IntuneBrew is a PowerShell-based tool that simplifies the process of uploading and managing macOS applications in Microsoft Intune. It automates the entire workflow from downloading apps to uploading them to Intune, complete with proper metadata and logos.
- π Table of Contents
- π¨ Public Preview Notice
- β¨ Features
- π¬ Demo
- π Getting Started
- π Usage
- π§ Configuration
- π Version Management
- π οΈ Error Handling
- π€ Troubleshooting
- π€ Contributing
- π License
- π Acknowledgments
- π Support
Important
π§ Public Preview Notice
IntuneBrew is currently in Public Preview. While it's fully functional, you might encounter some rough edges. Your feedback and contributions are crucial in making this tool better!
- π Submit Feedback
- π Report Bugs
- π‘ Request Features
Thank you for being an early adopter! π
Last checked: 2025-01-16 00:14 UTC
| Application | Previous Version | New Version |
|---|---|---|
| Google Chrome | 131.0.6778.265 | 132.0.6834.84 |
| Windows App | 11.0.8 | 11.0.9 |
| MongoDB Compass | 1.45.0 | 1.45.1 |
| Signal | 7.37.0 | 7.38.0 |
| Brave | 1.73.105.0 | 1.74.48.0 |
- π Automated app uploads to Microsoft Intune
- π¦ Supports both .dmg and .pkg files
- π Automatic version checking and updates
- πΌοΈ Automatic app icon integration
- π Progress tracking for large file uploads
- π Secure authentication with Microsoft Graph API
- π― Smart duplicate detection
- π« Bulk upload support
- π Automatic retry mechanism for failed uploads
- π Secure file encryption for uploads
- π Real-time progress monitoring
- PowerShell 7.0 or higher
- Microsoft Graph PowerShell SDK
- Azure App Registration with appropriate permissions OR Manual Connection via Interactive Sign-In
- Windows or macOS operating system
- Stable internet connection for large file uploads
- Sufficient disk space for temporary file processing
- Clone the repository:
- Install required PowerShell modules:
Install-Module Microsoft.Graph.Authentication -Scope CurrentUser- Configure your environment variables or update the config file with your Azure AD details.
.\IntuneBrew.ps1Follow the interactive prompts to:
- Select which apps to upload
- Authenticate with Microsoft Graph
- Monitor the upload progress
- View the results in Intune
| Application | Latest Version |
|---|---|
 Adobe Acrobat Pro DC |
24.005.20320 |
 Adobe Acrobat Reader |
24.004.20272 |
 Adobe Creative Cloud |
6.4.0.361 |
 Android Studio |
2024.2.2.13 |
 AnyDesk |
8.1.4 |
 Asana |
1.0 |
 BetterDisplay |
3.3.0 |
 Bitwarden |
2025.1.0 |
 Blender |
4.3.2 |
 Brave |
1.74.48.0 |
 Canva |
1.101.0 |
 Company Portal |
5.2412.0 |
 DeepL |
1.0 |
 Docker Desktop |
4.37.2,179585 |
 Dropbox |
215.4.7202 |
 Evernote |
10.105.4,20240910164757,a2e60a8d876a07eded5d212fa56ba45214114ad0 |
 Google Chrome |
132.0.6834.84 |
 Grammarly Desktop |
1.102.0.0 |
 KeePassXC |
2.7.9 |
 Krisp |
2.51.3 |
 Microsoft Teams |
24335.204.3298.2649 |
 Miro |
0.10.80 |
 MongoDB Compass |
1.45.1 |
 Mozilla Firefox |
134.0.1 |
 Notion |
4.3.0 |
 Obsidian |
1.7.7 |
 Parallels Desktop |
20.2.0-55872 |
 PowerShell |
7.4.6 |
 Raycast |
1.88.4 |
 Real VNC Viewer |
7.13.1 |
 Remote Help |
1.0.2404171 |
 RStudio |
2024.12.0,467 |
 Signal |
7.38.0 |
 Slack |
4.41.105 |
 Snagit |
2024.4.0 |
 Spotify |
1.2.53.440 |
 Suspicious Package |
4.5,1213 |
 Synology Drive |
3.5.1,16102 |
 Tableau Desktop |
2024.3.2 |
 TeamViewer QuickSupport |
15 |
 Todoist |
9.9.7 |
 UTM |
4.6.4 |
 VLC media player |
3.0.21 |
 Webex Teams |
45.1.0.31549 |
 Windows App |
11.0.9 |
 XMind |
25.01.01061-202501070704 |
 Zoom |
6.3.5.46181 |
Note
Missing an app? Feel free to request additional app support by creating an issue!
