Intune Win32 App Deployment using Modern Management

By
Vimal Das
-
0
Intune Win32 App Deployment

One year back, I worked for a customer to deploy Windows 10 with modern management tools like Intune. The major limitation we faced is Intune Win32 App Deployment. Intune supported only single Msi file. Because of this limitation, we were unable to deploy applications with EXE, multiple MSIs, MST, batch files, etc.

These application deployment limitations are no longer valid. Intune currently support deploying applications with EXE, multiple MSIs, MST, batch files, etc.
[Intune Win32 App Deployment Troubleshooting postIntune Win32 app Troubleshooting]
[This is Public Preview Release expected to have changes when GAed]

What is Intune Win32 App Deployment?

Win32 application deployment is for 32 bit and 64-bit application deployments. Using Intune Win32 App deployment, you can deploy x86 and x64 bit applications. Windows 10 MDM channel has limitation to deploy complex Windows applications.

To overcome Windows 10 MDM channel limitation, Intune and Windows team came up with an agent-based solution to deploy complex Windows applications (EXE, multiple MSIs, MST, batch files, etc.).

So now the Windows 10 (client side) is ready to deploy complex Windows apps via Win32 app deployment agent. Intune (Server side) has implemented a solution called “Intune Win32 App Deployment” to deploy complex Windows applications via Intune portal.

Intune Win32 App Deployment

Pre-requisites of Intune Win32 App deployment

  • Windows 10 Ent/Edu (1607 version and above)
  • Joined to Azure Active Directory (AAD) or Hybrid Azure Active Directory
  • Enrolled into Intune MDM

Limitations of Win32 App Deployment

  • User context app installation not available
  • No dependency and supersedence support
  • Application size limit 2 GB (public preview)

Download the Win32 App Packaging Tool?

Download the Win32 to app “packaging” tool from GitHub? Is that a packaging tool? Do we need packaging skills to convert complex Windows apps to .IntuneWin format?

I don’t think you need any packaging skills to repackage existing Windows apps like MSI, EXE to .IntuneWin extention. This Intune win32 app packaging is similar to zipping a folder using Winzip or 7 zip.

[Intune Win32 App Deployment Troubleshooting postIntune Win32 app Troubleshooting]

How to Prepare Win32 App Installation Source for Intune

Intune allow single package file wrapped using intune prep tool for win32 app deployment. We will see step by step configuration to use the tool. Intune Win32 App Deployment more details are available in the following section.

  • Download the Intune prep tool (intuneWinAppUtil.exe).
  • As shown below, make sure you copy all the installation files inside the source folder (example here: Adobe)
  • And Keep the tool(intuneWinAppUtil.exe) outside of the installation source folder.

IntuneWinAppUtil.exe

It is recommended to use cmd or batch file to trigger the installation. This approach will provide better control and sequence. I would suggest creating “cmd” file for install and uninstall.

IntuneWinAppUtil

  • Execute the Intune prep tool (intuneWinAppUtil.exe). As shown below specify the source folder and output folder as the same path. This tool will create the wrapped file. you can see the file with extension “Intunewin” created
  • Provide the setup file name. This file name is just for reference. In this example, you will be using cmd file to trigger installation
  • The Intunewin file is compressed and encrypted with a SHA256 hash

(Intune Win32 App Deployment more details are available in the following section)

You can use tools like 7-zip to extract Intunewin file and see what’s inside. You can see Detection.xml and the install source files. The Detection.xml file is created based on the setup file metadata. Detection.xml file includes encryption key details.

Detection.xml

How to Create and deploy Win32 App in Intune

In the Intune console, select Client apps > Apps > Add

Select Windows app (Win32) – preview from the provided drop-down list.

(Intune Win32 App Deployment more details are available in the following section)

Windows app (Win32)

Select the previously created  intunewin file using intune prep tool.

intunewin file

Update the app information such as Name, Description, Publisher, Category, Logo, etc.

(Intune Win32 App Deployment more details are available in the following section)

intune app information

Provide the cmd file name used to trigger application installation

intune application program

You can configure the application pre-requirements

Configure the app detection rule and select “manually configure detection rule”

You can select any one of the below detection rule type:
  1. MSI
  2. File
  3. Registry

(Intune Win32 App Deployment more details are available in the following section)

In this example, I will use the MSI product code as detection rule.

Based on your requirement update the return code and post-installation behaviour.

After completion, app is uploaded to Intune.

You can see the upload status by selecting the notification tab.

For testing I will deploy this application as “available “for all users.

(Intune Win32 App Deployment more details are available in the following section)

In next post 2 we will Deep dive intune Client side events during Intune Win32 app deployment.

[Intune Win32 App Deployment Troubleshooting postIntune Win32 app Troubleshooting]

Resources:

Intune Troubleshooting – https://www.anoopcnair.com/configuration-profile-settings-view/

Intune Standalone – Win32 app management (Public Preview) – https://docs.microsoft.com/en-us/intune/apps-win32-app-management

RELATED ARTICLESMORE FROM AUTHOR

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.