do I really need to install .NET 4.8 on all my servers?
I saw in the changelog that PDQ Inventory now requires .NET 4.8. I had no idea that it would require it on the client! _None_ of my servers have .NET 4.8 installed and I like it that they don't have the latest version that Microsoft is still messing with. Also, I don't think I _can_ install it on my server with Exchange Server 2010 installed (I could be wrong about that).
I'm also not a fan of having to install additional software on my Hyper-V servers.
Is there any way around that requirement or can I just reinstall the previous version of PDQ Inventory over the top of the newer one to downgrade? Will the older version of Inventory work with the latest version of Deploy? If I need to restore to a previous backup of my PDQ server, I can do that, but I need to do it right away so I don't lose any data.
Thanks,
Mike
Comments
This is so not cool. Sticking with the old version until this is changed. We do not install .NET unless required by the app administrator. This is to reduce the update window by reducing the patches needed as well as reduce the attack surface area and probability of a vulnerability.
In the future, if PDQ decides to required software installed on the clients, maybe they should go with a full blown agent and give the customer options in the settings to use agent-less or agent based scans.
This current move is unfortunately a strike against PDQ within a high security minded organization.
Well this will stop us upgrading, we have several vendor supplied systems with well over 1000 endpoints running them, that are unsupported past 4.7.2. So we are locked with that version for now. Over 5500 endpoints as a whole not on 4.8
Same issue here, some servers can't be upgraded to .NET 4.8 that we know of and the rest will have to evaluated individually to make sure the apps they are running are compatible with 4.8. So we're stuck on 19.0.40.0 for the foreseeable future. :-(
Hi Mike:
Due to PDQ Inventory I have upgraded to .NET 4.8 in all my Hyper-V servers (having a backup replica ready just in case...), no problems so far.
My servers:
- Exchange server 2016
- SQL Server 2008 R2
- Domain controllers
- FileServer
- PrintServer
- Fortigate Authentication server
- Antivirus Server (TrendMicro OfficeScan)
- Image Server
- WSUS Server
Yea this is a bit of a problem for me as well, I use PDQ exclusively for server management and I can't just install .net 4.8 on it without doing a slow roll out, and making sure nothing breaks. I still have a couple of 2008 SP2 servers lingering around too so I just wont be able to use those servers at all with PDQ if 4.8 is a requirement. I'll stick with the older version I have for now but eventually I will have to upgrade it, it would be amazing if somehow 4.5.2 could still be used but if there is some underlying reason why that won't work its understandable.
Agree with the above. We have security requirements that we have to meet, which includes running LTSB on certain workstations. Older versions of LTSB do not support .net 4.8, and upgrading to LTSC is not free. This puts us in a tough situation having to consider dropping PDQ for something else.
Good news! It looks like the current Beta dropped the requirement down to 4.6.1! https://services.pdq.tools/function/update-info/changelog/Beta
https://www.pdq.com/downloads/
We also cannot update PDQ for 1-2 years now because of .net 4.8. We've got legacy apps that are used on most of our machines which will break with a new version of .net.
Super bummed and long term this will be a deal breaker for us when license renewal comes up in January.
"It's not you, it's me"
Oof. This 4.8 thing is a real downer. PDQ now went from my favorite utility to probably not gonna renew it
.net 4.8 for all servers is not possible!
No one will install this only for a inventory task, even if the aplications at the servers don't need 4.8.
@PDQ - are there plans for future version to enable again scanning with the old .net?
I allways was burning for new versions and new ideas (like PDQ Agent) you added to inventory.
Sorry, but now it gets more and more disappointing...
Still not great news. We will not be installing .net across the board. Period. It's not necessary and it increases patching time and surface attack area.
it's always required some version of .NET? At least 4.5.1 i believe originally. Im happy if this is true and it's dropped back down to 4.6.1
This is inaccurate from my experience. To clarify, I am speaking about the requirement on the clients that are being scanned - not the scanner host. Inventory 19.0.40.0 and previous did not required the endpoints to have .net installed. We have successfully scanned all of our endpoints with or without .net being present.
I noticed yesterday the latest beta only requires 4.6.1, that will really help us out. I thought .NET was required on any clients you want to scan. It even says this under settings for .NET Installation. We are running 19.0.40.0.
I think you might be getting confused here. Endpoints always required. NET. Windows 10 by default includes .NET 4. Its just now PDQ requires a version that's not the default WIN 10 install.
>I like it that they don't have the latest version that Microsoft is still messing with.
.NET 4.8 has been out for over a year. As far as I'm aware, it's completely stable.
>Is there any way around that requirement
No, .NET 4.8 is required if you want to scan computers with version 19.1.96.0 or later.
>can I just reinstall the previous version of PDQ Inventory over the top of the newer one to downgrade?
Close. Uninstall the current version, then reinstall the previous version. The uninstallation process does not touch your database.
>Will the older version of Inventory work with the latest version of Deploy?
Possibly, but we only test Deploy and Inventory with matching versions, so your mileage may vary. I highly recommend keeping them on the same version.
PDQ Inventory automatically installs .NET if the machine is missing it, at least that's the default setting, it can be turned off. Found under Options=>Preferences=>.NET Installation.
I thought it was required even for endpoints.
I can confirm Jason Metzgers description.
If you look at PDQs System Requirements at "Target Machine" it clearly mentions: ".NET Framework 4.8 or higher (can be remotely installed via PDQ Inventory)".
It was not required to have .NET installed on target machines before.
I also fully agree - you don't want to have .NET installed on all endpoints regarding patching time and surface attack area and do not believe that any company taking security serious will do this. At least, I'm counting myself in: it won't happen - though PDQ would truely be missed, as I really love a lot about it.
If it helps anyone to do the same, I have 1 server hosting the latest version of PDQ (because of 4.8 requirement) and another server hosting the most recent version before this requirement. slightly inconvenient but works fine with no complaints.
Correct, since system requirements changed back to 4.6.1, it's working.