Deploying Third Party Applications using Intune

Microsoft Intune is a cloud-based endpoint management solution that allows IT administrators to manage devices, apps, and policies securely. Deploying third-party applications using Intune involves a few structured steps to ensure efficient distribution, compliance, and management. Here’s a guide on how to achieve this:

1. Prepare the Application Package

• Check Format: Third-party applications must be in a supported format such as .msi, .exe, .intunewin, or available via the Microsoft Store for Business.
• Convert to IntuneWin Format:
  • If the app is an .exe or custom app, use the Microsoft Win32 Content Prep Tool to convert it into an .intunewin package.
• Ensure Silent Installation:
  • Configure the installer to support silent or unattended installation using appropriate switches (e.g., /quiet, /silent).

2. Add the Application to Intune

• Log in to the Microsoft Intune Admin Center.
• Navigate to Apps > All Apps.
• Click + Add and choose the appropriate app type:
• For MSI or Win32 apps: Choose Windows app (Win32).
• For Store apps: Choose Microsoft Store app.
• Follow the wizard to upload your app package.

3. Configure Application Information

• Basic Details: Enter the app name, publisher, and category.
• Logo (optional): Upload an icon for easier identification in the Company Portal.
• Requirements:
  • Specify the operating system architecture (x86, x64).
  • Define OS versions or other requirements if applicable.
• Detection Rules:
  • Define how Intune should detect whether the app is already installed (e.g., registry key, file existence).

4. Define Deployment Behavior

Assignments: Specify the groups of users or devices to receive the app:

• Required: Automatically installs the app on assigned devices.
• Available: Makes the app available for self-service installation through the Company Portal.
• Uninstall: Removes the app from the devices in the group.
• Dependencies (if applicable): Ensure pre-requisite apps are installed before deploying the main app.
• Supersedence (if applicable): Replace an older version of the app with a new one.

5. Monitor Deployment

• Navigate to Apps > Monitor in the Intune Admin Center.
• Check installation status, errors, and overall compliance.
• Resolve any errors (e.g., dependency issues, incorrect silent install commands).

6. Use Third-Party Integration Tools (Optional)

For bulk or frequent deployment of third-party updates, consider integration with tools like:

• Patch My PC: Integrates with Intune to automate third-party patching.
• WUfB (Windows Update for Business): Manages Microsoft and third-party updates if supported.
• Chocolatey: A package manager for Windows that can be configured with Intune.

Best Practices

Testing: Always test application deployment on a small group of devices before rolling it out broadly.

Security: Ensure apps come from trusted sources and are scanned for vulnerabilities.

Compliance Policies: Align app deployment with your organization’s compliance requirements.

Documentation: Maintain a record of app configurations, deployment scopes, and troubleshooting steps.

Steps

Step 1: Convert Application to .intunewin Format

• Download the Win32 Content Prep Tool
• Convert the App:
• Run the tool on the target .exe or .msi file.
• Command example: IntuneWinAppUtil -c <source-folder> -o <output-folder> -a <app-name>.exe.

Step 2: Upload App in Intune

• Log in to the Microsoft Intune Admin Center:
• URL: [Microsoft Intune Admin Center] (https://endpoint.microsoft.com/).
• Navigate to Apps > All Apps:
• Click + Add and select Windows app (Win32):

Step 3: Configure App Information

Enter details such as:

• App Name, Publisher, Description, and Category.
• Upload the .intunewin file:

Step 4: Specify App Requirements

Define:

• Operating System Architecture: x86 or x64.
• Minimum Operating System.

Step 5: Define Detection Rules

Choose a detection method:

• File/Folder: Specify a path and file.
• Registry: Specify a registry key and value.

Step 6: Assign the Application

Configure assignments:

• Required, Available for enrolled devices, or uninstall.

Step 7: Monitor Deployment

• Navigate to Apps > Monitor:
  • View deployment status (Success, In Progress, Failed).

Optional: Use Patch My PC or Chocolatey

• Patch My PC: Automates third-party app deployment.
• Chocolatey: Manages packages via Intune scripts.

About CloudThat