Installing using Intune on Win

Use Intune to mass-deploy to all corporate devices. There are two primary steps, and one optional:

  1. IntuneWin File Prep: A Microsoft binary that prepares the zip for deployment

  2. Intune Deployment: The series of steps to deploy the installer

  3. Autopilot Provisioning (Optional): Automated installation of applications when a new laptop is Entra joined

If missing, the installer automatically installs the Visual C++ redistributable (dependency). This causes a VC++ download prior to the dope.endpoint installation. Very rarely, this can cause install failures during managed deployments (bad network etc). To avoid, stage an Intune install of VC++ first

1. Prepare IntuneWin File

Intune requires a Win32 "preparation" process before uploading to the Intune console. You'll perform this step first.

Microsoft docs are located here.

Download IntuneWinAppUtil, and use it to prepare the .intunewin package with this PowerShell command modified for version:

IntuneWinAppUtil -c .\dope_security_windows_1.0.x -s .\dope_security_windows_1.0.x\dope_security_x.exe -o .\ -q

Ensure that you use PowerShell for the above one-line command to work. If you just double-click the IntuneWinAppUtil executable, you will have to manually input the locations.

2. Intune Deployment

The application deployment process is standard and similar to any other application

Microsoft docs are located here.

Here are a few hints for setting it up:

  1. Install command should be dope_security_<build number>.exe -silent

  2. Uninstall command: dope_security_<build number>.exe -silent -uninstall AT_PASSWORD=<password>

  3. Detection rule: C:\Program Files\ Folder: dope.security and use the File or Folder Existsdropdown

  4. Assignment: Required

3. Autopilot Provisioning

When a new device is entra joined for the first time, it will run through the checklist of apps to install prior to allowing a user access to the system. Sometimes, the Intune configured application can automatically be a part of the Blocking Apps inside of Autopilot which will naturally cause a conflict.

Ensure that you have removed dope.security from "blocking apps" in Autopilot, and instead, keep it as a required app. Blocked apps will prevent the enrollment process from successfully completing.

If you have this setup correctly, there will not be any issue during initial Entra-device joining.

PreviousUsing IntuneNextMac Installer

Last updated