Microsoft Intune will permit us to manage devices and apps, it is a cloud-based service controlled by Microsoft Endpoint Manager admin center. For that it provides mobile device management (MDM) and mobile app management (MAM), and supervised by Azure Active Directory (AAD) where we can apply all kind of policies involving users, devices and applications and much more.
The first step we need to do is enter to the Endpoint admin center:
https://endpoint.microsoft.com/
This procedure will be valid for all executable (.exe) installers. Therefore I do not refer to other types of installers such as MSI or Microsoft Store applications, in these cases the detection of the installation is automatic, this is not the case for .exe files, as we have to prepare them to be compatible with Intune (IntuneWin).
https://github.com/Microsoft/Intune-Win32-App-Packaging-Tool
In a Windows System (Desktop or Server), we download IntuneWin tool to wrap the installer in order we can upload it to Intune.
For this case I’ll upgrade a Mozilla Firefox version. So I’ll download it in C:\tools\Firefox, the intuneWin tool in C:\tools as well.
cd /d c:\tools
IntuneWinAppUtil.exe -?
IntuneWinAppUtil.exe -c .\Firefox -s ".\Firefox\Firefox Setup 89.0.2.exe" -o .\Firefox
dir Firefox
07/05/2021 05:26 PM 55,526,992 Firefox Setup 89.0.2.exe
07/12/2021 05:38 PM 55,527,232 Firefox Setup 89.0.2.intunewinWe add a Windows App (Win32) from Endpoint Admin Center:
- Apps
- All Apps
- +Add
- All Apps
We upload the Intune application previously created.
Now, we can add our application with parameters, the installation will be in silent mode for system.
We configure the requirements, the minimum OS and its architecture, the rest are optional.
The next step is perhaps the most important one, ensuring compliance of the deployments detecting the installation. We can configure this rules manually or by scripting. The script must be simple, we need to find the app and return some string (+info). But the most of the applications writes in the registry, including Mozilla Firefox, so I’ll check the installed version there.
Lastly, we add a superseded application, that is needed to be replaced by version. In the case of Firefox, we don’t need to uninstall the previous versions, they are all upgradeable. But in other scenarios, different applications, we may need to uninstall previous versions first.
The application is filled and now we can deploy it to users or devices, ASAP or indicating a future date.
We review and create the application and the deployment monitoring will be accesible in Apps > Mozilla Firefox 89.0.2 (x64) > Device Install Status.
Links
https://docs.microsoft.com/en-us/mem/intune/fundamentals/what-is-intune
https://docs.microsoft.com/en-us/mem/intune/apps/apps-win32-app-management
https://firefox-source-docs.mozilla.org/browser/installer/windows/installer/FullConfig.htmlThe
