I have created a script to push updated versions of an application to devices where users manually installed the application due to "On Demand" deployment type.

Especially for security relevant updates (eg. Adobe Reader, Firefox, etc.) this is an important but missing function.

Here is the -> link <- to the script, posted it on code.vmware.com

Important: The application need to be in managed state in order that the API recognizes the application as “installed” on a device

How-To use this Script

1. Update the [Declarations] Section to match your environment

#------------------------[Declarations]--------------------------
# Workspace ONE UEM variables
$WorkspaceONEServer = "" # https://cnxxx.awmdm.com
$WorkspaceONEAdmin  = "" # APIAdmin
$WorkspaceONEAdminPW = "" # SuperSecretPW01*
$WorkspaceONEAPIKey = "" # your API Key
$WorkspaceONEOrganizationGroupName = "" # GroupIdName as used for device assignment
 
$URL = $WorkspaceONEServer + "/api"
# Base64 Encode Workspace ONE UEM Username and Password for API Access
$combined = $WorkspaceONEAdmin + ":" + $WorkspaceONEAdminPW
$encoding = [System.Text.Encoding]::ASCII.GetBytes($combined)
$cred = [Convert]::ToBase64String($encoding)
# Optional overwrite credential above by specify username:password and convert to base64 by using https://www.base64encode.org/
# $cred = "" #uncomment this line if you like to use base64 encoded string

2. While running this script you will be prompted 4 times

2.1 Select the current installed version to later identify our targeted devices

(Tipp: make use of the Filter)

2.2 Select the target version of the application, it will be filtered to match the BundleId of the source application and the list is sorted by latest AppVersion

2.3 Select one or more devices (eg. for testing before send the command to all devices)

2.4 Final confirmation that you want to initiate the PUSH INSTALL to your selected devices

Hope this is helpful for somebody out there.