In the past i am able to install user-based installation successfully on Intune environment with execute-processasuser but recently i am not sure why it stopped working, installation happening with exit code 0 but no shortcut or files are getting installed on machine, anyone observed this? its working fine using SCCM but on Intune it is not.
What version of PSADT are you using?
Do you mean Execute-ProcessAsUser or Start-ADTProcessAsUser
We are still using old template so its execute-processasuser 3.9
Eg previous package with same code for Bruno working latest source not working… slack also giving issues where its previous version working fine i am confused why its happening
The way the old toolkit does things simply isn’t acceptable in this day and age. Next week when 4.1.0 release candidate 1 is released, please move onto it.
Yes we can move on latest but still trying to find a reason why it stopped working… is thr any changes made to Intune? Not sure abt it
I’m not too sure to be honest, but it’s powered by vbs and scheduled tasks to perform the impersonation which are things EDR platforms light up like a Christmas tree about
in ver 4.0 , start-adtprocessasuser function doesnt work bec the function doesnt recognize the argments passed to the app exe. this is a bug which wil get fixed in 4.1
i had used an older ver of pasdt for this , and execute-processasuser was working manually over system context. i am yet to test it over Intune.
which option u chose in Intune ? User or system ?
System we have few apps in prod with same logic but works fine
For any deployment that’s purely user-based, deploy the app with the user scope, not the system scope.
It worked previously i just added registry key system specific as detection method… yes will make it user deployment….
the “user” option in both intune and sccm uses the loggedin user privileges to install. so if the package makes any changes to program files , hkcr , hklm etc etc , then u cant choose User option bec install will throw error.
the “user” option is purely and purely for packages that only makes changes to appdata or hkcu.
Yup, that’s why I specifically said “For any deployment that’s purely user-based, …” 
Guys we are using same logic since last 4 years and working fine i am just curious if something is changed to intune that causing this… i can get it work by changing it to user specific but just wanted to know why it stopped working
Not that I’m aware of. As mentioned above, v3 did a number of terrible things and the setup around Execute-ProcessAsUser was one of them. If it’s not working anymore out of the blue, it’s highly likely due to Defender or your EDR picking it up as malicious.