Let’s understand Intune Win32 App Deployment Challenges System32 Vs. Syswow64 from this post. Last year, I wrote a couple of posts on Intune win32-based app deployment (Part 1 and Part 2).
For both posts, many Intune admins shared their challenges. In this post, we will discuss the most common System32 Vs. Syswow64 challenges with app deployment (Intune Win32 App) and how to address them.
Related Posts – SCCM Package Vs. Application 32 Vs. 64 Context & Intune Win32 App Failure Log Collection Backend Secrets
Introduction
By default, Intune triggers installation in a 32-bit process context. Unlike SCCM, Intune doesn’t have of box option to start app installation in a 64-bit context.
There is a User Voice related to this issue. This post will discuss how we can trigger app installation from Intune in a 64-bit context.
System32 Vs. Syswow64
Let’s understand the difference between cmd exe inside system32 and syswow64 folder.
- SysWOW64
- Running windows\SysWOW64\cmd .exe will launch a 32-bit instance of CMD .exe
- Syswow64 registry hive is for 32-bit applications.
- Syswow64 folder uses a file system redirector.
- System32
- Running windows\System32\cmd .exe will launch a 64-bit instance of CMD .exe
- System32 directory is reserved for 64-bit applications on 64-bit Windows.
- System32 registry hive is for 64-bit applications.
SysWOW64 is for 32-bit. Do you think the naming of the folder is confusing… right?
More Details Intune Win32 App Deployment Challenges System32 Vs. Syswow64
Application packagers test the offline installation in the system context before uploading it to Intune. In this scenario, cmd .exe executes from location Windows\System32.
The installation process executes as 64-bit. This is the default behavior on 64-bit OS.
But the same application when Intune deploys installation process executed as 32-bit. cmd .exe execute from location Windows\SysWOW64\cmd .exe.
This is the default deployment behavior for Intune win32 apps. Since Intune uses a 32-bit process, you may experience different behavior in some areas.
For example, actions like registry import, etc. Registry gets imported to syswow64 hive instead of system32 hive.
How to force Intune to launch app installation in a 64-bit context?
We need to change the command line with the path to the command shell, as shown below example. This approach is flexible and easy to use to bypass file system redirection.
"%systemroot%\sysnative\cmd .exe" /c "Install.bat" 
End Result:
Now it’s time to compare the default and the modified Intune apps deployment behavior. I added the below WMI command to my Install batch file for analysis.
This WMI command will export all the process details at that run time to the text file. We can analyze text files to understand whether Intune command shell is executed in the 32- or 64-bit process.
You can add the below command to your install batch file for testing purposes only.
wmic process c:\windows\temp\ProcessList.txtDefault Intune application deployment behavior
Open the processlist.txt. You can find the installation command line from the SysWOW64 path.
You can see the application registry imported to SysWOW64 Hive
Modified Intune application deployment behavior
Check the modified Intune application deployment behavior.
C:\windows\system32\cmd .exe /c Install.bat Win32_Process cmd .exe C:\windows\SysWOW64\cmd .exe
C:\windows\sysnative\cmd .exe /c Install.bat Win32_ComputerSystem C:\windows\System32\cmd .exe You can now see that the installation command line gets changed to the “system32” path.
Note: In the text file, you need to check the column executable path and command line
Now you can see application registry values imported to System32 Hive (64 bit )
Thanks to Andres, Kanchana, and Nazrin for troubleshooting this issue. Happy Testing!
Please comment below on your Intunewin32 challenges and observations.
Resources
- SCCM Package Vs. Application 32 Vs. 64 Context
- Intune Win32 App Failure Log Collection Backend Secrets
- Intune Application Model Deployment Guide
Excellent.
This doesn’t seem to work for PowerShell. For example the file test.cmd containing “%SystemRoot%\Sysnative\WindowsPowerShell\v1.0\powershell.exe” generates the error “The system cannot find the path specified.” The fact that the Intune Management Extension always runs the 32-bit “%SystemRoot%\SysWOW64\WindowsPowerShell\v1.0\powershell.exe” is problematic.
The post at https://oofhours.com/2020/02/04/powershell-on-windows-10-arm64/ talks about how to do the same thing with PowerShell, and also points out why it doesn’t work on ARM64 devices.
And batch files, ick 🙂
In August 2021 I have not been able to get this working via an install.cmd batch file, it will just not find the sysnative path for some reason. I have found a work around though after days of pulling my hair out: Create a new win32 app, make sure both your reg file and your install.cmd is wrapped up in your intunewin package (see IntuneWinAppUtil.exe packaging guide if needed) – then set your Install command on the package as just install.bat or install.cmd, depending on what you’re using. Then in your batch file, use the following command: reg import regfile.reg /reg:64 – this works a charm, at least for me.
Please notice there is an errant space between cmd and .exe – Can you fix please?
For Powershell run as x64 in Intune, just use this command line, works for me:
%windir%\SysNative\WindowsPowershell\v1.0\PowerShell.exe -NoProfile -ExecutionPolicy ByPass -File .\MyScript.ps1