Microsoft Intune
This article provides step-by-step instructions to implement the App Catalog using Microsoft Intune.
Requirements
At least an Intune Administrator role
Configuration Profile
A Configuration Profile is needed to activate and configure the App Catalog. There are two options:
Click Create profile
Choose Templates as Profile type
Select Custom and click Create
Choose a name such as App Catalog Configuration
Choose a Custom configuration profile name such as App Catalog Configuration or choose something different to present to users
Select the .mobileconfig file containing your Configuration Profile
Click Next, assign the users or devices and click Add
Supporting Configuration Profiles
To fully enable the App Catalog, some additional profiles are needed such as a Notifications payload, a Managed Login Item payload and PPPC. Go to the following pages, create Configuration Profiles or download a provided example:
To add the Configuration Profiles to Microsoft Intune, follow these steps for each profile:
When your Configuration Profile is ready, go to Devices -> macOS -> Configuration profiles
Click Create profile
Choose Templates as Profile type
Select Custom and click Create
Choose a name such as Notifications - App Catalog and Managed Login Item - App Catalog
Choose a Custom configuration profile name such as Notifications - App Catalog and Managed Login Item - App Catalog or choose something different to present to users
Select the .mobileconfig file containing the Configuration Profile
Click Next, assign the users or devices and click Add
Installing Apps
Create a small script as shown below, replace BUNDLE_IDENTIFIER with the app Bundle Identifier and save it as a .zsh file. This script will also take care of the installation of the App Catalog if not already installed:
Below is an example script for installing Google Chrome:
Go to Devices -> macOS -> Shell scripts
Click Add
Choose a name such as Install Google Chrome
Upload the script and make sure Run script as signed-in user is set to No
Click Next, assign the users or devices and click Add
The app will now be installed on the next check-in. To verify, logs can be checked by selecting the script -> Device status as shown below:
Updating Apps (macOS 12 only)
Follow these steps to add such this script:
Below is an example script:
Download the example script below containing a check if the App Catalog is present:
Go to Devices -> macOS -> Shell scripts
Click Add
Choose a name such as Update Apps
Upload the script and make sure Run script as signed-in user is set to No
Configure the Script frequency as you want, such as Every 1 day
Click Next, assign the users or devices and click Add
All managed and unmanaged apps with updates will now be updated on the next check-in every day
đ That's it, you have succesfully configured the App Catalog for Microsoft Intune!
Last updated