Protect app inventory data on personal macOS devices. Expanded support up to 990 Apple VPP tokens per Intune tenant. App wrapping tool support for 64-bits and macOS Catalina (10.15). Apple volume-purchased (VPP) apps support for macOS. Following are some of the highlights of macOS-related improvements in Intune: These improvements in Microsoft Intune are aligned with key changes that macOS Catalina introduced to be more secure and provide greater privacy control to users. Over the last quarter, we have made great strides towards providing greater deployment choices to our Intune IT admins at scale and protect privacy for our end-users. This article focuses on macOS apps landscape and improvements made for the deployment and management of macOS apps in Intune. We previously shared the new macOS management capabilities in Microsoft Intune such as support for FileVault disk encryption management and the evolution of macOS management capabilities. This article describes how Microsoft Intune is invested in macOS management capabilities to ensure that IT admins are ready to effectively manage their growing fleet of macOS devices. Let us know by responding to this post if you have any questions or feedback! You can also ask questions by tagging #IntuneSuppTeam out on Twitter where our Support as a Feature team helps answer quick questions.New features in macOS Catalina and the consolidation of management of apps, devices and accounts under Apple Business Manager are transforming how apps are developed, verified and distributed on macOS. This sample script demonstrates how the above steps can convert a DMG file to INTUNEMAC. Add the INTUNEMAC file as a line-of-business application for macOS on Microsoft Endpoint Manager. IntuneAppUtil -c signed_final.pkg -o /finalpath Create the INTUNEMAC file from the signed PKG file. #App wrapper mac mac#
Productsign -sign “3rd Party Mac Developer Installer: Developer Name (XXXX)”. Sign the PKG file using a Mac Developer ID certificate.Productbuild -synthesize -package /TargetDirectory/intermediate.pkg /TargetDirectory/distribution.xml Note: This is required to build a redistributable package. Create the distribution XML file for the intermediate PKG file.Pkgbuild -install-location /Applications -component /Volumes/path_to_app/app_to_convert.app. Pass the install-location as an argument to the pkgbuild command. Note: When using autocomplete, delete the final slash in the APP path. Make a temporary folder and navigate to it.Note: Skip this step when starting with APP-format apps. The steps below require that you initiate with an app of DMG or APP format that satisfy the conditions above. This is not an exhaustive list of all applicable conditions.Follow these instructions to set up the App Wrapping Tool correctly. You will need the Microsoft Intune App Wrapping Tool for macOS to complete the steps in the next section.DMG files containing more than one APP file are not supported.
PKG files that are packaged using different packaging commands may not deploy successfully.
It is crucial that the PKG files are created using the commands below. This also applies to DMGs containing PKG files. Unsigned applications are rejected by macOS. The converted app must be re-signed for successful MDM-deployment. The app deployment will not complete successfully if the property list files are included in the app package. For apps that require a property list file (plist file), the property list file must be deployed using a macOS device configuration profile in Microsoft Endpoint Manager before the app is deployed. The app deployment will not complete successfully if the extension is included in the app package. For apps that require a kernel or system extension, the extension must be deployed as a macOS device configuration profile in Microsoft Endpoint Manager before the app is deployed. These steps have been tested on macOS 10.15. 
The rest of the document outlines the recommended app preparation steps. Therefore, for apps that are of non-pkg types, it requires admins to run commands on macOS either manually or as a script to create a signed app package (.intunemac file) that can be distributed using Intune.
Natively, Mac MDM only supports installing signed. You can use Microsoft Endpoint Manager to deploy the most common app types supported by macOS such as. See the original author and article here.īy: Arnab Biswas | Program Manager – Microsoft Endpoint Manager – Intune
0 kommentar(er)
