IntuneBrew is a PowerShell-based tool that simplifies the process of uploading and managing macOS applications in Microsoft Intune. It automates the entire workflowβfrom downloading apps to uploading them to Intune with proper metadata and icons.
This project uses publicly available metadata from Homebrewβs JSON API. Homebrew is a registered trademark of its respective owners and is not affiliated with or endorsing this project.
- Watch the full walkthrough of the tool:
- Table of Contents
- π Latest Updates
- β¨ Features
- π Getting Started
- π Usage
- π§ Configuration
- π Version Management
- π οΈ Error Handling
- π€ Troubleshooting
- π€ Contributing
- π License
- π Acknowledgments
- π Support
Last checked: 2025-07-01 00:34 UTC
| Application | Previous Version | New Version |
|---|---|---|
| Mozilla Firefox Developer Edition | 141.0b3 | 141.0b4 |
| Studio 3T | 2025.11.0 | 2025.12.0 |
| Rocket.Chat | 4.6.0 | 4.7.0 |
| JetBrains Rider | 2025.1.3 | 2025.1.4 |
| Skim | 1.7.10 | 1.7.11 |
| CotEditor | 5.1.8 | 5.2.0 |
| Zoom | 6.5.1.58208 | 6.5.3.58803 |
| Discord | 0.0.351 | 0.0.352 |
| DuckDuckGo | 1.144.0 | 1.145.0 |
| Zed | 0.192.7 | 0.192.8 |
| pgAdmin4 | 9.4 | 9.5 |
| NordVPN | 8.40.1 | 9.0.1 |
| Insta360 Studio | 5.6.2 | 5.6.4 |
| Cloudflare WARP | 2025.4.943.0 | 2025.5.893.0 |
- π Automated app uploads to Microsoft Intune
- π¦ Supports both .dmg and .pkg files
- π Automatic version checking and updates
- πΌοΈ Automatic app icon integration
- π Progress tracking for large file uploads
- π Secure authentication with Microsoft Graph API
- π― Smart duplicate detection
- π« Bulk upload support
- π Automatic retry mechanism for failed uploads
- π Secure file encryption for uploads
- π Real-time progress monitoring
- PowerShell 7.0 or higher
- Administrator rights (script must be installed as administrator, specially if you use "Install-Script IntuneBrew -Force")
- Microsoft.Graph.Authentication Module must be installed
- Azure App Registration with appropriate permissions OR Manual Connection via Interactive Sign-In
- Windows or macOS operating system
Download the script: IntuneBrew.ps1
Run the script:
.\IntuneBrew.ps1Follow the interactive prompts to:
- Select which apps to upload
- Authenticate with Microsoft Graph
- Monitor the upload progress
- View the results in Intune
.\IntuneBrew.ps1 -Upload "google_chrome", "slack", "zoom"Uploads the specified apps directly without interactive selection.
.\IntuneBrew.ps1 -UpdateAllUpdates all applications that have newer versions available.
.\IntuneBrew.ps1 -LocalFileUpload local PKG or DMG files to Intune with interactive prompts.
.\IntuneBrew.ps1 -UpdateAll -CopyAssignmentsWhen updating apps, copy assignments from existing versions to new versions.
.\IntuneBrew.ps1 -UpdateAll -UseExistingIntuneAppUpdates existing Intune app entries instead of creating new ones. This prevents duplicate app entries in Intune.
.\IntuneBrew.ps1 -UpdateAll -ConfigFile "clientSecret.json"Use a configuration file for non-interactive authentication. This enables automation. See the Configuration section for setup details.
# Add prefix to app names
.\IntuneBrew.ps1 -Upload "slack" -AppNamePrefix "Corporate "
# Add suffix to app names
.\IntuneBrew.ps1 -Upload "zoom" -AppNameSuffix " - Mac"
# Use both prefix and suffix
.\IntuneBrew.ps1 -Upload "chrome" -AppNamePrefix "Company " -AppNameSuffix " (Managed)"Customize how app names appear in Intune by adding prefixes and/or suffixes.
