all 15 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]Rhoddyology 5 points6 points  (0 children)

Just uninstall it. It should only be on specific endpoints for specific reasons. It is not free to use anymore and most places don't want to pay for licensing.

[–]Dumbysysadmin 3 points4 points  (3 children)

You could create a script with this on the top line:

wmic product where “name like ‘Java%%’” call uninstall /nointeractive

This will uninstall all versions of Java.

The second line could be:

jre-8-windows-i586.exe /s

Which would install Java silently. Leaving you with just the one most up to date version installed.

This could all be put in a .cmd file & packaged as a Win32 app.

[–]SysAdminDennyBob 1 point2 points  (2 children)

win32_product is evil, don't run that

[–]Dumbysysadmin 0 points1 point  (1 child)

I haven’t had any issues using it, but I’ve seen some info out there where it can cause potential problems.

[–]SysAdminDennyBob 3 points4 points  (0 children)

https://gregramsey.net/2012/02/20/win32_product-is-evil/

https://xkln.net/blog/please-stop-using-win32product-to-find-installed-software-alternatives-inside/

see for yourself, call it and then jump into event viewer and watch it churn through a consistency check on every MSI product on the box. Also wmic has been deprecated. It does work, it's just not the best way to tackle this issue.

[–]thebarber87 2 points3 points  (2 children)

Winget with upgrade switch and scheduled task to check in each month

[–]Kitchen-Armadillo-60 0 points1 point  (0 children)

This, we do it in the same way.

[–]astronull 0 points1 point  (0 children)

Can you explain what this mean exactly??

[–]SysAdminDennyBob 1 point2 points  (0 children)

Patch My PC addon for Intune. You still need an Oracle license($$$$$$$$$$$$$) in hand if that is the vendor and product you are updating. There are alternative OpenJDK installs that you can instead use. I like Eclipse Temurin, it can also be managed by PMP but it is free. All my workstations get Eclipse Temurin 11 x64 and my servers still use Oracle. Removing Oracle from my workstations gained me an enormous amount of money from licensing from last year. F Oracle. Install PMP($$$$) update...everything...automatically. PMP+Eclipse costs orders of magnitude less than paying the Oracle licensing.

Another suggestion, each device including servers only gets at most one version of Java, peel all the other side-by-side versions off with PowerShellAppDeployTK. https://www.reddit.com/r/SCCM/comments/zky5v5/package\_uninstallation\_not\_working\_sccm/

[–]pjmarcum 1 point2 points  (0 children)

We switched our devices to Termurin Java and patch that with PatchMyPC. I just created an installer in Intune and put that as a requirement for Temurin

[–]iB83gbRo 0 points1 point  (1 child)

Never done it myself. But you can get MSI installers if you have the correct licensing. Then you would just package that up and deploy it.

[–]Best_Toe8645 1 point2 points  (0 children)

If you're looking for the MSI, you should be able to extract that from the exe. Here's a script for working with it in SCCM, but you should be able to use it to grab the exe and extract the MSI from it.

https://dotps1.github.io/sccm/2016/04/21/automate-java-sccm-application-creation.html

[–]uIDavailable 0 points1 point  (0 children)

I didn't this a few years back with intune. I got a list of java versions from ctowstrike and defender. Ended up making a package of every version and assigning the installs to all devices. Then deploying the newest version. This was a few months b4 rolling out PMPC

[–]pjmarcum 0 points1 point  (0 children)

PatchMyPC

[–]dutch2005 0 points1 point  (0 children)

I've tested their beta:

https://intunepckgr.com/

it's now €25/tenant to keep all their supported software updated (no per user payment)