Deploy any application from Azure Storage with Intune, PowerShell and BITS!

Deploy any application from Azure Storage with Intune, PowerShell and BITS!

Update September 24, 2018

The posted solution has been superseded today, as Brad Anderson from Microsoft has announced Win32 app support for Microsoft Intune. You can now repackage executables (.exe) to Windows Apps (.intunewin) with the Microsoft Intune Win32 App Packaging Tool available at https://github.com/Microsoft/Intune-Win32-App-Packaging-Tool.

Check out the blog post at http://www.scconfigmgr.com/2018/09/24/deploy-win32-applications-with-microsoft-intune/ for more information how to deploy these apps.

Original blog post:

If you are using Microsoft Intune to manage your organization’s devices, you might find it challenging that deploying Line-of-business apps only supports (single) .msi, .msix, .msixbundle, .appx and .appxbundle application packages for being deployed.

I’ve read an article from Peter Selch Dahl, about deploying EXE files from Microsoft Intune using Azure Blob Storage, in which Peter explains how to deploy applications with PowerShell Scripts from Microsft Intune, where the source files are located on Azure Blob Storage.

Peter provides a very basic script how to install an application. Before I went ahead and deployed certain applications using PowerShell, I’ve set a few requirements that I wanted to meet first, namely:

  • Add support for multiple file downloads from a given Azure Blob Storage Container;
  • Prevent that files downloaded are buffered in memory;
  • Provide easy adoption of the script for other applications;

In this blog post I will be providing a more advanced script to deploy any application with Microsoft Intune.

Did it work out?

I believe I managed to meet my requirements quite well! To meet these requirements, I’ve written a PowerShell script that:

  1. Installs the NuGet Package Provider in the CurrentUser scope;
  2. Trusts PSGallery Repository;
  3. Installs AzureRM.Storage Module in the CurrentUser scope;
    Used to retrieve all installer files (Blobs) from a given Azure Blob Storage Container. So I don’t need to specify any URLs, I just provided the Storage Account Name and Container.
  4. Creates a temp directory for storing the installation files;
  5. Downloads installation files from Azure Blob Storage to a temp directory using BITS;
    Using BITS instead of Invoke-WebRequest, because the latter buffers downloads in memory.
  6. Silently installs the application;
  7. Cleans up installation files.
    Removes the temp directory and contents when the installation has completed.

You can download the full Install-ApplicationName.ps1 PowerShell script from the TechNet Gallery here.

Configuration

The PowerShell script has a configuration region. I believe that for most, if not all, all you need to edit is the configuration section to install ‘any’ (e.g. executable or App-V) application.

For example, let’s go ahead and deploy Notepad++!

  1. Download Notepad++ Installer 64-bit x64;
  2. Upload the .exe file to a separate, private container in your Azure Storage account. In my case I named the container notepadplusplus and uploaded npp.7.5.8.Installer.x64.exe;
  3. Download the template Install-ApplicationName.ps1 script from the TechNet Gallery;
  4. Copy or rename it to Install-Notepad++.ps1;
  5. Modify the configuration section, for example:
  6. Upload the PowerShell Script to Microsoft Intune;
    1. Do not run the script using the logged on credentials, since Notepad++ requires administrative permissions to install. Otherwise users will be prompted with a UAC prompt.
  7. Assign the script to a group of users;
  8. Wait for the PowerShell script to be deployed (or restart the Microsoft Intune Mananagement Service to force a sync).

Troubleshooting

Is the script not working as expected? You can review the log file in C:\ProgramData\Microsoft\IntuneManagementExtension\Logs\IntuneManagementExtension.log, which contains the logging for PowerShell Scripts.

Interested in more information how PowerShell Scripts in Microsoft Intune work under the hood? Check out this amazing blog post by Oliver Kieselbach: Deep dive Microsoft Intune Management Extension – PowerShell Scripts.

Feel free to post any comments! I’d be happy to answer any questions you have.

3 thoughts on “Deploy any application from Azure Storage with Intune, PowerShell and BITS!

  1. Hi! Great blog post and very relevant for AAD.

    Got a quick question, can this script install multiple applications from the Storage? And how so? Currently dealing with onboarding and need to install multiple applications at the same time

    1. Hi Nikolai,

      Thanks for your question. You can create multiple copies of this script and modify each to include the details per application. You can then upload the per-application PowerShell scripts to Intune and assign them to your users.

      Best regards,

      John

    2. Hi Nikolai,

      The posted solution has been superseded today, as Brad Anderson from Microsoft has announced Win32 app support for Microsoft Intune. You can now repackage executables (.exe) to Windows Apps (.intunewin) with the Microsoft Intune Win32 App Packaging Tool available at https://github.com/Microsoft/Intune-Win32-App-Packaging-Tool.

      Check out the blog post at http://www.scconfigmgr.com/2018/09/24/deploy-win32-applications-with-microsoft-intune/ for more information.

      Best regards,

      John

Leave a Reply

Your email address will not be published. Required fields are marked *