- April
Posted By : Zeng Yinghua (Sandy)
Deploy Win32 applications from Microsoft Intune

UPDATE:  Mine this post is out dated, but I still keeping it. 🙂 For deploy Win32 apps from Microsoft Intune, please read this:

I found this post from my draft today, I was writing it in last year December, I have no idea why I didn’t finish and publish it, somehow I just forgot.

In this moment, we cannot deploy Win32 applications from Microsoft Intune, my idea is put those application source media files on Azure Storage file share, use Intune management extension deploy PowerShell script to install those applications.

The original plan was use AzCopy download those source files to local device, then install the application.  I tweeted that on Twitter, very soon I got reply from Phil Wilcock , he suggested “how about use bits?”.  So with a little help from my friend Ari Saastamoinen, I got it working.

This is not a solution how to deploy complicate applications via Intune for enterprise environment, I just want to show an idea what you can do with Azure Storage.
For example, Johan write an excellent post Cloud OS Deployment, Part 1 – Running MDT Task Sequences from Microsoft Intune

If you want more information about Microsoft Intune management Extension, follow my friend Oliver Kieselbach ( @okieselb )
And read this post:  Deep dive Microsoft Intune Management Extension – PowerShell Scripts

I am going to deploy notepad++ 7.3.3: 

  1. Setup Azure file share. I don’t write details in here how to do this, you can find it from here
  2. I created a File share name fireshare01  (I meant to name it fileshare01, but there is typo. 😀 )

  3. Write down your Storage account Access keys

  4. Run this PowerShell script map your Azure file share to your computer, this is for make easier copy installation media to the file share.
    $acctKey = ConvertTo-SecureString -String "wMLFueEVyu+KlTSzMvlkfy9SmOXVfHK+9gjffENTcQrMS4BXPptImleGdLLdMe74/C4+C+WM9RHPlB10DInEaQ==" -AsPlainText -Force 
    $credential = New-Object System.Management.Automation.PSCredential -ArgumentList "Azure\smsboot", $acctKey 
    New-PSDrive -Name Z -PSProvider FileSystem -Root "\\smsboot.file.core.windows.net\fileshare01" -Credential $credential -Persist

  5. You should see you have a new network drive Z:

  6. I copy Notepad installation source files to Z:\Notepad.
    I am using PowerShell App Deployment Toolkit to make my installation package, make sure your installation is 100% silent install.

  7. Create a PowerShell script, and save it as Install-Notepad.ps1

    function Check-IsInstalled {
    #this is funtion for check it the desired application is installed.
        $x86 = ((Get-ChildItem "HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall") |
            Where-Object { $_.GetValue( "DisplayName" ) -like "*$ApplicationName*" -and $_.GetValue( "DisplayVersion" ) -like "$version"  } ).Length -gt 0;
        $x64 = ((Get-ChildItem "HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall") |
            Where-Object { $_.GetValue( "DisplayName" ) -like "*$ApplicationName*" -and $_.GetValue( "DisplayVersion" ) -like "$version"  }).Length -gt 0;
        return $x86 -or $x64;
    #Check if notepad++ 7.3.3 installed
    $check = Check-IsInstalled -ApplicationName "notepad++" -Version "7.3.3"
    #If notepad++ 7.3.3 is not installed
    if ($check -ne $true) {
    #Check what drive letter is used
    $used = Get-PSDrive | Select-Object -Expand Name | Where-Object { $_.Length -eq 1 }
    #Set unused drive letter
    $unused = 90 .. 65 | ForEach-Object { [string][char]$_ } | Where-Object { $used -notcontains $_ }
    $drive = $unused[(Get-Random -Minimum 0 -Maximum $unused.Count)]
    #use Azure Storage access key to map Storage as local drive
    $acctKey = ConvertTo-SecureString -String "wMLFueEVyu+KlTSzMvlkfy9SmOXVfHK+9gjffENTcQrMS4BXPptImleGdLLdMe74/C4+C+WM9RHPlB10DInEaQ==" -AsPlainText -Force
    $credential = New-Object System.Management.Automation.PSCredential -ArgumentList "Azure\smsboot", $acctKey
    New-PSDrive -Name $drive -PSProvider FileSystem -Root "\\smsboot.file.core.windows.net\fileshare01" -Credential $credential
    #Import BitsTransfer module
    try {
        Import-Module BitsTransfer -ErrorAction Stop -PassThru
    catch {
        throw 'BitsTransfer PowerShell module is not installed!'
    #Set copy source path
    $Source = "$drive" + ":\Notepad_7.3.3"
    #Set copy destination path
    $Destination = "c:\Temp\Notepad_7.3.3"
    #Copy source to local drive with sub folders and files
    $folders = Get-ChildItem -Name -Path $source -Directory -Recurse
    foreach ($i in $folders)
        #Create sub folders
    	$exists = Test-Path $Destination\$i
    	if ($exists -eq $false)
    		New-Item $Destination\$i -ItemType Directory
    	Start-BitsTransfer -Source $Source\$i\*.* -Destination $Destination\$i -Priority Foreground
    Start-BitsTransfer -Source $Source\*.* -Destination $Destination -Priority Foreground
    #Delete mapped drive
    Remove-PSDrive $drive
    #Set location to Destination folder
    Set-Location $Destination
    #Install notepad++ by using PSAT tool, must use Silent mode
    Write-Output "Start installing notepad"
    Start-Process ".\Deploy-Application.exe" -ArgumentList "-DeployMode 'Silent'" -Wait
    #Reset localtion to C:\Windows
    Set-Location "C:\Windows"
    #Try to remove installation media after application is installed, retry for 1 minute.
    $timeout = new-timespan -Minutes 1
    $sw = [diagnostics.stopwatch]::StartNew()
    	Start-Sleep 5
    	Remove-Item $Destination -Recurse -Force
    Until (!(Get-Item -Path $Destination -ErrorAction SilentlyContinue) -or ($sw.elapsed -ge $timeout))
    else {
        #If notepad++ 7.3.3 is installed
        Write-Output "Notepad++ 7.3.3 is already Installed"
  8. Go to Azure Portal, open IntuneDevice configurationPowerShell scripts – Add

  9. Add your Install-Notepad.ps1 script, run the script as System Account, not logged on credentials.

  10. Assign it a group.
  11. Login to a AAD joined Windows 10 machine with the user account that has been assigned to run Intall-Notepad.ps1
  12. In C:\ProgramData\Microsoft\IntuneManagementExtension\Logs folder, you should find IntuneManagementExtension.log
    In this log file, there are details which script has been run, and what is result.
  13. Finally, I saw my Notepad++ Installed.






Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.