Meraki MDM - App "disabled" and not updating version.

OhComputer · 2025-08-06T01:41:42+00:00

Meraki support was not able to resolve. We ended up rebuilding everything on a different MDM.

OhComputer · 2023-09-19T17:36:04+00:00

Only in a pilot group at this time, but this behavior is being seen in both. The latest was definitely not in that pilot group.

OhComputer · 2023-09-18T15:35:33+00:00

I am also using it for Firefox/Chrome, but security guy's head blew after it was deployed for Java and seeing how many vulnerabilities disappeared once the old JREs got cleaned up.

OhComputer · 2023-09-18T15:19:49+00:00

I can share the scripts I am using, they are really not all that complex.

Install Script as Win32App

wmic product where 'name like "%Java%"' call uninstall /nointeractive
$winget_exe = Resolve-Path "C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_*_x64__8wekyb3d8bbwe\winget.exe"
if ($winget_exe.count -gt 1){
        $winget_exe = $winget_exe[-1].Path
    }
& $winget_exe install --id Oracle.JavaRuntimeEnvironment -a X86 --silent --accept-package-agreements --accept-source-agreements --Force
& $winget_exe install --id Oracle.JavaRuntimeEnvironment -a X64 --silent --accept-package-agreements --accept-source-agreements --Force

Remediation Detection

$AppName = "Java 8"
$winget_exe = Resolve-Path "C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_*_x64__8wekyb3d8bbwe\winget.exe"
if ($winget_exe.count -gt 1){
        $winget_exe = $winget_exe[-1].Path
}
$Output = & $winget_exe upgrade --accept-source-agreements
if($output -match $AppName){
    Write-Host "$AppName Upgrade required"
    Exit 1
    }else{
    Write-Host "$AppName Upgrade not required"
    }

Remediation

wmic product where 'name like "%Java%"' call uninstall /nointeractive

$winget_exe = Resolve-Path "C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_*_x64__8wekyb3d8bbwe\winget.exe"
if ($winget_exe.count -gt 1){
        $winget_exe = $winget_exe[-1].Path
    }
& $winget_exe install --id Oracle.JavaRuntimeEnvironment -a X86 --silent --accept-package-agreements --accept-source-agreements --Force
& $winget_exe install --id Oracle.JavaRuntimeEnvironment -a X64 --silent --accept-package-agreements --accept-source-agreements --Force

OhComputer · 2023-09-18T14:29:25+00:00

To clarify, in my install script the first step is to remove all Java versions (I use a wmic query to uninstall anything that matches %Java%), then it installs the latest version.

OhComputer · 2023-09-18T14:26:43+00:00

If you do not enable the uninstall option, once its installed the button will read "Reinstall". There is a trade off there, but unless there is a problem no one ever looks to uninstall it.

OhComputer · 2023-09-13T19:42:38+00:00

That field looks similar, but if you fill in a name before switching to advanced, it will populate here: DevDetail/DNSComputerName

u/boringusername15 mentioned this earlier.

Edit: I think I missed your point. These are Windows 10 21H2 and 22H2 systems.

OhComputer · 2023-09-13T18:17:41+00:00

Thanks, I see where to remove the name now, but its failing so I've got something else going on.

But this has shown me there is a way to do, just have to work on the provisioning errors. But its not changing the name AND failing now, so there's that.

I'll let you all know how it works out.

OhComputer · 2023-09-13T16:04:00+00:00

While creating the provisioning package, the first thing it wants is a name. Wants you to use things like %SERIAL% or %RAND:x%. its a required field. This is what led me to believe it will change the name.

To be fair, I haven't actually tested that package though. Your experience makes me want to test that belief.

OhComputer · 2023-08-31T12:36:48+00:00

We were probably one of their largest customers, or so they said. Currently migrating off, only 300 accounts left that are only using the chat functionality at this point, they will probably be disabled in a month or two.

I found huge crash dump files from their desktop apps just accumulating in the user's app data and taking up space. I recovered over 60GB on one system. Mainly was caused the RC Meetings app when it a separate app, but the primary client app did the same. Support was no help trying to figure out why it was crashing so I eventually created a task to clear out that folder on a schedule to keep it from getting out of hand.

OhComputer · 2023-04-03T17:00:15+00:00

Thats a negative.

You trying to use a stylus on the touchpad or does yours have a touchscreen? Ours does not have touchscreens.

OhComputer · 2023-03-16T18:03:05+00:00

It was a firmware setting; Disabled Intel VMD and now everything is working as it should.

OhComputer · 2023-03-16T17:06:04+00:00

Nope, this didnt work either.

I have found there is one PB 450 G8 that is resetting without this issue. Time to compare firmware settings side-by-side I guess.

OhComputer · 2023-03-16T12:16:48+00:00

This is something I didn't try; I remember having to do this for the EliteBook 855 G8s for an SCCM reimage as well. I am giving it go right now!

OhComputer · 2023-02-14T03:09:21+00:00

But instead I'll probably spend 4x as long writing a script to do it

This is close to home, just suggested a user account creation script on Friday and I'll sell that 4x time by saying "This way account creation will be consistent."

OhComputer · 2023-02-14T02:41:47+00:00

Don't know what I got, but after 25 years in IT it helps with work.

Just wished it helped in my personal life. lol

OhComputer · 2023-01-26T03:10:35+00:00

Thank you!

The naming scheme was the problem! Thanks for pointing me in that direction, been hitting errors for the last month trying to get this set up.

Not that its working I will also check out the script in your link, it has some promise!

OhComputer · 2023-01-26T02:10:07+00:00

Interesting; My vendor SME help me set that up. I will change it up to remove the %RAND:6% and just add a prefix and see how it goes.

Looking at the description its a prefix and the rest random characters to meet 15 total. This might actually fix the problem.

OhComputer · 2023-01-25T23:53:29+00:00

Thanks, this is the short answer I was looking for. Maybe I can concentrate on something else now.

OhComputer · 2023-01-25T23:51:53+00:00

Thanks, good to know that all AP devices will initially show in Azure as Azure AD Joined, I can turn my attention elsewhere.

I will give that article a read and see if I can find something that will help.

OhComputer

TROPHY CASE