search

Scenario 4: Intune – Applications and Updates

Applies to: Patch My PC Publisher

hashtag
Overview

Use this scenario when the Publisher is used to publish third party applications and updates to Microsoft Intune only. This configuration is intended for cloud managed environments that do not publish third-party applications through ConfigMgr or updates through Windows Server Update Services (WSUS).

In this scenario, the Publisher integrates with Intune, using the Microsoft Graph API, to create and manage third-party applications and assignments.

After completing the configuration steps in this section, the Publisher will be ready to publish third-party applications and updates to Intune.

hashtag
Checklist

Before configuring the Publisher, ensure the following information is identified and validated:

General Items

Platform Checklist (Intune)

hashtag
Installation and Configuration Steps

The following steps are suitable for getting the Publisher up and running in most environments and are recommended to be completed before selecting products to enable for publishing and applying product customizations.

  1. After the core and Intune platform requirements have been met, and the Publisher installation location is identified, download and install the Publisher. In the installation wizard, check the box to enable Intune standalone mode.

  2. Open the Publisher console and go to the General tab. Enter your license key or start a trial.

  3. Click the Validate button to validate the licence.

  4. On the General tab still, configure log retention to keep a minimum of 10 logs and set the maximum log size to 10 megabytes.

  5. If Intune standalone mode was not enabled in the Publisher installation wizard, go to the Advanced tab. Because this is a Intune only scenario, find the Intune Standalone Options settings and hide disable the ConfigMgr Apps and Updates tabs to simplify the console experience.

  6. Go to the Intune Apps tab, check Enable creation of Win32 applications in Microsoft Intune and the Options form will open.

  7. Enter a Tenant Friendly name.

  8. From the information gathered when creating the Entra ID App Registration, complete the Authority URL, enter the Application (Client) ID and select the credential (Enter an App Secret or select a Client Authentication certificate). For more information, see Authentication Settings.

  9. On the same Options page, review the Application Options section:

    1. Consider enabling the Update application dependencies... and Copy the requirements... options

    2. Configure application retention to keep at least 1 previous version to support rollback scenarios using supersedence.

    3. Consider enabling Allow available uninstall.

  10. Click Test Connection to verify the app registration is configured correctly.

  11. On the Intune Apps tab still, right-click the All Products node in the product tree and enable and configure, the Manage Installation Logging customization option. This ensures detailed installation logs are generated on client devices when third-party applications are installed. This helps with troubleshooting if issues occur during installation.

  12. Go to the Intune Updates tab and check Enable creation of Win32 updates in Microsoft Intune.

  13. Click OK to close the options form that opens.

  14. On the Intune Updates tab still, right-click the All Products node in the product tree and enable and configure, the Manage Installation Logging customization option. This ensures detailed installation logs are generated on client devices when third-party applications are installed. This helps with troubleshooting if issues occur during installation.

  15. Go to the Sync Schedule tab to confirm the schedule aligns with your operational requirements.

  16. Go to the Alerts tab to configure email or webhook notifications if publishing and operational notifications are required.

  17. Go to the Advanced tab and review:

    1. Configure proxy settings if your environment requires outbound internet access through a proxy.

    2. Configure a Local Content Repository path for binary free applications.

    3. Consider enabling the option to Store encryption information locally to allow extraction of Win32 .intunewin files later.

  18. Go to the About tab and review the self-update settings for the Publisher. If your organization has strict change control, disable automatic self updates. In most environments this is not recommended, as new versions include bug fixes and new features.

  19. Click Apply to save the settings.

After completing these steps, the Publisher is configured and ready to publish third-party applications and Updates to Intune.

The next step is to Customize and publish applications and updates.

PreviousScenario 3: WSUS (Standalone)NextScenario 5: Mixed Environment (ConfigMgr, WSUS and Intune)

Last updated

Was this helpful?