- Create a new App Registration in Azure
- Add the following API permissions:
- DeviceManagementApps.ReadWrite.All
- Update the parameters in the script with your Azure details.
- $appid = '' # App ID of the App Registration
- $tenantid = '' # Tenant ID of your EntraID
- $certThumbprint = '' # Thumbprint of the certificate associated with the App Registration
- Generate a self-signed certificate:
$cert = New-SelfSignedCertificate -Subject "CN=IntuneBrew" -CertStoreLocation "Cert:\CurrentUser\My" -KeyExportPolicy Exportable -KeySpec Signature -KeyLength 2048 -KeyAlgorithm RSA -HashAlgorithm SHA256 -NotAfter (Get-Date).AddYears(2)- Export the certificate:
$pwd = ConvertTo-SecureString -String "YourPassword" -Force -AsPlainText
Export-PfxCertificate -Cert $cert -FilePath "IntuneBrew.pfx" -Password $pwd- Upload to Azure App Registration:
- Go to your App Registration in Azure Portal
- Navigate to "Certificates & secrets"
- Upload the public key portion of your certificate
Apps are defined in JSON files with the following structure:
{
"name": "Application Name",
"description": "Application Description",
"version": "1.0.0",
"url": "https://download.url/app.dmg",
"bundleId": "com.example.app",
"homepage": "https://app.homepage.com",
"fileName": "app.dmg"
}IntuneBrew implements sophisticated version comparison logic:
- Handles various version formats (semantic versioning, build numbers)
- Supports complex version strings (e.g., "1.2.3,45678")
- Manages version-specific updates and rollbacks
- Provides clear version difference visualization
Version comparison rules:
- Main version numbers are compared first (1.2.3 vs 1.2.4)
- Build numbers are compared if main versions match
- Special handling for complex version strings with build identifiers
IntuneBrew includes robust error handling mechanisms:
-
Upload Retry Logic
- Automatic retry for failed uploads (up to 3 attempts)
- Exponential backoff between retries
- New SAS token generation for expired URLs
-
File Processing
- Temporary file cleanup
- Handle locked files
- Memory management for large files
-
Network Issues
- Connection timeout handling
- Bandwidth throttling
- Resume interrupted uploads
-
Authentication
- Token refresh handling
- Certificate expiration checks
- Fallback to interactive login
-
File Access Errors
- Ensure no other process is using the file
- Try deleting temporary files manually
- Restart the script
-
Upload Failures
- Check your internet connection
- Verify Azure AD permissions
- Ensure file sizes don't exceed Intune limits
-
Authentication Issues
- Verify your Azure AD credentials
- Check tenant ID configuration
- Ensure required permissions are granted
Contributions are welcome! Please feel free to submit a Pull Request. For major changes, please open an issue first to discuss what you would like to change.
- Fork the Project
- Create your Feature Branch (
git checkout -b feature/AmazingFeature) - Commit your Changes (
git commit -m 'Add some AmazingFeature') - Push to the Branch (
git push origin feature/AmazingFeature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
- Thanks to all contributors who have helped shape IntuneBrew
- Microsoft Graph API documentation and community
- The PowerShell community for their invaluable resources
If you encounter any issues or have questions:
- Check the Issues page
- Review the troubleshooting guide
- Open a new issue if needed
Made with β€οΈ by Ugur Koc