A new Flexera Community experience is coming on November 25th, click here for more information.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
kmantagi
By
Flexera Alumni

AdminStudio can now integrate with Microsoft Intune to publish applications. This was one of the most requested and awaited features in AdminStudio. In the current pandemic situation, we are seeing an increasing trend of organizations adopting SaaS solutions to enable their employees to work from home and one such solution is Microsoft Intune. This was also evident when we witnessed many of our customers requesting for Microsoft Intune support in AdminStudio.

AdminStudio’s integration with Microsoft Intune was released in AdminStudio 2020 earlier this year. This integration enables you to:

  • Publish MSI and MSIX packages to Microsoft Intune as Line of Business (LOB) apps
  • Convert legacy Win32 setups (MSI/EXE) to Intune’s native Win32 apps (.intunewin)

Future enhancement of this integration feature will include publishing of Win32 apps (.intunewin) to Microsoft Intune.

A successful connection must be established between AdminStudio and Intune for this integration to work. This article explains various steps to be performed in both AdminStudio and Intune to setup connection between these two products.

AdminStudio must be registered as an application in Intune first before you setup Intune connection details in AdminStudio. Please follow the below steps to register AdminStudio in Intune:

  1. Log in to the new Microsoft Endpoint Manager admin center - https://endpoint.microsoft.com/#home using your Intune credentials
  2.  Click on All Services in the left pane and then select M365 Azure Active Directory

kmantagi_0-1600971509178.png

  1. Upon clicking M365 Azure Active Directory, you will be redirected to aad.portal.azure.com. When prompted to log in again, use your Intune credentials. After successful login, click on All Services in the left pane and then on App registrations

kmantagi_1-1600971509192.png

  1. On the App registrations screen click on New registration to register AdminStudio

kmantagi_2-1600971509207.png

  1. Provide all the required details as applicable for your organization on Register an application and click on Register

kmantagi_3-1600971509223.png

  1. After AdminStudio is successfully registered you will see the below screen. Please make note of Application (client) ID and Directory (tenant) ID. These IDs will be used later in AdminStudio to setup connection to Intune.

kmantagi_4-1600971509254.png

  1. The next step to provide API access to newly registered application - AdminStudio. Click on API permissions on the left pane and Add a permission -> Choose Microsoft Graph -> Application Permissions -> Under DeviceManangementApps choose DeviceManagementApps.ReadWrite.All and click Add permissions

kmantagi_5-1600971509269.png

kmantagi_6-1600971509288.png

kmantagi_11-1616395695908.png

kmantagi_12-1616395695923.png

  1. Click on Grant admin consent for <your account name> and finish consenting to the permissions and observe the Status to turn to Granted and make sure the permissions are of type Application

kmantagi_4-1616397353392.png

kmantagi_5-1616397353413.png

  1. If you wish you authenticate using Client Secret instead of User Account (more on this later in this article) then you must generate a Client Secret code for the newly registered application - AdminStudio. To do so, click on Certificates & secret' on the left pane and then click on New client secret. Provide a description for your client secret and choose the expiration date you wish to set and click Add.

kmantagi_11-1600971509374.png

kmantagi_12-1600971509384.png

  1. Observe the Client secret should be generated and present under the Client Secrets section. Be sure to copy this Client Secret as it will be visible and available only now later the code will be masked with asterisks

kmantagi_13-1600971509396.png

  1. This step is required only if you choose to authenticate using User Account in AdminStudio. On the newly registered application - AdminStudio, click on Manifest on the left pane and set allowPublicClient property to true, if it is not set already

kmantagi_14-1600971509416.png

Steps to be followed in AdminStudio to set up connection to Intune:

In AdminStudio Options, navigate to Distribution Systems and click on New to add a new distribution system for Microsoft Intune. Specify a Name for this connection and set Deployment Type property to Intune Distribution Plugin from the drop down. You will see there are two ways of authentication to Intune - Client Secret and User Account

Authenticate using Client Secret:

Set Authentication to Client Secret from the drop down if you wish to authenticate using Client Secret. Specify the Client Secret that was generated in Step 9 along with Application (client) Id and Tenant ID generated in Step 6 and click Test to authenticate and test the connection to Intune. The connection will be successful if all the values provided in this screen are valid.

Please note you may optionally specify the Tenant Name in place of Tenant ID. Tenant Name would generally be of the format – yourcompany.onmicrosoft.com.

kmantagi_15-1600971509439.png

Authenticate using User Account:

Set Authentication to User Account from the drop down if you wish to authenticate using Intune user credentials. Specify Application (client) Id and Tenant ID (on Tenant Name) that was generated in Step 6 and click Test. You will see Microsoft's Sign in page, specify your Intune username and password for authentication. The connection will be successful if user credentials and other values provided in this screen are valid.

You will see Checking deployment settings… in the UI logs until authentication is successful on the Microsoft’s Sign in page.

kmantagi_16-1600971509461.png

kmantagi_17-1600971509469.png

kmantagi_18-1600971509490.png

AdminStudio is now successfully connected to Intune. You are all set to make your first application publish from AdminStudio to Intune.

Important Note: Microsoft Intune is still evolving and there are many frequent changes that we have noticed in Intune. At the beginning of the implementation of this integration feature in AdminStudio, there was no Microsoft Endpoint Manager and Intune was available within portal.azure.com, however all of that has changed now. We have also noticed many UI changes in Intune along the way. So, it is important to note that while the procedure explained above for registering AdminStudio in Intune will remain the same, there is a possibility that there could be changes to the name of the options in Intune or the placement of these options in the UI might change too in the future as Intune evolves.

(3) Comments
bkelly
By
Flexera Alumni

Excellent detail here that will really save users time getting Intune integrated, thank you @kmantagi !

jonbee
By
Level 2

Hi @kmantagi Does 'Partial'  in the Publish Packages to Popular Deployment Systems feature for Standard, in the ADMINSTUDIO: COMPARE 3 EDITIONS page mean the publish to Intune is supported in the Standard edition?

Jon

kmantagi
By
Flexera Alumni

Hi @jonbee, sorry for late reply. Publish to Intune capability is not available in AdminStudio Standard Edition. Publishing an application to Intune requires Application Manager tool, which is not available in Standard Edition, therefore it will not be possible to publish applications to Intune in Standard Edition.