#Windows #Powershell
One of the companies I'm working with has an Intune installation package for Adobe Acrobat Pro DC version 15.007.20033, but seems to have an issue with signing in on any PC that gets the deployment. Even newly imaged computers running Windows 10 21H2 get the error.
The package was created in Intune as a regular Line of Business app using a freshly generated .msi
file from the Adobe Admin console under the Packages tab:
To get the application rolled out: I created a security group in Azure Active Directory named “Adobe Acrobat Pro DC users” that is used for the following tasks (not in this order):
Uninstalls Adobe Reader DC (This removal is to simplify the user experience opening .pdf
files, but isn't needed for functionality)
Provisions an Adobe Acrobat Pro DC license using a configuration in Enterprise Applications
Installs the Adobe Acrobat Pro DC .msi
file
After the Adobe Acrobat Pro DC installation is complete on a user's computer and on first run, the user is prompted to login with their Adobe account. Since these users are already provisioned, it should be an easy click through. When the user hits the signin page, however, an error message appears and doesn't let the user continue:
Update required: Your browser or operating system is no longer supported. You may need to install the latest updates to your operating system. Learn more.
This seems to be a bug and users are reporting the issue on the Adobe Community forums [A]. The post notes that the issue is with an older version of the file AASIapp.exe
that is causing that update error message. To work around this, they provide some steps from Adobe Support that can be used to fix the issue.
I wanted to make this deployable in Intune, so I wrote the following script:
function Invoke-AdobeAcrobatDCFix {
$DownloadURI = 'http://prdl-download.adobe.com/Framemaker/428037A8066D4558A7EF7D7D06CB5B72/1600836995996/AASIapp.exe'
$DownloadDestination = 'C:\temp\AASIapp.exe'
$AppDestination = 'C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P7'
Invoke-WebRequest -Uri $DownloadURI -OutFile (New-Item -Path $DownloadDestination -Force)
Copy-Item -Path $DownloadDestination -Destination $AppDestination -Force
}
Invoke-AdobeAcrobatDCFix
To get this working in your environment, follow these steps:
Copy the script snippet above and paste it into a text editor. Save it as a .ps1
file.
Open https://endpoint.microsoft.com/
Navigate to Devices > Scripts > Add > Windows 10 and later:
Move through the wizard to upload and configure your script deployment:
Basics: Name it something you'll remember and add a description.
Script settings: Upload the .ps1
file you saved earlier. Leave the other options on the default “No” setting.
Assignments: Select the user group that you're using for the Adobe Acrobat Pro DC app deployment. In my environment, this is the “Adobe Acrobat Pro DC users” security group.
Keep the Scripts tab open for a few seconds. After the upload message pops up, the deployment will begin to sync to devices:
You can check the deployment process on the PC by looking for the C:\temp\
folder or for a newer timestamp on the file at C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P7\AASIapp.exe
:
If the script fails, you can check the Intune application log at C:\ProgramData\Microsoft\IntuneManagementExtension\Logs\AgentExecutor.log
for Powershell error messages.
If Adobe decides to stop hosting the file, this process could stop working. You might want to download that .exe
file and put it in a public container in an Azure Storage account.
I'm sure this script could be shorter and the process could be more streamlined (I'm thinking editing the .msi
file), but it's working for me and doesn't require too much upkeep. After assigning a user the Adobe Acrobat Pro DC users security group, after a little bit of time, the user will have a fully working Adobe Pro installation.
I hope this helps!
Discuss...