.\IntuneBrew.ps1 -Upload "example_app" -PreInstallScriptPath "./scripts/pre-install.sh" -PostInstallScriptPath "./scripts/post-install.sh"Execute custom scripts before or after PKG installations.
| Application | Latest Version |
|---|---|
 1Password |
8.10.82 |
 A Better Finder Rename |
12.13 |
 Abstract |
98.6.2 |
 Acorn |
8.1.1 |
 Acronis True Image |
29.2 |
 AdGuard |
2.17.1.1982 |
 Adobe Acrobat Pro DC |
25.001.20529 |
 Adobe Acrobat Reader |
25.001.20529 |
 Adobe Creative Cloud |
6.7.0.278 |
 Advanced Renamer |
4.13 |
 AirBuddy |
2.7.3 |
 Aircall |
3.1.66 |
 Airfoil |
5.12.4 |
 AirParrot |
3.1.7 |
 Airtable |
1.6.6 |
 Airy |
3.29.2 |
 Alacritty |
0.15.1 |
 Alcove |
1.2.5 |
 Alfred |
5.6.2 |
 AltTab |
7.25.0 |
 Amadine |
1.6.7 |
 Amazon Chime |
5.23.22356 |
 Amazon Q |
1.12.1 |
 Android Studio |
2025.1.1.13 |
 Angry IP Scanner |
3.9.1 |
 Anki |
25.02.7 |
 Antinote |
1.1.7 |
 Any.do |
5.0.68 |
 AnyDesk |
9.0.2 |
 Apidog |
2.7.19 |
 Apifox |
2.7.19 |
 Apparency |
2.2 |
 Arc |
1.101.0 |
 Archaeology |
1.3 |
 Arduino IDE |
2.3.6 |
 Asana |
2.4.1 |
 Asset Catalog Tinkerer |
2.9 |
 Atlassian SourceTree |
4.2.12 |
 Audacity |
3.7.4 |
 Audio Hijack |
4.5.1 |
 Autodesk Fusion 360 |
latest |
 AWS Client VPN |
5.2.1 |
 AWS Corretto JDK |
21.0.7.6.1 |
 Azul Zulu Java Standard Edition Development Kit |
24.0.1 |
 Azure Data Studio |
1.52.0 |
 Background Music |
0.4.3 |
 Badgeify |
1.7.0 |
 Bambu Studio |
02.01.01.52 |
 Bartender |
5.3.7 |
 Basecamp |
3 |
 BatFi |
2.4.2 |
 BBEdit |
15.5.1 |
 Beeper |
4.0.779 |
 BetterDisplay |
3.5.6 |
 BetterMouse |
1.6 |
 BetterTouchTool |
5.499 |
 BetterZip |
5.3.4 |
 Beyond Compare |
5.1.0.31016 |
 Binary Ninja |
5.0.7648 |
 Bitwarden |
2025.6.0 |
 Bitwig Studio |
5.3.8 |
 Blender |
4.4.3 |
 BLEUnlock |
1.12.2 |
 blip |
1.1.8 |
 Blizzard Battle.net |
1.18.10.3141 |
 BlurScreen |
1.0 |
 BoltAI |
1.35.3 |
 Bome Network |
1.6.0 |
 Boop |
1.4.0 |
 Boxcryptor |
3.13.680 |
 Brave |
1.80.113.0 |
 BreakTimer |
1.3.2 |
 Bruno |
2.6.1 |
 BusyCal |
2025.2.2 |
 BusyContacts |
2025.2.2 |
 Caffeine |
1.5.3 |
 calibre |
8.5.0 |
 Calmly Writer |
2.0.59 |
 Camtasia |
25.1.2 |
 Canva |
1.111.0 |
 CapCut |
3.3.0.1159 |
 ChatGPT |
1.2025.168 |
 ChatWise |
0.8.71 |
 Chrome Remote Desktop |
138.0.7204.6 |
 Cisco Jabber |
