DMG app is disk image file which with extension .dmg. This type of application will contain one or more applications (.app file) which you can deploy on macOS devices.
DMG file is not an Installer for the app but medium to distribute the application. You can compare this format to Windows ISO file format. You can simply download .dmg file for an application from application vendor’s website and create a deployment on Intune for macOS devices.
You may not find a .dmg file created for all the apps on the internet. But If you have .app file available instead of .dmg file then you can use Disk Utility Application on a macOS device. You can then create a disk image file (DMG) and then add the .app files after opening the DMG Image file and Save.
Please make a note of the prerequisites before you proceed to create a deployment on Intune:
- macOS devices must be enrolled into Intune.
- DMG application max file size is 2GB.
- It requires Intune management agent on macOS.
I have recently written blog posts on setting a desktop wallpaper on macOS device and also on macOS Intune troubleshooting via log collection. Today, we are going to see how to deploy DMG based Installer applications on macOS devices using Microsoft Intune.
Let’s take an example of Google chrome application deployment on macOS devices using Intune. We will download Google chrome DMG app file from google’s website and then deploy the file on end user’s devices.
Steps to deploy DMG app on macOS using Intune
We are using Google chrome application as an example application, however the steps given in this blog post can be used to deploy any other DMG app using Intune. Here are the steps:
- Download Google chrome DMG app
- Login on Microsoft Intune admin center
- Click on Apps > macOS > macOS apps
- Click on + Add to start the creation of deployment
- App type: macOS app (DMG)
- Click on Select button to proceed
App Information tab
Click on Select app package file to select .dmg application installer. Browse to App package file and then click on OK button to proceed.
- Name: Provide a unique name of the application. This name will appear on Company Portal app.
- Description: Provide a description of the application. This description will show on Company Portal app.
- Publisher: Provide the publisher name.
Rest of the Information is optional to fill. However if you have all the information about this application, Its recommended to fill in all the information. This will be helpful for other team members to know more about this particular application and could be helpful while troubleshooting any issues.
Requirements
In the requirements tab, select Minimum operating system as a condition for application installation. As all of my organization’s devices are on macOS Ventura 13.0. I will be selecting this option. Click on Next to proceed.
Detection rules
In the Detection rules tab, Select Ignore app version to Yes or No based on below criteria:
- Select Ignore app version = Yes If you want to app to be Installed when its not found on the target device. If the app is already there but the version number is different, it will be ignored and app will not be deployed.
- Select Ignore app version = No If you want to app to be Installed when its not found on the target device or the app version you are deploying is different than the one already Installed on the target device.
Generally when you are deploying a self updating application like Google chrome or Zoom, you should select Ignore the app version to Yes.
In the Included apps section, Provide App bundle ID (CFBundleIdentifier) and App version (CFBundleShortVersionString) information of the app. To find CFBundleIdentifier and CFBundleShortVersionString information, you can Install Google chrome dmg file (the same file you are deploying via Intune) on a test mac device and then use below commands on macOS terminal to find this info:
defaults read /Applications/Google\ Chrome.app/Contents/Info CFBundleIdentifier
defaults read /Applications/Google\ Chrome.app/Contents/Info CFBundleShortVersionString
If you do not prefer macOS terminal to find this info, then you can also use Finder app to locate Info.plist file for Google chrome. You can use below steps to locate this file:
- Go to Finder > Go > Go to Folder…
- Search for /Applications/Google Chrome.app/Contents/ path.
- Double click on searched path and find Info.plist file in Contents folder.
- Double-click on the file and search for
CFBundleIdentifierandCFBundleShortVersionStringvalues in the file.
Once you have got all the information, you can enter it in Detection rules tab, click Next and proceed.
Assignments
There are only two group assignments options. Required and Uninstall. Click on Add group and select an Azure AD group containing users or devices. If you prefer a more controlled deployment to specific devices only, then make sure to only add macOS devices in the Azure AD group. Once your testing is successful and you want to deploy this application on all Organization devices, you can click on + Add all devices.
Review + create
On Review + create page, review the app deployment information and click on Create to finish.
Intune Policy Refresh Cycle
The Device will Sync / Check in to start the app deployment process. It may take some time for the process to start. Therefore, if you are testing it on a test device, you can force initiate Intune refresh cycle on macOS device which will speed up the process. You can also use Powershell to force initiate Intune refresh cycle.
Also, you can restart the device first which also starts the device check-in process. Manual sync is not mandatory on user’s devices as the device check-in process happens automatically. But if you are testing this app deployment on a test device then this can speed up your testing and can save some time.
End user Experience
Let’s check the end user experience and see if the application is Installed as per the app deployment. After the device check-in process completes, the application will be installed on the device. You can go to the Applications directory to find Google Chrome in the list.
Finder > Go > Applications
Monitor app deployment using Intune admin center
You can monitor the app deployment from Intune admin center. Go to Apps > macOS > click on the application > Overview page will show the status of Installation similar to as shown in below screenshot.
In case of any issues or deployment failures, you can click on Device install status or User install status to know more details about the error description and error code.
macOS Intune deployment troubleshooting
If you face any issues with application deployment, you can refer to IntuneMDMDaemon*.log and IntuneMDMAgent*.log files. To find out the more information about how to locate these files on macOS device, you can refer to my other blog post: How To Collect Intune Logs From MacOS Device.
Conclusion
In this blog post, we have seen how to deploy DMG apps on macOS devices using Intune. We took an example of Google chrome application which is a common application used in most organizations. The app installation took couple of minutes after forcing the device check-in from Company portal app.