Intune Beginners Guide to Deploy MSI Application

I guess is that application deployment is a most used feature in SCCM. Microsoft states that MSI is old technology and it can’t have modern world innovations. MSI is a decade old installer package file format used by Windows. In this post, you will see how to deploy MSI application from Intune.

Update – New method to deploy MSI and EXE application with Intune is explained in the following post – Intune Win32 app deployment step step guide.

The fact is most of the organizations use the MSI application to deploy their LOB apps. Moreover, most of the vendors still use MSI technology for their products. MSIX is the next generation of packaging technology that Microsoft is betting on. Hope we will see more adoption to MSIX technology from vendors.

Patch My PC


  1. Video Tutorial – Intune Beginners Guide to Deploy MSI Application
  2. Step by Step Guide to Deploy MSI Application from Intune
  3. Status/Monitoring – Intune MSI Application Deployment
  4. Intune Application Deployment – End User Experience of Co-Managed Windows 10 Device

Video Tutorial – Intune Beginners Guide to Deploy MSI Application

Watch this video on YouTube.

Step by Step Guide to Deploy MSI Application from Intune

Following steps are also explained in the video tutorial How to deploy MSI Application from Intune.

NOTE! – Do not include the “msiexec” command or arguments, such as /i or /x, as they are automatically used. For more information, see Command-Line Options. If the .MSI file needs additional command-line options consider using Win32 app management.

Update – More details about command-line troubleshooting | Issues

1E Nomad
  1. Login to Azure portal
  2. Navigate via Microsoft Intune – Mobile Apps – Apps
  3. Click on +Add to add new Intune application for SCCM client installation
  4. Select Line-of-Business app – App Type drop-down menu from Add app blade
  5. Click on App Package File to upload SCCM client <Application_Name>.MSI file to Intune
  6. On the App package file blade checkout the following settings Name: <Any Application Name>
    Platform: Windows
    App version: <Version Number>
    Size: Size in MegaBytes or GigaBytes 
    MAM Enabled: No
    Execution Context: Per-Machine/Per-User/Both (depending on the MSI package)
  7. Click on OK button on App Package file blade
  8. Click on App Information option from Add App blade                                                         Intune Application Information Details 
  9. Fill the following information details in App Information blade Name:- Any useful Application name is fine (Remember this name will appear in Company Portal)
    Description:- Any useful description is fine
    Publisher:- Name of the Publisher
    Ignore App Version:- No or Yes (Depending on the requirement)
    Category: Select a category which suits the application
    Display this as a featured app in the Company Portal – NO/YES
    Information URL:- Optional (I kept it blank)
    Privacy URL:- Optional (I kept it blank)
    Command-line Argument:- <Command Line explained below Try app.msi /? command to find out the options>
    Developer:- Optional (I kept it blank)
    Owner:- Optional (I kept it blank)
    Notes:- Optional (I kept it blank)
    Logo:- Optional (I kept it blank)
  10. Click OK, and Click Add to start the upload the <Application>.msi to Intune. This upload is going to take 10 minutes to complete. Wait for the following message to go away 😉 Your app is not ready yet. Check back again soon                                                     Intune MSI Application Deployment – Assignment Options
  11. Click on Add Group button on Assignment tab of the mobile application which you created.
  12. Select groups where you want to assign this app from Add Group blade. There are 3 (three) Assignment types – Select one assignment type.   You can deploy MSI application to some group of devices or users as REQUIRED or Available app.   The MSI application is per machine then it will get installed on machine context.   Available for Enrolled Devices Required Uninstall  
  13. Select Available for Enrolled Devices or Required
  14. Click on Included groups from Add Group blade
  15. Select the groups where you want to make this app required or available  from Assign blade Select the following option if you’re going to deploy the application to all users –                           All users –  Make this app available to all users with enrolled devices
  16. Click on Select Groups to select a Group for required assignment from Assign blade
  17. Search the Device/user Group in the search option in Select Groups blade and select the DEVICE/USER group which you want to deploy
  18. Click Select to save and close the Select Groups blade
  19. Click OK to save and close Assign blade
  20. Click OK to save and close Add Group blade
  21. Click SAVE to save Assignment blade

Status/Monitoring – Intune MSI Application Deployment 

You can check the state of the deployed application in two places. I would personally prefer to check “App Install Status” (option#2) to get the status of the MSI application deployment.