20250430033337 |
 Citrix Workspace |
25.03.10.24 |
 Claude |
0.11.6 |
 CleanMyMac |
5.1.1 |
 CleanShot |
4.8 |
 CLion |
2025.1.3 |
 Clipy |
1.2.1 |
 Clop |
2.10.1 |
 Cloudflare WARP |
2025.5.893.0 |
 CodeEdit |
0.3.4 |
 CodeRunner |
4.4.1 |
 Company Portal |
5.2504.2 |
 Copilot for Xcode |
0.35.8 |
 CopyClip |
2.9.99.2 |
 CotEditor |
5.2.0 |
 Cryptomator |
1.17.0 |
 Crystalfetch |
2.2.0 |
 Cursor |
1.1.6 |
 Cyberduck |
9.1.6 |
 DaisyDisk |
4.31 |
 Dangerzone |
0.9.0 |
 Dataflare |
2.1.0 |
 DataGrip |
2025.1.3 |
 DataSpell |
2025.1.1 |
 DB Browser for SQLite |
3.13.1 |
 DBeaver Community Edition |
25.1.1 |
 DbGate |
6.5.4 |
 DeepL |
25.6.12145056 |
 DeskPad |
1.3.2 |
 DevToys |
2.0.8.0 |
 DevUtils |
1.17.0 |
 Discord |
0.0.352 |
 DisplayLink USB Graphics Software |
1.12.4 |
 DockDoor |
1.17.3 |
 Docker Desktop |
4.42.1 |
 Dockside |
1.9.54 |
 DOSBox |
0.74-3 |
 Doughnut |
2.0.1 |
 Downie |
4.9.19 |
 draw.io Desktop |
27.0.9 |
 DrawBot |
3.132 |
 DriveDX |
1.12.1 |
 Dropbox |
227.4.4774 |
 DropDMG |
3.6.9 |
 Dropshare |
6.3 |
 DuckDuckGo |
1.145.0 |
 Easydict |
2.14.1 |
 EasyFind |
5.0.2 |
 Eclipse Temurin Java Development Kit |
24.0.1 |
 EdrawMax |
14.5.1 |
 Elephas |
11.1087 |
 Elgato Camera Hub |
2.0.0.5750 |
 Elgato Capture Device Utility |
1.3.1 |
 Elgato Stream Deck |
6.9.1.21711 |
 Elgato Wave Link |
2.0.6.3780 |
 Ente |
1.7.13 |
 Ente Auth |
4.4.0 |
 Epic Games Launcher |
18.7.0 |
 Espanso |
2.2.1 |
 Etcher |
2.1.2 |
 Evernote |
10.105.4 |
 f.lux |
42.2 |
 Facebook Messenger |
512.0.0.52.109 |
 Fantastical |
4.0.14 |
 Fathom |
1.40.0 |
 Figma |
125.4.9 |
 Fission |
2.8.8 |
 Flameshot |
12.1.0 |
 FlowVision |
1.6.5 |
 Flycut |
1.9.6 |
 Forecast |
0.9.6 |
 Foxit PDF Editor |
13.1.7.63027 |
 Free Ruler |
2.0.8 |
 FreeCAD |
1.0.1 |
 Freelens |
1.4.0 |
 FreeMacSoft AppCleaner |
3.6.8 |
 FreeTube |
0.23.5 |
 FSMonitor |
1.2 |
 Gather Town |
1.32.0 |
 Geany |
2.0 |
 Geekbench |
6.4.0 |
 Geekbench AI |
1.4.0 |
 Gemini |
2.9.11 |
 Gephi |
0.10.1 |
 Ghostty |
1.1.3 |
 gifox |
2.7.2+0 |
 GIMP |
3.0.4 |
 Git Credential Manager |
2.6.1 |
 GitFinder |
1.7.11 |
 GitHub Desktop |
3.5.0-3d21337d |
 GitKraken |
11.2.0 |
 Godot Engine |
4.4.1 |
 Godspeed |
1.9.1 |
 Goland |
2025.1.3 |
 Google Ads Editor |
2.9 |
 Google Chrome |
