Microsoft Intune is a Mobile Device/Applications Management solution, which is managed devices but also applications on Android, iOS, Mac OS and Windows devices. One of the functions is deploying an application to a device or user. MS Intune supports almost every (mobile) platform to push a store app or WIN32 application. It is just like System Center Configuration Manager. In this blogpost, I will talk more about how to add an app into MS Intune and deploy it to a device. More information about Mobile apps in MS Intune: https://docs.microsoft.com/en-us/intune/apps-add
MS Intune supports different types of apps, which are:
|Apps from the store (store apps)||Intune installs the app on the device.||App updates are automatic.|
|Apps written in-house (line-of-business)||Intune installs the app on the device (you supply the installation file).||You must update the app.|
|Apps that are built-in (built-in apps)||Intune installs the app on the device.||App updates are automatic.|
|Apps on the web (web link)||Intune creates a shortcut to the web app on the device home screen.||App updates are automatic.|
The specific type of apps:
|App Type||General Type|
|Android store apps||Store app|
|iOS store apps||Store app|
|Windows Phone 8.1 store apps||Store app|
|Microsoft store apps||Store app|
|Android for Work apps||Store app|
|Office 365 apps for Windows 10||Store app (Office 365)|
|Office 365 apps for macOS||Store app (Office 365)|
|Android line-of-business (LOB) apps||LOB app|
|iOS LOB apps||LOB app|
|Windows Phone LOB apps||LOB app|
|Windows LOB apps||LOB app|
|Built-in iOS app||Built-in app|
|Built-in Android app||Built-in app|
|Web apps||Web app|
An EXE installation isn’t supported in MS Intune, just only MSI. There is a workaround to deploy EXE via MS Intune. You have to use PowerShell scripts to deploy and install an EXE on a Windows device. There is an option to push a PowerShell script to a device with MS Intune. This workaround is not in this blog post.
Let’s begin with importing an app in MS Intune. We got Microsoft 365 license so we can deploy the full Office365 to a Windows 10 device.
Go to the MS Intune portal -> Mobile apps -> Apps. Click on the Add button.
App Type is Office 365 suite for Windows 10.
Click on Configure App Suite. You get more options. Select the one which you want to test. I choose only for OneDrive, Outlook, and Word. Click on the OK button.
Click on App Suite information. Give this deployment a name and some more information about the app. Click on the Ok button.
Click on App Suite Settings and choose your settings. I also added some languages. Click on OK and on the Add button to create the Office 365 deployment.
Click on Assignment to assign this deployment to the users. Click on the Add group button.
Assignment type is Required. This will push Office to the devices without an action from the user. Search for the group and click Select. Click on the Ok button (twice). Click on the save button. Now you have to wait for the deployment. Office 365 will be deployed to the users which are in the group that you have chosen for the assignment.
This is optional >> I want to test Outlook, but the test user hasn’t a mailbox yet. For this, you have the give the user Office365 license. Without this license, the user has limited of functionality and the user doesn’t have a mailbox. To give the user a license, you have to go to https://portal.office.com and log in with your admin credentials.
Click on the Admin app.
Go to Users -> Active users. You will get a list of all users which are in the Azure AD. Search for the user who has already have an enrolled device.
You get more options after clicking on the user. Click Edit next to Product licenses.
Turn on Office 365 Enterprise E5 license and click on the Save button. You are done and go back to the MS Intune portal. <<<
Go to your Windows 10 device and check if Office is installed. Open the start menu and search for Word or Outlook. Or just look at Recently Added, like mine.
You could also check the status in the MS Intune portal. You have to your app deployment and click on Device Install status. Here you can see on which computer Office is done with installation.
Go back to your Windows 10 device. Office is installed so we can open Outlook. Outlook is at first run, so you have to add the mailbox.
Enter here the email address of the logged in user. Click Connect.
Outlook will get the correct information from Exchange Online, so you don’t have to enter extra more information. Account setup is complete. Click on the OK button.
Click Microsoft Edge, we don’t need this. Go back to Outlook.
So, Outlook is configured and working. We can use this for testing the MAM policies, but this is for another blog post.
We can test also a LOB application, like 7zip for example. Follow these steps. Download the MSI file from the 7zip website. Go to MS Intune – > Mobile Apps -> Apps
Click on the Add button.
Choose Line-of-business app. Click on App Package file.
Browse to the MSI file and click on the Open button. Click on the Ok button.
Click on App information.
Enter the required fields with some information. Click on the OK button. Then Click on the Add button.
Click on the app, we need to assign this app to a group.
Make this assignment type required. You can make also the assignment available. The app will appear in the company portal available for installation. Required to push the application to the device without user’s action. Click Ok.
Click on the Save button. After a few minutes the application is installed on the device.
Check the status at Device install status.
The application is installed on the device. Now you can use the application.
In this blog post, we did a deployment with MS Intune to a Windows 10 device. We have installed Office and 7Zip. So, with few clicks, you can deploy an application to multiple devices if you want.
It is also an option to use Microsoft Windows Store for Business (WfSB) for deploying UWP apps. But, also for this, I will write a blog post about this feature in MS Intune later.