Option 1:-

  1. Navigate via Microsoft Intune – Mobile Apps – Apps
  2. Click on the Application which you want to know the status
  3. From the application blade (the blade will be in application name), click on either User install status or Device install status to get the status of the application installation

Option 2:-

  1. Navigate via Microsoft Intune – Mobile Apps
  2. Click on App Install Status and select the application which you want to know the status of the application
  3. From the application blade (the blade will be in application name), click on Overview button to get a graphical view of MSI application deployment status
MSI Application Deployment

Intune Application Deployment – End User Experience of Co-Managed Windows 10 Device

This is the behaviour if you don’t configure Application deployment workload to Intune in Co-management configuration wizard. The option to offload co management workload to Intune is available only for SCCM 1806 (TP) or later.

Watch this video on YouTube.

Troubleshooting Hints:-

I’ve a troubleshooting section in my previous blog post here. I would recommend reading that for more troubleshooting details.

I had an another experience while testing this application deployment with a virtual machine. Initially I created application deployment as REQUIRED and it got failed during the enrollment status page. After some research I found there are other people also facing the similar issue.

The requested URL does not exist on the server (0x80190194)

I changed the assignment type to “available” and tried to install the application from company portal. It helped to successfully deploy the app. But not sure what is the issue with REQUIRED deployment yet. I think it’s better to try the same scenario with the latest Windows 10 1803 Cumulative Update and retry.


Intune MSI Deployment Guide –

21 thoughts on “Intune Beginners Guide to Deploy MSI Application”

  1. Hello,

    Have you deployed many android LOB apps via Intune? I can deploy Managed Play store apps fine to Android for Work devices, but if I want to deploy an apk developed in house I get a “Not applicable” warning and the apk never gets pushed to the device. I’ve checked the assignments, and have assigned both the device and user to groups that are required to install this app, still nothing.

    Is there anything that you could suggest?


    • Hello, Are you deploying the APK as REQUIRED app? or Available? Are you using Android enterprise for managing the devices? Or are you using Android device admin management?

      Are you able to install the APK file manually on the Android device? Do you enabled APK installation on Android device? Go to Menu > Settings > Security > and check Unknown Sources to allow your phone to install apps from sources other than the Google Play Store.

      • Hi,
        you mean: “on Android, I need to enable sideloading from any source to be able to deploy from Intune?” That cannot be – that would put my users at risk where I want to protect them.
        Do you know a way to find out what “Not applicable” really means? I think it’s one of the worst messages one can show, while showing the status of an Android app for an Android device of an assigned user. This message is only expected when the app demands a newer Android version (and then the status must be “Nees Android version Y, but device is Android version X” – not something that is as meaningfull as “does not work because broken”).
        Btw.: the email-validation in this comment form is not working correctly: my usual email domain is, but the form seems to not accept .cloud-domains.

      • You just need to upload the new MSI to the same application if you want to upgrade all users/devices at the same time.
        However, if you want to have a phase wise rollout, then it should be better to create a new app with a new version and retire the previous version after the migration

  2. Hi Anoop
    What about when a new version of App comes out? Can I just edit the App with new version number and upload the new MSI file? Or should I delete that deployment and create a new one for the new version, then assign it to the same group?

  3. is it possible to enable the MAM for a windows MSI app. I am uploading MSI as an windows LOB and I want WIP to be enabled on it. How to achieve this.

  4. Nice writeup, very useful for some one like me who is new to Intune.

    I do have problems though with publishing MSI’s.
    Some MSI-applications will trigger an autorepair when a users starts the application for the first time.
    Usually because some files need to be created in the %appdata% folder, or some HKCU-keys need to be set.
    When that happens, the applications searches for the the MSI source-locations, but that will be deleted by Intune by that time.
    This is a VERY common practice with applications, but I have not found a solution yet.

    • I have seen this issue. And I have seen a comment by Daniel Sidler in the tech community forum that – “I was able to solve the problem by editing the msi with the free edition of Master Packager. All it took was making the program shortcuts not advertised, and it immediately worked when deploying the updated package with Intune.”

      Does this help? Also, there is a UserVoice item to keep cached files.

      • Hi Anoop,

        Thank you for the quick reply. I have seen that thread as well.
        Unfortunately, it of course does not really solve the problem.
        Take a app like VLC Player as example. In a corporate environment, you would NOT want the app to check for updates on a daily basis. This settings however is stored in a settings-file, stored in the users APPDATA-folder. With a repackaged MSI, you can make sure, the correct settings will be set for each users when they start the application for the first time. An autorepair of published shortcut would take care of that, but with Intune this no longer works.

        The URL you mention offers no solution, it just asks the same question I do.

      • Hello Martin – I have seen a similar issue with one of my clients and the packaging team ended up copying down all the self-heal bits and copying them out as part of the install. The alternative is to copy the MSI down and run the install locally. Does that helpful?

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.