138.0.7204.50 |
 Google Drive |
110.0.2 |
 Goose |
1.0.30 |
 GPT fdisk |
1.0.10 |
 Grammarly Desktop |
1.124.1.0 |
 GrandPerspective |
3.5.3 |
 Hammerspoon |
1.0.0 |
 Hazel |
6.0.4 |
 HazeOver |
1.9.4 |
 Headlamp |
0.32.0 |
 HEY |
1.2.17 |
 Hidden Bar |
1.9 |
 Highlight |
1.2.131 |
 Home Assistant |
2025.5 |
 Homerow |
1.4.0 |
 HP Easy Admin |
2.15.0 |
 HuggingChat |
0.7.0 |
 Huly |
0.6.502 |
 Hyper |
3.4.1 |
 Hyperkey |
0.47 |
 Ice |
0.11.12 |
 IINA |
1.3.5 |
 iMazing |
3.3.0 |
 iMazing Profile Editor |
2.0.0 |
 Inkscape |
1.4.230579 |
 Insomnia |
11.2.0 |
 Insta360 Studio |
5.6.4 |
 IntelliJ IDEA Community Edition |
2025.1.3 |
 IsThereNet |
1.7.1 |
 iTerm2 |
3.5.14 |
 Itsycal |
0.15.6 |
 Jabra Direct |
6.23.16101 |
 Jamie |
4.2.5 |
 Jellyfin |
10.10.7 |
 JetBrains PhpStorm |
2025.1.3 |
 Jetbrains PyCharm Community Edition |
2025.1.2 |
 JetBrains Rider |
2025.1.4 |
 JetBrains Toolbox |
2.6.3 |
 Joplin |
3.3.13 |
 Jumpcut |
0.84 |
 Jumpshare |
3.3.18 |
 Kap |
3.6.0 |
 Karabiner Elements |
15.4.0 |
 KeePassXC |
2.7.10 |
 Keeper Password Manager |
17.2 |
 Keka |
1.5.1 |
 Keybase |
6.5.1 |
 KeyCastr |
0.10.3 |
 KeyClu |
0.30.1 |
 kitty |
0.42.1 |
 Klokki |
1.3.7 |
 Krisp |
3.3.8 |
 Krita |
5.2.9 |
 LangGraph Studio |
0.0.37 |
 Last Window Quits |
1.1.4 |
 Lens |
2025.6.21515 |
 LibreOffice |
25.2.4 |
 LibreWolf |
140.0.2 |
 Little Snitch |
6.2.3 |
 LM Studio |
0.3.17 |
 LocalSend |
1.17.0 |
 Logitech G HUB |
2025.4.719084 |
 Logitech Options+ |
1.92.731496 |
 LookAway |
1.13.5 |
 Loop |
1.2.0 |
 LuLu |
3.1.5 |
 Lunatask |
2.1.1 |
 LΓVE |
11.5 |
 Maccy |
2.3.0 |
 MacDown |
0.7.2 |
 macFUSE |
4.10.2 |
 MacPass |
0.8.1 |
 Macs Fan Control |
1.5.18 |
 MacTeX |
2025.0308 |
 MacWhisper |
12.12.2 |
 Maestral |
1.9.4 |
 MagicQuit |
1.4 |
 Malwarebytes for Mac |
5.15.2.3152 |
 MarkEdit |
1.25.0 |
 MarsEdit |
5.3.4 |
 Marta File Manager |
0.8.2 |
 Mattermost |
5.12.1 |
 Medis |
2.16.1 |
 MeetingBar |
4.11.6 |
 Meld for macOS |
3.22.3+105 |
 MenuBar Stats |
3.9 |
 Micro Snitch |
1.6.1 |
 Microsoft Auto Update |
4.79.25033028 |
 Microsoft Azure Storage Explorer |
1.39.0 |
 Microsoft Edge |
138.0.3351.55 |
 Microsoft Office |
16.98.25060824 |
 Microsoft Teams |
25151.505.3727.5755 |
 Microsoft Visual Studio Code |
1.101.2 |
 Middle |
1.10 |
