LogoLogo
  • Introducing dope.swg
    • Changing the Rules...
    • Quick Start Guide
      • Create a dope.swg Account
      • Get Started with the dope.endpoint
      • Import User and Group Data
      • Create a dope.swg Web Policy
    • Mitre ATT&CK and Nist CSF
  • dope.console
    • Analytics
      • Overview dashboard
      • Policy View
      • Productivity
      • Shadow IT
      • Detail View
    • dope.swg Policy
      • Editing the Base Policy
      • Adding Policy Exceptions
      • Assigning a Block Page
      • Creating Custom Categories
      • URL Bypass List
      • Application Bypass List
      • Default Bypass List
      • Cloud Application Control (CAC)
        • Microsoft O365
        • Google
        • Box
        • Salesforce
        • Dropbox
        • Slack
        • WebEx
      • Custom Policy
      • Policy Assignment
      • Policy Inheritance and Customization
    • CASB Neural
      • Microsoft 365 - Authentication
      • Google - Authentication
      • CASB DLP
        • DLP Files Table
    • Endpoint Manager View
      • Searching the View
      • Filtering and Sorting the Endpoint View
      • Endpoint Count
      • Running Diagnostics
      • Disable Endpoint
    • Settings
      • General
      • Block Pages
      • Endpoints
      • Users
        • Importing from Google
        • Why not SAML & SCIM?
      • Audit Log
      • SIEM Integration
        • Category & Verdict Mappings
      • API Client Credentials
      • Billing Details
    • Notifications
      • SSL Errors
  • dope.endpoint
    • Trusted Process Names
    • Generate Diagnostics
    • Disable Endpoint
    • Installing using MDM on Mac
      • Using JAMF
      • Using Kandji
      • Using Intune
    • Installing using Intune on Win
    • Mac Installer
      • Installation Process - Silent
      • Uninstall
      • Endpoint Authentication
    • Windows Installer
      • Installation Process - Silent
      • Uninstall
      • Endpoint Authentication
    • dope.endpoint UI
      • Windows UI
      • macOS UI
    • Automatic Updates
  • Release Notes
  • DOPE.APIs
    • Public API Specification
Powered by GitBook
On this page
  • 1. Prepare IntuneWin File
  • 2. Intune Deployment
  • 3. Autopilot Provisioning
  1. dope.endpoint

Installing using Intune on Win

PreviousUsing IntuneNextMac Installer

Last updated 1 month ago

Use Intune to mass-deploy to all corporate devices. There are two primary steps, and one optional:

  1. : A Microsoft binary that prepares the zip for deployment

  2. : The series of steps to deploy the installer

  3. (Optional): Automated installation of applications when a new laptop is Entra joined

1. Prepare IntuneWin File

Intune requires a Win32 "preparation" process before uploading to the Intune console. You'll perform this step first.

Download IntuneWinAppUtil, and use it to prepare the .intunewin package with this PowerShell command modified for version:

IntuneWinAppUtil -c .\dope_security_windows_1.0.x -s .\dope_security_1.0.x.exe -o .\ -q

Ensure that you use PowerShell for the above one-line command to work. If you just double-click the IntuneWinAppUtil executable, you will have to manually input the locations.

2. Intune Deployment

The application deployment process is standard and similar to any other application

Here are a few hints for setting it up:

  1. Install command should be dope_security_<build number>.exe -silent

  2. Uninstall command: dope_security_<build number>.exe -silent -uninstall AT_PASSWORD=<password>

  3. Detection rule: C:\Program Files\ Folder: dope.security and use the File or Folder Existsdropdown

  4. Assignment: Required

3. Autopilot Provisioning

Ensure that you have removed dope.security from "blocking apps" in Autopilot, and instead, keep it as a required app. Blocked apps will prevent the enrollment process from successfully completing.

If you have this setup correctly, there will not be any issue during initial Entra-device joining.

If missing, the installer automatically installs the (dependency). This causes a VC++ download prior to the dope.endpoint installation. Very rarely, this can cause install failures during managed deployments (bad network etc). To avoid, stage an Intune install of VC++ first

Microsoft docs are located .

Microsoft docs are located .

When a new device is entra joined for the first time, it will run through the to install prior to allowing a user access to the system. Sometimes, the Intune configured application can automatically be a part of the Blocking Apps inside of Autopilot which will naturally cause a conflict.

Visual C++ redistributable
here
here
checklist of apps
IntuneWin File Prep
Intune Deployment
Autopilot Provisioning