# Installing using Intune on Win {% embed url="" %} Use Intune to mass-deploy to all corporate devices. There are two primary steps, and one optional: 1. [IntuneWin File Prep](https://learn.microsoft.com/en-us/mem/intune/apps/apps-win32-prepare): A Microsoft binary that prepares the zip for deployment 2. [Intune Deployment](https://learn.microsoft.com/en-us/mem/intune/apps/apps-win32-add): The series of steps to deploy the installer 3. [Autopilot Provisioning](https://learn.microsoft.com/en-us/mem/intune/enrollment/windows-enrollment-status) (Optional): Automated installation of applications when a new laptop is Entra joined {% hint style="info" %} If missing, the installer automatically installs the [Visual C++ redistributable](https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist?view=msvc-170#latest-microsoft-visual-c-redistributable-version) (dependency). This causes a VC++ download prior to the dope.endpoint installation. Very rarely, this can cause install failures during managed deployments (bad network etc). To avoid, stage an Intune install of VC++ first {% endhint %} ## 1. Prepare IntuneWin File Intune requires a Win32 "preparation" process before uploading to the Intune console. You'll perform this step first. {% hint style="info" %} Microsoft docs are located [here](https://learn.microsoft.com/en-us/mem/intune/apps/apps-win32-prepare). {% endhint %} Download `IntuneWinAppUtil`, and use it to prepare the `.intunewin` package with this PowerShell command modified for version: ``` IntuneWinAppUtil -c .\dope_security_windows_1.0.x -s .\dope_security_1.0.x.exe -o .\ -q ``` {% hint style="warning" %} Ensure that you use PowerShell for the above one-line command to work. If you just double-click the IntuneWinAppUtil executable, you will have to manually input the locations. {% endhint %} ## 2. Intune Deployment The application deployment process is standard and similar to any other application {% hint style="info" %} Microsoft docs are located [here](https://learn.microsoft.com/en-us/mem/intune/apps/apps-win32-add). {% endhint %} Here are a few hints for setting it up: 1. Install command should be `dope_security_.exe -silent` 2. Uninstall command: `dope_security_.exe -silent -uninstall AT_PASSWORD=` 3. Detection rule: `C:\Program Files\` Folder: `dope.security` and use the `File or Folder Exists`dropdown 4. Assignment: `Required` ## 3. Autopilot Provisioning When a new device is entra joined for the first time, it will run through the [checklist of apps](https://learn.microsoft.com/en-us/mem/intune/enrollment/windows-enrollment-status#block-access-to-a-device-until-a-specific-application-is-installed) to install prior to allowing a user access to the system. Sometimes, the Intune configured application can automatically be a part of the **Blocking Apps** inside of Autopilot which will naturally cause a conflict. {% hint style="danger" %} Ensure that you have removed dope.security from "blocking apps" in Autopilot, and instead, keep it as a required app. Blocked apps will prevent the enrollment process from successfully completing. {% endhint %} If you have this setup correctly, there will not be any issue during initial Entra-device joining. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://inflight.dope.security/dope.endpoint/installing-using-intune-on-win.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.