Let’s learn how to download and install Google Chrome using the Intune Line of Business Application model. I have explained the steps in the above video (Google Chrome Deployment).
To add a custom or in-house app, upload the app’s installation file. Make sure the file extension matches the app’s intended platform. Intune supports the following line-of-business app platforms and extensions:
- Android (APK)
- iOS (IPA)
- macOS (.IntuneMac)
- Windows (.msi, .appx, .appxbundle, .msix, and .msixbundle)
In this post, we are looking into Windows LOB application deployment. Let’s see how to deploy the “Google Chrome” (Intune Google Chrome?) browser to Windows 10 or Windows 11 devices using Microsoft Intune. I have a post that explains, “Deploy Google Chrome Update with SCCM.”
NOTE! – There is a 0-Day bug with Chrome Browsers. Update the Google Chrome browsers immediately. More details – Chrome’s audio component (CVE-2019-13720) while the other resides in the PDFium (CVE-2019-13721) library.
- Intune Management Extension Deep Dive – Win32 App Deployment Troubleshooting Help Guide
- Troubleshoot Intune Managed Application Deployments Errors
- Fiddler Silent Install using Intune MEM Installation Behavior User
- Intune Logs Event IDs IME Logs Details for Windows Client Side Troubleshooting
Download Chrome Enterprise Version MSI
You can download the enterprise version of the Google Chrome browser from the following Google Server.
I usually download the full version of the Google Chrome browser, but you can also download the Google Chrome update MSI.
Google Chrome Deployment – Video Guide
Recently, Google published a post about the latest vulnerabilities of Google Chrome and highlighted this as a Zero-day Patch. Zero-day patches are highly critical, and you need to update the browsers as soon as possible.
Let’s download the Patch or the latest version of Google MSI from the Google server and follow the steps mentioned in the below video to deploy Chrome updates to Windows 10 devices.
Create Intune Chrome Browser Line of Business App
To create an Intune line of business (LOB) application, you need to log into the device management portal. Once you log in, you can go to the Windows application and start creating an Intune LOB application.
The application creation is straightforward, as I have shown in the video (Google Chrome Deployment options). You don’t have to worry about the application version shown in the Intune console. I don’t know how it gets the MSI version details when we select the Google Chrome MSI.
- Login to Intune Portal https://endpoint.microsoft.com/
- Select Apps > All apps > + Add.
- Select Windows 10 in the Office 365 Suite section of the Select app type pane.
- Click Select. The Add Office 365 Suite steps are displayed.
Thoughts—If you check the MSI version of the properties of that MSI file and compare that with the version that shows in the Intune portal, you will get confused. So, don’t worry about that at the moment. There could be some bug in Intune.
Select the Line-of-business app to create a Google Chrome browser application
Click on the App package file, select Application, and Click on the FOLDER icon.
Browse using Windows Explorer and Select the MSI – the Google Chrome Browser MSI (GoogleChromeStandaloneEnterprise64.msi). Click OK to continue
Name: Google Chrome
Platform: Windows
App version: 67.208.87
Size: 57.44 MiB
MAM Enabled: No
Execution Context: Per-Machine
- Click on App Information Configuration
- Fill in the App Information (Mandatory information for the Line of Business app)
- Name – Google Chrome
- Description – Google Chrome
- Publisher – Google
Select the Logo for the Google Chrome Browser application. Click on Browse (FOLDER ICON).
Copy and Save the Chrome ICON to your computer
Select the saved Chrome icon. Intune will automatically upload and analyze the icon. Google Chrome Deployment using Intune Line of Business Application.
- Click OK
- Click OK
- Select the Scope (Tags)
- Click +Add
- Select Tags -> Test
- Click on Select
- Click OK
NOTE! – Intune scope tag guide – Intune Scope Tags Implementation Guide.
Click Add
Upload Google Chrome Browser using Intune Line of Business Application
Once you save the Google Chrome application, Intune will start uploading the MSI 2 Microsoft cloud. This process will take the same depending on your Internet speed and the size of the MSI.
You can see the start of the upload in the Intunes console itself. You can also see the percentage of uploads done in Intune in the device management portal itself, as you can see in the video (Google Chrome Deployment scenarios).
Thoughts – This % of upload notifications is very useful instead of some gas works, which we used to do in previous versions of Intune.
- Chrome Browser application is now getting uploaded
- Uploading Google Chrome 64% completed
Let’s wait to complete the upload.
Google Chrome Assignments to Device Groups
Deployment is called assignment in Intune. I have explained How to assign an application like Google Chrome to the 2 Azure Active Directory device groups. There are different types of assignment types in Intune.
Similar to SCCM, required and available are two prominent options. In addition to these two, you will have another option called available for all enrolled devices. This option will make the application available for all MDM-enrolled devices.
Thoughts – If you select available for all enrolled devices, you are, in turn, removing the dependency of Azure AD assignments. I think this will help to improve the performance of Microsoft Intune in some way.
- Click on Assignments
- Click on Add Groups
This will also help to reduce the workload for Azure Active Directory, which analyzes different groups’ logics for dynamic groups, etc., similar to dynamic collections in the SCCM world. I have used the required option in this Chrome application deployment or assignment.
- Add Groups – Select Assignment Type – Required
- Select the Azure AD Device Groups to include
- Search for Chrome AAD Device Groups
- Click on Select to confirm the AAD Group select
Click OK to complete the Google Chrome application assignment
Click OK (1 group selected – Included Group)
Click on Save
Success – Assignments Saved Successfully
Results Windows 10 – Intune Google Chrome
Device Management Console Status
Resources
We are on WhatsApp. To get the latest step-by-step guides and news updates, Join our Channel. Click here –HTMD WhatsApp.
Author
Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc
This worked great for me, so thank you! Is there a way I can get Chrome to install without it creating a desktop icon?
Hello Annoop,
I wanted to express my gratitude for the guidance you provided. I would like to seek clarification on how to create an application with a custom server name that needs to be entered during the installation process. For instance, when I manually double-click the executable file and go through the installation wizard, the installation page prompts me to enter the server URL. I am wondering how we can configure this setting when installing the application through Intune.