Microsoft Intune is a cloud-based service used to deploy, authenticate, and ensure security compliance on every device in the company.
Intune deployment involves selecting an application package, configuring device groups, and syncing with the devices.
β
For Windows:
Sign in to the Microsoft Intune Admin Center, and navigate to Devices.
Under By Platform, click on Windows. Then click Scripts and Remediations.
Click on Platform Scripts. Hit Add to add a new script. Give the script a name and description, then hit Next.
Under Script Settings, upload the Powershell script using the Script Location option. Copy and save the script from SuperOps as a .ps1 file. You can find the script in SuperOps by going to Assets > Download Agent > Select the Client and Site > Bulk Deployment > Copy the Windows script.
Set Run this script using the logged on credentials to No, Enforce script signature check to No, and Run script in 64 bit Powershell Host to Yes. Hit Next once done.
Under Assignments, select how you would like to apply the script. Then, hit Next.
Review the script and hit Add. Your new script now will appear under Platform Scripts.
The agent will be installed on your assets once the next Intune Sync begins. Click on the script to view the device status and user status.
π Note: Installation might take around 10 minutes.
For Mac:
Sign in to the Microsoft Intune Admin Center, and navigate to Devices.
Under By Platform, click on macOS. Then click Scripts.
Click on Platform Scripts. Hit Add to add a new script. Give the script a name and description, then hit Next.
Under Script Settings, upload the below script using the Upload script option. Copy and save the script from SuperOps as a .bash file. You can find the script in SuperOps by going to Assets > Download Agent > Select the Client and Site > Bulk Deployment > Copy the Mac script.
Scroll down and set Run script as signed-in user to No.
Set Hide script notification on devices to Yes.
Under Assignments, select how you would like to apply the script. Then, hit Next.
Review the script and hit Add. Your new script now will appear under Platform Scripts.
The agent will be installed on your assets once the next Intune Sync begins. Click on the script to view the device status and user status.
π Note: Installation might take around 10 minutes.
For Linux:
Sign in to the Microsoft Intune Admin Center, and navigate to Devices.
Under By Platform, click on Linux. Then click Scripts.
Click on Platform Scripts. Hit Add to add a new script. Give the script a name and description, then hit Next.
Under Configuration Settings, upload the below Bash script under Execution script. Copy and save the script from SuperOps as a .bash file. You can find the script in SuperOps by going to Assets > Download Agent > Select the Client and Site > Bulk Deployment > Copy the Linux script.
Set Execution context to Root, define Execution frequency and Execution retries. Hit Next once done.
Set Scope Tags to Default. Hit Next.
Under Assignments, select how you would like to apply the script. Then, hit Next.
Review the script and hit Add. Your new script now will appear under Platform Scripts.
Click on the script to view the device status and user status.
π Note: Installation might take around 10 minutes.
Script Files
If you are copying the script from here, please ensure you replace the <Download URL> placeholder with your actual MSI download URL.
Windows:
$msiPath='<Download URL>'; $log=''; $logFolder=$env:ProgramData+'\\SOPGPO'; if (!(Test-Path -Path $logFolder -PathType Container)) { try { New-Item -Path $logFolder -ItemType Directory -Force; $log='SOPGPO folder created' } catch { Write-Host 'Error in creating log folder'; Write-Host $_.Exception.Message; [Environment]::Exit(1) } } else { $log='SOPGPO Folder already exists' }; $logpath=Join-Path -Path $logFolder -ChildPath 'sopgpoLog.txt'; try { New-Item -Path $logpath -ItemType File -Force } catch { Write-Host 'Error in creating log file'; Write-Host $_.Exception.Message; [Environment]::Exit(1) }; function Addlog { param ([string]$content); try { Add-Content -Path $logpath -Value $content } catch { Write-Host 'Error in adding log'; Write-Host $_.Exception.Message } }; Addlog -content 'Starting installation using GPO'; Addlog -content $log; try { $package = Get-WmiObject -Class Win32_Product | Where-Object { $_.IdentifyingNumber -contains '{3BB93941-0FBF-4E6E-CFC2-01C0FA4F9301}' }; if($package) { Addlog -content 'Superops is already installed'; Addlog -content 'Exiting the Installation'; [Environment]::Exit(1) } else { Addlog -content 'Checked for existence of superops: False' } } catch { Write-Host 'Error in checking the installation of Superops'; Write-Host $_.Exception.Message; Addlog -content 'Error while checking superops' }; Addlog -content 'Checking existence of File'; $file=Split-Path -Path $msiPath ; if (!