issue with a Reload site prompt being displayed in error when saving a Custom App.
Resolved an issue when uploading Extra Files using the Add Folder option, where if multiple files exist in any subfolder and they have the same hash, you see Error File with the same hash already exists.
You can no longer add an ESP Profile containing 100 or more apps to a deployment.
If you and a single Update Only assignment to a deployment configured to use ESP Profiles, the Configurations tab is marked with a red “X” to indicate there is an issue.
Improved retry mechanism for deployments
Resolved an issue with a user assigned the Custom App Admin role receiving a Validation Error when logging into an MSP Customer.
Prevent an app deployment from being deleted from a parent MSP company if it is deployed at any child companies.
Resolved an issue with Custom Apps being unavailable in the App Catalog with users assigned the Custom Apps Admin role.
Context Sensitive Searching is now supported in Scope Tags – You can now type in the Profile Name field and we’ll automatically return a list of matching Scope Tags.
Resolved an issue with Events not being written when pausing a deployment.
Resolved an issue where if the EnforcedUninstallArgument was saved in the App Catalog, it was not used when creating an uninstall in a deployment
Resolved an issue with not being able to upload extra files with no name and just an extension.