Let’s understand Intune Win32 App Deployment Challenges System32 Vs. Syswow64 from this post. Last year, I wrote several posts on Intune win32-based app deployment (Part 1 and Part 2).
Many Intune admins shared their challenges for both posts. This post will discuss the most common System32 vs. Syswow64 challenges with app deployment (Intune Win32 App) and how to address them.
By default, Intune triggers installation in a 32-bit process context. Unlike SCCM, Intune doesn’t have of box option to start app installation in a 64-bit context.
There is a User Voice related to this issue. This post will discuss how to trigger app installation from Intune in a 64-bit context.
Related Posts – SCCM Package Vs. Application 32 Vs. 64 Context & Intune Win32 App Failure Log Collection Backend Secrets
What are the Differences Between System32 and Syswow64?
Let’s understand the difference between cmd exe inside system32 and syswow64 folder.
SysWOW64
> Running windows\SysWOW64\cmd .exe will launch a 32-bit instance of CMD .exe
> The Syswow64 registry hive is for 32-bit applications.
> The Syswow64 folder uses a file system redirector.
System 32
> Running windows\System32\cmd .exe will launch a 64-bit instance of CMD .exe
> System32 directory is reserved for 64-bit applications on 64-bit Windows.
> System32 registry hive is for 64-bit applications.
SysWOW64 is for 32-bit. Do you think the naming of the folder is confusing… right?
More Details Intune Win32 App Deployment Challenges System32 Vs. Syswow64
Application packagers test the offline installation in the system context before uploading it to Intune. In this scenario, cmd .exe executes from the location Windows\System32.
The installation process executes as 64-bit. This is the default behavior on 64-bit OS.
But the same application when Intune deploys installation process executed as 32-bit. cmd .exe execute from location Windows\SysWOW64\cmd .exe.
This is the default deployment behavior for Intune win32 apps. Since Intune uses a 32-bit process, you may experience different behavior in some areas.
For example, actions like registry import, etc. Registry gets imported to syswow64 hive instead of system32 hive.
How to force Intune to launch app installation in a 64-bit context?
We need to change the command line to the path to the command shell, as shown in the example below. This approach is flexible and easy to use to bypass file system redirection.
"%systemroot%\sysnative\cmd .exe" /c "Install.bat"
End Result:
Now it’s time to compare the default and the modified Intune apps deployment behavior. I added the below WMI command to my Install batch file for analysis.
This WMI command will export all the process details at that run time to a text file. We can analyze text files to understand whether the Intune command shell is executed in a 32-or 64-bit process.
You can add the below command to your install batch file for testing purposes only.
wmic process c:\windows\temp\ProcessList.txt
Default Intune Application Deployment Behavior
Open the processlist.txt. You can find the installation command line from the SysWOW64 path.
You can see the application registry imported to SysWOW64 Hive
Modified Intune Application Deployment Behavior
Check the modified Intune application deployment behavior.
C:\windows\system32\cmd .exe /c Install.bat Win32_Process cmd .exe C:\windows\SysWOW64\cmd .exe
C:\windows\sysnative\cmd .exe /c Install.bat Win32_ComputerSystem C:\windows\System32\cmd .exe
You can now see that the installation command line gets changed to the “system32” path.
Note: In the text file, you need to check the column executable path and command line
Now you can see application registry values imported to System32 Hive (64 bit )
Thanks to Andres, Kanchana, and Nazrin for troubleshooting this issue. Happy Testing!
Please comment below on your Intunewin32 challenges and observations.
Resources
- SCCM Package Vs. Application 32 Vs. 64 Context
- Intune Win32 App Failure Log Collection Backend Secrets
- Intune Application Model Deployment Guide
We are on WhatsApp. To get the latest step-by-step guides and news updates, Join our Channel. Click here –HTMD WhatsApp.
Author
Vimal Das has more than 10 years of experience in SCCM device management solutions. His main focus is on Device Management technologies like Microsoft Intune, ConfigMgr (SCCM), OS Deployment, and Patch Management. He writes about SCCM, Windows 10, Microsoft Intune, and MDT.
Excellent.
This doesn’t seem to work for PowerShell. For example the file test.cmd containing “%SystemRoot%\Sysnative\WindowsPowerShell\v1.0\powershell.exe” generates the error “The system cannot find the path specified.” The fact that the Intune Management Extension always runs the 32-bit “%SystemRoot%\SysWOW64\WindowsPowerShell\v1.0\powershell.exe” is problematic.
The post at https://oofhours.com/2020/02/04/powershell-on-windows-10-arm64/ talks about how to do the same thing with PowerShell, and also points out why it doesn’t work on ARM64 devices.
And batch files, ick 🙂
In August 2021 I have not been able to get this working via an install.cmd batch file, it will just not find the sysnative path for some reason. I have found a work around though after days of pulling my hair out: Create a new win32 app, make sure both your reg file and your install.cmd is wrapped up in your intunewin package (see IntuneWinAppUtil.exe packaging guide if needed) – then set your Install command on the package as just install.bat or install.cmd, depending on what you’re using. Then in your batch file, use the following command: reg import regfile.reg /reg:64 – this works a charm, at least for me.
Please notice there is an errant space between cmd and .exe – Can you fix please?
For Powershell run as x64 in Intune, just use this command line, works for me:
%windir%\SysNative\WindowsPowershell\v1.0\PowerShell.exe -NoProfile -ExecutionPolicy ByPass -File .\MyScript.ps1
This also worked for me. Thanks a lot.
Just to confirm what would that look like after its added?
To ensure my app installation work on any device regardless of the OS architecture installed, I use a cmd file which checks if sysnative exists, launch the x64 cmd or powershell, then retrieve the exit code so Intune knows if it succeeded or not.
Example:
IF EXIST “%WINDIR%\Sysnative\” (
“%WINDIR%\Sysnative\WindowsPowerShell\v1.0\powershell.exe” -executionpolicy bypass -command “&{&’%~dp0Install-M365Apps.ps1′; exit $LASTEXITCODE}”
) ELSE (
“%WINDIR%\System32\WindowsPowerShell\v1.0\powershell.exe” -executionpolicy bypass -command “&{&’%~dp0Install-M365Apps.ps1′; exit $LASTEXITCODE}”
)
exit /B %ERRORLEVEL%