Intune: Deploy Office365 Applications
Ash RobertsTable of contents
Introduction
This article will look at how we can deploy Office 365 to Intune managed Windows devices both via the autopilot and to pre-deployed machines that maybe don't have Office 365 apps installed.
This will assume you have enrolled a Windows device in Intune with a deployment profile ready for Autopilot.
If you need help on this, please check out my Autopilot Deployment Article here to get started:
https://switchitup.tech/windows-autopilot-deployment
Configuring an Office Deployment
Intune makes it fairly easy to deploy Microsoft 365 apps to your machines with functionality baked straight in. You can use Intunes own configuration designer (GUI and pretty buttons) or XML for old school users that install via command line etc.
This article focuses on the Configuration Designer, but if you want a sample of XML deployment, please see my article
Create and Customize a Gold Image for an AVD Environment
https://switchitup.tech/create-and-customize-a-gold-image-for-an-avd-environment
There is a sample script that deploys Office via XML for a shared desktop environment.
So, to begin, in your endpoint point portal navigate to the following:
Apps > All Apps > +Add
This will open up the app type selection pane, we are going to select "Microsoft 365 Apps" + "Windows 10 and later"
This will bring up a nice pre-configured "App Suite Information" page, you don't need to change anything on here unless you really need to. If you want to make installation of an app optional you can make it available in the company portal. Users can access your company portal to install optional apps published through Intune. (But that is for another article)
Page 2 - "configure App Suite" is where we can add the magic sauce, we can pick what apps in the Office 365 package we wish to deploy. If we want to add Project or Visio to the installation. How we deal with Office updates. What architecture (32/64bit). General setup basics to default to on running.
Interestingly, if you are deploying to a shared machine (VDI) you can actually state this in the configuration designer and it will install Office in the appropriate manor for you.
If your machine comes pre-loaded with a version of Office, you can tell it to remove this first before it installs your correct version
What's great is this is in plain English, so it's easy to understand what each option does. In this demo I'm just going to push all basic 365 apps (excluding Project/Visio) on current channel, but you can see all my settings in the screenshot.
Page 3 - "Assignment" I'm simply going to deploy to my security group "Autopilot_Deployment", matching my deployment profile as a REQUIRED application. Again, you can tailor this to specific machines so you can target individual groups. You may have a CAD application that should only be pushed to Graphic Designers you can achieve this through the group assignments.
If you have machines already enrolled, you can make it available to them by assigning groups to "Make available for enrolled devices" and this will push the application down. Also, if you have deployed the application to EVERYONE and you want to remove it from certain machines/group of users you have the "uninstall option" I'm doing a fresh autopilot build so I'm happy to use the first option.
We can now "Review and Create" we will then find what we have configured back under our "Apps > All Apps" section
Testing
We should now run our machine through the Autopilot build phase and on logging in after deployment the apps should be ready for us to use. As a side note if you configured an Enrollment status page (ESP) and selected block use of the machine until all apps are installed you will need to wait for the installation of Office to complete before you can use the machine. If not, you may sign on and find the applications are still installing so be patient.
For more information on ESP see my article here
https://switchitup.tech/intune-setting-up-a-device-enrollment-status-page
After autopilot is deployed I can check for the Office apps, which are all present on the machine:
If you go back into your endpoint portal and click on "Apps" you can see deployment statuses of applications pushed, as you can see, we have our Office 365 apps deployment with 0 install errors.
you can also drill down and see which devices/users have the applications installed. again any installations are highlighted with any reasons why it may have failed.
Summary
Congratulations you have learned how to push Microsoft 365 applications to your end user devices via Intune and during Autopilot deployments. We also briefly looked at how to verify the apps have deployed or where you can locate deployment errors to troubleshoot issues.
Subscribe to my newsletter
Read articles from Ash Roberts directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by
Ash Roberts
Ash Roberts
I am a technical consultant for a fast growing MSP. Due to the nature of my job I have quite a range of real world experience focusing around server/cloud(Azure) infrastructures, network design, installation and configuration all across multiple vendors such as Microsoft/Cisco/HP Aruba/FortiNet to name a few. All which, I am trying to share with yourselves. Whether you are new to the IT landscape or a veteran I hope there is something for you as my content grows. Currently hold certifications in following: Aruba switching CCNA route and switch CCNA cyber ops CCNA security MCSA windows 10 MCSA server 2016 MCSE core infrastructure Azure Administrator (az104) O365 administrator expert (ms100/101) Modern desktop administrator (md100/101) Hybrid server administrator (az800/801) Azure virtual Desktop specialty (AZ140) So, join me on my learning journey as well as work experience!