Retrieve MSI / Win32 app setup files uploaded on Intune

There is no easy method to download the line of business MSI application setup file which has been uploaded to Intune. Once you create an application deployment on Intune admin center using any method, application setup files are uploaded to the storage space maintained by microsoft.

But there could be a scenario where you want to download application setup files. This could be either for testing purpose or uninstallation of the same app using the application Installer.

Recently, I came across a situation when I was upgrading zoom application on all devices. Zoom version installed on user’s devices was very old and there was no MSI file existed for the old version of zoom application anywhere on the Internet. Zoom Support website also only contain the latest version of the application.

Therefore, for uninstalling the application either you can use msiexec command with uninstallstring which was available but did not work for me. The last option was to retrieve the MSI file which was deployed on users devices and use it to uninstallation the app.

Let’s just say that you have a Line Of business app called Zoom 5.4 deployed to all the company devices. This application is deployed using Intune, you don’t have the application setup file anymore and the MSI installer is also not available on the Internet.

If you want to get the Zoom 5.4 application files, you will not be able to simply download it from the Microsoft Intune admin center. For retrieving application files, you can deploy the application to a device which does not have this app installed.

Intune caches the application files temporarily on local system for Installation and when the installation is completed, the setup/application files are deleted. So there is a time window of few seconds to few minutes when you can copy the cached application files and save it in some other folder.

Where Intune downloads / cache’s Line of Business MSI on end user device ?

Intune windows LOB MSI files are cached at C:\Windows\system32\config\systemprofile\AppData\Local\mdm location. However, you may or may not find the cached files at this location depending upon if the application has been deployed in User or System Context.

If the application has been deployed in user context then you can find the cached files at this location: C:\Users\<username>\AppData\Local\mdm. In my case Zoom 5.4 was being deployed in user context so the cache location for this application was C:\Users\<username>\AppData\Local\mdm.

The application installation was very quick and the file disappeared in couple of seconds. If you are not quick then you will not find the application in cache folder. Only option is to re-deploy the application on a new device and try to copy the application again.

Where Intune downloads / cache’s Win32 app on the end user device ?

If you are deploying Win32 apps via Intune the files for Intune Win32 app are cached at C:\Program Files (x86)\Microsoft Intune Management Extension\Content location.

You can also check the InstallSource Registry entry at HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall location from one of the device where this application is already deployed. After you have got the location, you can deploy this application on a fresh device and continuously monitor this location on that device. Intune will cache the application setup files at this location. You can quickly copy the setup files from here to any other folder.

In the screenshot below, you can see the InstallSource for Google Chrome is showing as C:\Windows\system32\config\systemprofile\AppData\Local\mdm. Therefore, you need to monitor this location to retrieve Google Chrome Installation files. Same goes for any other application as well. In the case of Zoom 5.4 application, InstallSource location was showing as C:\Users\<username>\AppData\Local\mdm where I found the setup files cached by Intune and copied it to another folder for later use.

If you do not find the application at HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall location. You can also check the registry key to find the application InstallSource location: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall
InstallSource location for Google Chrome Application
InstallSource location for Google Chrome Application

Where Intune downloads / cache’s Powershell script on the end user device ?

You can deploy powershell scripts to end user devices using Intune by going to Microsoft Intune admin center > Devices > Scripts. The scripts are first downloaded on end user device and then executed either in User context or Device context depending upon the settings configured on Intune admin center.

The Intune powershell scripts are downloaded at C:\Program Files (x86)\Microsoft Intune Management Extension\Policies\Scripts location and deleted after the script execution is completed. So you may generally find this folder empty.

In case you want to retrieve a script from this location, first you need to deploy the script on a device where this script has never been deployed and monitor this location. You will have to be quick to copy the script to another folder before it gets deleted by Intune Management Extension.

Below is an example script for Zoom Uninstallation which I have deployed on the devices.

Example Powershell script deployed using Intune
Example Powershell script deployed using Intune

How to find the status of Powershell script deployed from Intune

To verify the status of powershell script deployment, you can either check the deployment status of the script from Intune admin center or you can check the status of the Powershell script deployment from target device as well. I will show you both the methods to you for verifying the status of Powershell script deployment using Intune.

Find status of Powershell script deployment from Intune admin center

  • Go to Devices > Scripts
  • Click on the Powershell Script and check Overview page.
  • Overview page shows Device status and User status to verify the deployment status.

Find status of Powershell script deployment from Windows registry

To confirm if powershell script deployed via Intune has been executed successfully, you can open Windows registry editor and check its status by using below steps. For checking Powershell script status using Windows registry, you will need Policy ID of the powershell script deployment. Let’s check the steps to find Policy Id:

Find Policy Id of Powershell script deployment

To find Policy Id of powershell script deployment using Intune admin center follow below steps:

  • Login on Microsoft Intune admin center
  • Go to Devices > Scripts under Policy section
  • Click on the Script deployment and copy its Policy Identifier value using browser Address bar

Find policy Id of powershell script deployment from Intune admin center
Find policy Id of powershell script deployment from Intune admin center
  • Go to Start and search for Registry Editor. Click on it to open registry editor
  • Navigate to registry Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IntuneManagementExtension\Policies
  • Under it you will find a registry key with powershell script deployment Policy Id. Check the Result registry entry to find deployment status. As you can see from below screenshot, Result shows as Success.
Find result of powershell script deployment from Windows registry
Find result of powershell script deployment from Windows registry


In this blog post, we learned that how to retrieve MSI setup files which you have uploaded on Intune. Microsoft does not provide any option to download MSI files from Intune admin center. Therefore, you have to copy the files after assigning the application to a target device.

Continue to monitor the cache location on target device to retrieve setup files. Intune management extension will remove the setup files after application has been Installed on the device.