 MiddleClick |
3.1.0 |
 Mindmanager |
24.1.155 |
 Miro |
0.11.99 |
 Mist |
0.20.1 |
 mitmproxy |
12.1.1 |
 Mixxx |
2.5.2 |
 Mobirise |
6.0.6 |
 Mockoon |
9.2.0 |
 MongoDB Compass |
1.46.4 |
 MonitorControl |
4.3.3 |
 Moonlight |
6.1.0 |
 Mos |
3.5.0 |
 Motrix |
1.8.19 |
 Mountain Duck |
4.17.5 |
 Mounty for NTFS |
2.4 |
 mouseless |
0.3.1 |
 Mozilla Firefox |
140.0.2 |
 Mozilla Firefox Developer Edition |
141.0b4 |
 Mozilla Firefox ESR |
128.12.0 |
 Mozilla Thunderbird |
139.0.2 |
 Multi |
0.538.2 |
 MultiViewer for F1 |
1.43.2 |
 MURAL |
3.0.4 |
 MySQL Workbench |
8.0.42 |
 Name Mangler |
3.9.3 |
 NeoFinder |
8.9 |
 NetBeans IDE |
26 |
 Netiquette |
2.3.0 |
 NetNewsWire |
6.1.9 |
 Nextcloud |
3.16.6 |
 Nitro PDF Pro |
14.7 |
 NoMachine |
8.16.1 |
 NordLayer |
3.6.2 |
 NordLocker |
4.26.1 |
 NordPass |
6.2.13 |
 NordVPN |
9.0.1 |
 NoSQL Workbench |
3.13.6 |
 Nota Gyazo GIF |
9.11.1 |
 NotesOllama |
0.2.6 |
 Notion |
4.14.1 |
 Notion Calendar |
1.130.0 |
 noTunes |
3.5 |
 Noun Project |
2.3 |
 Novabench |
5.5.4 |
 Nucleo |
4.1.6 |
 Nudge |
2.0.12.81807 |
 NVIDIA GeForce NOW |
2.0.75.146 |
 OBS |
31.0.4 |
 Obsidian |
1.8.10 |
 Okta Advanced Server Access |
1.91.0 |
 Ollama |
0.9.2 |
 OmniFocus |
4.6 |
 OmniOutliner |
5.14.3 |
 Omnissa Horizon Client |
2503-8.15.0-14236092062 |
 OneDrive |
25.075.0420.0002 |
 OnyX |
4.8.0 |
 OpenMTP |
3.2.25 |
 OpenVPN Connect client |
3.7.1 |
 Opera |
119.0.5497.141 |
 Oracle VirtualBox |
7.1.10 |
 OrbStack |
1.11.3 |
 Orca Slicer |
2.3.0 |
 Orka CLI |
2.4.0 |
 Orka Desktop |
3.0.0 |
 Overflow |
3.2.1 |
 OverSight |
2.4.0 |
 Packages |
1.2.10 |
 Paintbrush |
2.6.0 |
 Paletro |
1.11.0 |
 Panic Nova |
12.4 |
 Parallels Client |
19.4.3 |
 Parallels Desktop |
20.4.0-55980 |
 Parsec |
150-99 |
 Pastebot |
2.4.6 |
 PDF Expert |
3.10.17 |
 PDF Pals |
1.9.0 |
 Pearcleaner |
4.5.0 |
 pgAdmin4 |
9.5 |
 Philips Hue Sync |
1.12.3.73 |
 Phoenix Slides |
1.5.9 |
 Pika |
1.0.2 |
 PiPHero |
1.2.0 |
 PixelSnap |
2.6.1 |
 Platypus |
5.4.1 |
 Plex |
1.109.0.329 |
 PlistEdit Pro |
1.9.7 |
 Podman Desktop |
1.19.2 |
 PopChar X |
10.4 |
 portx |
2.2.12 |
 Postico |
2.1.2 |
 Postman |
11.51.5 |
 PowerShell |
7.5.2 |
 Principle |
6.39 |
 Privileges |
2.3.0 |
 ProcessSpy |
1.7.9 |
 ProNotes |
0.7.7 |
 Proton Drive |