(Test-Path -Path $file -PathType Any )) { Addlog -content 'MSI not found in given path' }; Addlog -content 'Checking File accessibility'; $folderName = [System.IO.Path]::GetFileName($file); $installlogpath=Join-Path -Path $logFolder -ChildPath 'SOPGPOinstall.log'; try { $fileName=Split-Path -Path $msiPath -Leaf;Write-Host "$fileName"; $fileNameDownload = Join-Path -Path $logFolder -ChildPath $fileName ; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Write-Host -Outfile $fileNameDownload; invoke-WebRequest -Uri $msiPath -Outfile $fileNameDownload; $process=Start-Process -FilePath msiexec -ArgumentList /i,$fileNameDownload,/qn,LicenseAccepted=YES,/L*V,$installlogpath -Wait -PassThru; Write-Host exit Status $process.ExitCode.ToString();Addlog -content "exit status"; Addlog -content $process.ExitCode.ToString(); if ($process.ExitCode -ne 0) { process $process; [Environment]::Exit($process.ExitCode);}} catch { Write-Host 'Error in Installation'; Write-Host $_.Exception.Message; Addlog -content 'Error in Installation'; Addlog -content $_.Exception.Message; [Environment]::Exit(1) }; Addlog -content 'Installation Success'; [Environment]::Exit(0)
Mac:
#!/bin/sh
url="<Download URL>"
silentInstall="true"
LOG_NAME="/Users/Shared/superopsInstallationLog.log"
echo "Starting Installing" > $LOG_NAME
waitForProcess () {
processName=$1
fixedDelay=$2
terminate=$3
echo "$(date) | Waiting for other [$processName] processes to end"
while ps aux | grep "$processName" | grep -v grep &>/dev/null; do
if [[ $terminate == "true" ]]; then
echo "$(date) | + [$appname] running, terminating [$processpath]..."
pkill -f "$processName"
return
fi
if [[ ! $fixedDelay ]]; then
delay=$(( $RANDOM % 50 + 10 ))
else
delay=$fixedDelay
fi
echo "$(date) | + Another instance of $processName is running, waiting [$delay] seconds"
sleep $delay
done
echo "$(date) | No instances of [$processName] found, safe to proceed"
}
checkForRosetta2 () {
echo "$(date) | Checking if we need Rosetta 2 or not"
waitForProcess "/usr/sbin/softwareupdate"
OLDIFS=$IFS
IFS='.' read osvers_major osvers_minor osvers_dot_version <<< "$(/usr/bin/sw_vers -productVersion)"
IFS=$OLDIFS
if [[ ${osvers_major} -ge 11 ]]; then
processor=$(/usr/sbin/sysctl -n machdep.cpu.brand_string | grep -o "Intel")
if [[ -n "$processor" ]]; then
echo "$(date) | $processor processor installed. No need to install Rosetta."
else
if /usr/bin/pgrep oahd >/dev/null 2>&1; then
echo "$(date) | Rosetta is already installed and running. Nothing to do."
else
/usr/sbin/softwareupdate --install-rosetta --agree-to-license
if [[ $? -eq 0 ]]; then
echo "$(date) | Rosetta has been successfully installed."
else
echo "$(date) | Rosetta installation failed!"
exitcode=1
fi
fi
fi
else
echo "$(date) | Mac is running macOS $osvers_major.$osvers_minor.$osvers_dot_version."
echo "$(date) | No need to install Rosetta on this version of macOS."
fi
}
createDirectory() {
DIRECTORY="/Users/Shared/SuperopsInstaller"
if [ ! -d "$DIRECTORY" ]; then
mkdir -p "$DIRECTORY"
echo "Directory created at: $DIRECTORY"
fi
}
writeSilentProperty() {
configFile="/Users/Shared/SuperopsInstaller/soppinstallconfig.properties"
echo "Silent_Install=$silentInstall" > $configFile
}
checkForRosetta2
createDirectory
writeSilentProperty
echo "Installing" >> $LOG_NAME
export URL=$url && export baseName="$(basename $URL)" && export downLoadFile="/Users/Shared/$baseName" && curl --url "$URL" --output "$downLoadFile" && cd /Users/Shared && sudo -S installer -dumplog -pkg "$baseName" -target /
t=$?
if [ -f "$configFile" ]; then
rm -f "$configFile"
fi
echo "$t is" >> $LOG_NAME
if [ $t -ne 0 ]; then
echo "Failed to Install $t" >> $LOG_NAME
exit 1
fi
echo "Installation success" >> $LOG_NAME
exit 0
Linux:
#!/bin/bash
url="<Download URL>"
echo "Installing"
export URL=$url && export baseName="$(basename $URL)" && wget --secure-protocol=TLSv1_2 $URL -O "/tmp/$baseName" && sudo chmod a+x /tmp/$baseName && sudo /tmp/$baseName --quiet yes --AcceptLicense yes --verbose yes 2>&1 | sudo tee /tmp/superopsInstallation.log
t=$?
if [ $t -ne 0 ]; then
echo "Failed to Install $t"
exit 1
fi
echo "Installation success"
exit 0