In this post, We’ll learn the best way to Install the Chocolatey Application using Microsoft Intune on Windows 11 and 10 workstations. The end user will not be interrupted while you deploy it from the back end. Chocolatey is an open-source package manager for Windows. It builds on top of existing technologies like PowerShell and NuGet. Chocolatey operates via the command-line interface (CLI), which makes it easy to automate software installation and management.
We will use the Win32 Content Prep Tool to convert application installation files into the .intunewin format, which will be used to create an installer for deploying Chocolatey in Intune. You can easily repackage apps using Intune win32 packaging without prior packaging skills. It’s as simple as zipping a folder.
When it comes to deploying applications, Win32 application deployment is a versatile option that caters to both 32-bit and 64-bit applications. With the ability to deploy x86 and x64-bit applications, the Intune Win32 App deployment is a powerful tool allowing seamless application deployment across various systems and architectures.
Whether you’re deploying a 32-bit or 64-bit application, this deployment method provides an efficient and effective way to ensure your software is installed and running smoothly across all your devices.

What is Chocolatey Application?
As I explained above, Chocolatey is an open-source package manager for Windows. It builds on top of existing technologies like PowerShell and NuGet. Chocolatey operates via the command-line interface (CLI), making it easy to automate software installation and management without user interaction. If you haven’t used Chocolatey before, check out their documentation. It’s easy to learn.!
You probably deploy a ton of software on many machines using a package. You may wonder why we need Chocolatey for package installation when SCCM and Intune are effective on Windows machines. People use Chocolatey because it is an open-source package manager. Also, it’s a command-line interface. Like many other DevOps tools, Chocolatey is also used to automate repetitive tasks on Windows servers and workstations.
Chocolatey is a powerful package management tool that simplifies installing and managing software packages. Software developers extensively use it as it provides an easy-to-use interface for managing a wide range of packages with just a single command. With Chocolatey, developers can automate the package management process and save significant time and effort. The Chocolatey packages are available on Chocolatey.org.
Prepare Win32 App Installation Source for Intune
We need a Win32 application source of Chocolatey to be created to install it on the devices. You can download the Win32 app packaging tool from GitHub that converts the application installation files into the .intunewin format.
We will go through a step-by-step guide for installing and configuring the tool. Please follow the instructions below.
- Download the Win32 app packaging tool from GitHub
- You can create a directory on your computer by making a folder.
- Copy the Win32 app packaging tool outside of the installation source folder.

The Chocolatey installation file is a PowerShell script. Create the script with the name InstallChoco.ps1 and save it in the folder you created on your computer.
#Powershell Script to install the Chocolatey 
Set-ExecutionPolicy Bypass -Scope Process -Force
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072
 iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))
Execute the Win32 app packaging tool (intuneWinAppUtil.exe). The tool will prompt for source and output folders and the setup file, which in this case is InstallChoco.ps1.

It will create the wrapped File with the extension “Intunewin”. InstallChoco.intunewin file is compressed and encrypted with a SHA256 hash.

How to Create and Deploy Chocolatey Application in Intune
Please follow the instructions below for the Windows app (Win32) using Intune. The Intunewin file you created above will be used here to create the app.
- Sign in to the Microsoft Intune admin center https://intune.microsoft.com/.
- Select Apps > All Apps> Add, or you can navigate to Apps > Windows > Windows Apps.
- Select Windows app (Win32) under the Other app types and click Select on the Select app type panel.

Click the Select App package file button in the Add App wizard, then browse for the previously created intunewin File using the Win32 app packaging tool.

Update the app information such as Name, Description, Publisher, Category, Logo, etc. and click Next

On the next page, add the commands to Install and Uninstall. Choose System or User for Install behaviour, and specify Device restart and Post-installation behaviour. Click Next to continue.
| Install Command | Uninstall Command | 
|---|---|
| powershell.exe -executionpolicy bypass .\InstallChoco.ps1 | powershell.exe -executionpolicy bypass .\UnInstallChoco.ps1 | 

You can set mandatory device requirements on the Requirements page before updating.
- Operating system architecture: Choose the architectures needed to install the app.
- Minimum operating system: Select the minimum operating system needed to install the app.
When creating a Win32 application, you can choose from built-in and custom requirement rules. Explore Intune Win32 App Requirement Rules.

You can configure the Detection rule on the following page. Select Manually configure detection rule.

Select any one of the below detection rule types:
| Rule Type | Description | 
|---|---|
| MSI | This detection rule detects the application installation based on the MSI product key or version check | 
| File | This detection rule detects the application installation based on the MSI product key or version check. | 
| Registry | This registry-based win32 app detection rule verifies the application’s existence based on the Windows registry key, value existence, string, Integer or version comparison. | 
I will use the File as a Rule type and the File or folder as a Detection method in this example. The Path is C:\ProgramData\ and the File or folder is Chocolatey.

Click Next, and you’ll be prompted to configure Dependencies and the Supersedence. I’m not configuring it in this example. Add the Scope tags if you wish and click Next to assign the policy to computers. I’ll make the deployment as Required and deploy it to the HTMD Test Group.

You will find the Summary on the last page. Make sure to review the settings carefully before clicking Create.
Monitor Deployment from the Intune Portal
The Chocolatey application has been deployed to the HTMD Test Group. The installation should take place as soon as possible on the client device Since it’s deployed in Required mode. The installation status can be monitored from the Intune portal.
- Select Apps > All Apps and enter the name of the application in the search bar.

- The Intune portal displays the recently created application. Select the desired application and click Overview. You can view a detailed report of recent App deployments, including information on whether the app is Installed, Not Installed, Failed, Install Pending or Not Applicable, as below.

Monitor Deployment from the Client Side
The app will be automatically installed after deploying the Chocolatey package to workstations since it was marked as a required deployment. You may wonder how to monitor the deployment from the client side.
There are multiple ways to monitor the deployment. Vimal Das explained all the possible ways to monitor a Win32 Application in his blog post. The Intune management extension is the client-side tool for managing MDM Intune Win 32 app deployment. The IntuneManagementExtension.log file can be located in C:\ProgramData\Microsoft\IntuneManagementExtension\Logs. IntuneManagementExtension.log will help you track the Intune Management extension component events.

Open the Company Portal on the workstation and navigate to Download & Updates. The Chocolatey should be visible as installed.

You can also use the choco commands to check if Chocolatey is installed on your workstation. Open the command prompt or PowerShell as an administrator and run ‘choco --version' to check the installed version of Chocolatey.
Thank you for th patience in reading this post. See you in the next post. Keep supporting the HTMD Community.
Author
About Author – Sujin Nelladath has over ten years of experience in SCCM device management and Automation solutions. He writes and shares his experiences with Microsoft device management technologies, Azure, and PowerShell automation.
 
