Last Updated on April 21, 2022 by rudyooms
This blog will about what options you have when you need to deploy drivers while using Intune.
I received a private message on the Technet community asking me to help out with some driver installation problems. There were 100 devices that needed a WLAN driver update.
The devices had the build-in Microsoft Driver installed and for some reason, they need the have the Intel driver from 2020 installed. I guess I forgot to ask why?
So what options do we have to deploy the proper drivers to the device when using Intune?
1.HP Image Assistant
I have been using this solution for a while now. It’s a great solution when you need to make sure all the HP drivers are updated during autopilot.
The experience I have with this solution is mixed. Sometimes the driver updates went great… other times it took really really long before the drivers were updated.
2. PnPUtil
When you need to install a single driver, this could probably be a really good solution. Let’s see what you will need to do. First, we need to download the sp111695.exe from the HPE website.
After the download you need to start installing it, it will extract the needed files to the c:\swsetup folder
Make sure the driver folder is in it, with the *.inf files in it as shown below!
I browsed to the src folder and removed the install.drv.cmd and created a new and very simple PowerShell Script
New-Item -Path "c:\" -Name "temp" -ItemType "directory" -force
cmd.exe /C copy /Y .\IntelWLANdriver.dll "C:\Windows\System32\drivers" > c:\temp\hpwlandrivercopy.txt
c:\windows\sysnative\Pnputil.exe /add-driver ".\driver\*.inf" /install > c:\temp\hpwlandriverpnputil.txt
It’s a very simple script.. you could add some if’s to it, to make sure it only installs when it’s not yet installed, but for the demonstration, it will do.
Did you notice the Sysnative folder? I created a blog about this, some weeks ago. You will need to specify the full path to the c:\windows\sysnative\pnputil.exe file otherwise, the installation would fail.
Read the blog here:
Now we have everything we need, create an Intunewinapp package and upload it to Intune and if needed create a dynamic group to target only the required Hp device models.
Another option would be to mark the app as available so end-users could install the driver on their own when the time is right for them. Disturbing your end-users with a driver update could give you some negative feedback.
Let’s see it in action
3. PnPUnattend
This wonderful tool named, PnPUnattend could also be used to perform unattended driver installations. But besides installing drivers (Parameter /L), you could also use it to audit the system (Parameters /s /L) if those drivers match
Before we could install drivers with this tool we need to configure the DriverPaths. If we don’t configure this, the PnPUnattend.exe does not know where to fetch the drivers from.
Just like we did with PnPUntil, we could download all the drivers we need and extract them to a folder and combine it with a PowerShell script like below
$Drivers = "C:\install\Drivers"
New-Item -ItemType Directory -Force -Path C:\install\Drivers
Copy-Item -Path ".\drivers\*" -Destination "c:\install\drivers -Recurse
New-Item -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\UnattendSettings\PnPUnattend\DriverPaths" -Name 1 -Force
New-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\UnattendSettings\PnPUnattend\DriverPaths\1" -Name Path -Value $Drivers -Force
c:\windows\sysnative\pnpunattend.exe auditsystem /l
When you combine this PowerShell script with all those drivers in a nice Win32App Package, the PnPUnattend will loop through all the driver folders to search for all the INF files to install
4.Intune Windows update for business
At the moment of writing this blog, the only option you have now is using the Windows update ring. You could allow or block Windows drivers.
When using this option, the only option you have is to allow or block all driver installations from Windows update. You have totally no control over the timing of these driver installations.
For now, I am not recommending this solution when you want to make sure your drivers are being kept up to date
In the near future, a new service for driver and firmware deployment becomes available. It will give you the ability to control/approve and schedule the driver updates
Conclusion:
I hope the new Driver and firmware update service is GA soon so we can all start using it. When you only need to deploy 1 driver, maybe option 2 is the best one. Please make sure you are deploying the approved drivers. You don’t want a BSOD
