How to handle faster creating apps in Intune

Question

Hi guys,

I need your help and advices with creating apps in Intune. Currently we are moving to deployment of apps over Intune and I face the following problem. I use Intune preparation tool to create intunewin file which is working without any problem. Then, when I begin to create app in Intune come problems.

1. If I use an msi with Intune preparation tool, it works great, but when I use exe, I have to manually find install and uninstall command.
2. Then by detection rules, I can't go proceed further until I provide some information - msi or file or registry. Here is the second big issue because you have to dig it in registry for example to find such information.
3. By dependencies - I can select only apps which I've uploaded/created using intunewin which means I have to upload needed dependencies as well as intunewin extension.

I have to upload/create a lot of apps, which are only exe and can't find msi files. For example, I have to upload/create Asp Net CoreFramework, .NET Core, .NET Core Desktop Runtime and not only 1 version but 8, 9, 10 because of the other software which depends on old versions. This is as well valid for Visual C++ Redistributable and so on, and so on.

It looks like that I have to install every software (present and future) to a test VM and dig in to find all information needed before creating App in Intune with intunewin extension.

Do you have advice or suggestions or software (free) how to do it faster? I've checked as well Orca to see if I can get all information directly from the exe but didn't work as expected. This is such a huge burden to handle all apps.

Thanks in advance

Answer 1

For faster and more scalable app creation in Intune, focus on standardizing how Win32 apps are packaged and using Intune features that reduce per‑app manual work.

1. Prefer MSI/MSIX or cataloged apps where possible

• MSIX and MSI packages carry standardized install/uninstall and detection metadata, so Intune does not require manual silent switches or complex detection rules.
• For MSIX:
  • When adding a Windows line-of-business app in Intune, install parameters are standardized and do not need to be configured manually. App information (name, description, publisher) is auto-populated.
  • MSIX can be deployed via Intune as a line-of-business app. See MSIX App Distribution.
• For MSI:
  • When an MSI is wrapped as a Win32 app, the install/uninstall commands are predictable (msiexec /i / msiexec /x) and detection can be based on the MSI product code.

2. Use Enterprise App Management where available

• Enterprise App Management (Intune Suite add-on) provides an Enterprise App Catalog of prepared Win32 apps hosted by Microsoft.
• These apps are already prepared as Win32 apps (silent install commands, detection, etc.), significantly reducing manual work.
• This is particularly useful for common runtimes like .NET and Visual C++ Redistributables when they are available in the catalog.
• See: Enterprise Application Management section in the Intune app configuration guidance.

3. Standardize Win32 packaging and validation workflow For EXE-based apps that must be deployed as Win32 (.intunewin):

a) Always validate silently on a test VM first

• Install the EXE manually on a test device before packaging, as recommended:
  • Confirm the app supports silent installation.
  • Confirm the correct install command (e.g., vendor-documented /quiet, /silent, etc.).
  • Identify the installation folder and any registry keys or files that can be used for detection.
• This one-time validation per product/version avoids repeated troubleshooting after deployment.

b) Use the Win32 Content Prep Tool consistently

• Convert EXE/MSI to .intunewin using the Microsoft Win32 Content Prep Tool.
• Then in Intune:
  • Define Install command and Uninstall command once per app.
  • Be careful with commands, as harmful commands can be passed via these fields.
  • If PowerShell is required, and 64-bit execution is needed, use:
    • %SystemRoot%\Sysnative\WindowsPowerShell\v1.0\powershell.exe

c) Use robust detection rules

• Win32 apps support detection rules so the app installs only when not already present.
• Detection can be based on:
  • File existence/version in the install directory.
  • Registry keys/values created by the installer.
  • MSI product code (for MSI-based packages).
• For EXE-only installers, once a reliable file or registry path is identified on the test VM, reuse that pattern for all devices.

4. Leverage dependencies for runtimes (but package once per version)

• Win32 app dependencies allow defining install order and prerequisites.
• For frameworks like .NET Core, .NET Desktop Runtime, and Visual C++ Redistributables:
  • Create one Win32 app per version (e.g., .NET 6 Desktop Runtime, .NET 7, VC++ 2015–2022 x64, etc.).
  • Use these as dependency apps for line-of-business applications that require them.
• Intune will:
  • Check dependencies first.
  • Install dependent apps in the correct sequence.
• Note: Only apps created as Win32 (.intunewin) can be used as dependencies, so runtimes must be packaged this way.

5. Use detection and applicability to avoid redundant installs

• Detection rules ensure an app is not reinstalled if already present.
• Applicability rules (requirements) can be used to:
  • Target specific OS versions, architectures, or other criteria.
  • Optionally run a PowerShell script requirement check uploaded to Intune.
• This is useful when multiple runtime versions are required but should only install when needed.

6. Understand the Win32 deployment flow to troubleshoot faster

• The Intune Management Extension (IME) processes Win32 apps in a defined sequence:
  • Checks dependencies.
  • Evaluates detection rules.
  • Evaluates applicability/requirements (including optional PowerShell checks).
  • Downloads content, verifies hash, decrypts, unzips, then executes the installer.
• Knowing this flow helps quickly identify whether an issue is with detection, dependencies, or the install command.

7. Consider app type alternatives where possible

• For some apps, using Microsoft Store app (new) or web link can be faster than Win32 packaging:
  • Microsoft Store app (new):
    • Create via Intune: Apps > All apps > Create > Microsoft Store app (new).
    • Search and select the app from the Store.
    • Most admins deploy in system context for shared/education devices.
  • Web apps:
    • Create via Windows web link for SaaS or web-based tools.

8. For large portfolios, plan a phased standardization

• Start with:
  • Common runtimes (all VC++ versions, .NET, ASP.NET Core runtimes) as reusable Win32 packages with strong detection.
  • Core line-of-business apps.
• Then:
  • Move remaining apps to MSI/MSIX where possible.
  • Use Enterprise App Management for catalog apps to avoid manual packaging.

This approach reduces per-app manual work to a one-time effort per product/version, and then reuses those definitions via dependencies and detection rules.

---

References:

• Configure applications with Microsoft Intune (windows)
• Support Tip - Understanding the flow behind deployment, delivery, and processing of a Win32 application through Intune
• Add, Assign, and Monitor a Win32 App in Microsoft Intune
• MSIX App Distribution
• Applications deployment considerations
• Package a desktop app using third-party installers