2.5.0 |
 Proton Mail |
1.8.0 |
 Proton Pass |
1.32.0 |
 ProtonVPN |
5.0.0 |
 Proxyman |
5.22.0 |
 PS Remote Play |
8.0.0 |
 Pulsar |
1.128.0 |
 qBittorrent |
5.0.5 |
 QLab |
5.4.11 |
 QQ |
6.9.75 |
 QSpace Pro |
5.3.4 |
 quarto |
1.7.32 |
 QuickLook Video |
2.21 |
 qView |
6.1 |
 Raindrop.io |
5.6.76 |
 Rancher Desktop |
1.19.3 |
 Raycast |
1.100.3 |
 Reactotron |
3.7.7 |
 Readest |
0.9.61 |
 Real VNC Viewer |
7.13.1 |
 Rectangle |
0.88 |
 Rectangle Pro |
3.55 |
 Recut |
2.1.7 |
 Redis Insight |
2.70.0 |
 Reflector |
4.1.2 |
 Remote Desktop Manager |
2025.2.7.2 |
 Remote Help |
1.0.2404171 |
 Reqable |
2.33.12 |
 Requestly |
25.6.27 |
 Retcon |
1.3.0 |
 Rhinoceros |
8.20.25157.13002 |
 Rive |
0.8.3105 |
 Rocket |
1.9.4 |
 Rocket Typist |
3.2.2 |
 Rocket.Chat |
4.7.0 |
 Rode Central |
2.0.100 |
 Rode Connect |
1.3.43 |
 Rotato |
151 |
 RStudio |
2025.05.1 |
 RsyncUI |
2.5.9 |
 RustDesk |
1.4.0 |
 SABnzbd |
4.5.1 |
 Santa |
2025.6 |
 ScreenFocus |
1.1.1 |
 Sequel Ace |
5.0.8 |
 Shottr |
1.8.1 |
 Signal |
7.59.0 |
 SilentKnight |
2.12 |
 Sketch |
2025.1.3 |
 SketchUp |
2025.0.659.288 |
 Skim |
1.7.11 |
 Slack |
4.44.65 |
 Snagit |
2025.2.1 |
 Splashtop Business |
3.7.4.3 |
 Splice |
5.3.2 |
 Spline |
0.12.5 |
 Spotify |
1.2.66.447 |
 Sproutcube Shortcat |
0.12.0 |
 SQLPro for MSSQL |
2025.10 |
 SQLPro for MySQL |
2025.10 |
 SQLPro for Postgres |
2025.06 |
 SQLPro for SQLite |
2025.07 |
 SQLPro Studio |
2025.10 |
 Squirrel |
1.0.3 |
 Starface |
9.1.0 |
 Stats |
2.11.45 |
 Steam |
4.0 |
 SteerMouse |
5.7.4 |
 Stretchly |
1.17.2 |
 Studio 3T |
2025.12.0 |
 Sublime Merge |
2102 |
 Sublime Text |
4200 |
 Superlist |
1.34.0 |
 superwhisper |
1.47.0 |
 Suspicious Package |
4.5 |
 Swift Shift |
0.27.1 |
 Sync |
2.2.48 |
 Syncovery |
11.4.2 |
 Synology Drive |
3.5.2 |
 Tableau Desktop |
2025.2.0 |
 TabTab |
1.3.4 |
 Tailscale |
1.84.1 |
 Taskbar |
1.4.5 |
 TeaCode |
1.1.3 |
 TeamViewer Host |
15 |
 TeamViewer QuickSupport |
15 |
 Telegram for macOS |
11.12.3 |
 Tenable Nessus Agent |
10.9.0 |
 Termius |
9.22.1 |
 TeX Live Utility |
1.54 |
 TextMate |
2.0.23 |
 Thonny |
4.1.7 |
 Threema |
1.2.48 |
 TigerVNC |
1.15.0 |
 Todoist |
9.17.0 |
 Tofu |
3.0.1 |
 Topaz Gigapixel AI |
8.4.2 |
 Trae |
1.0.14688 |
 Transmission |
4.0.6 |
 Transmit |
5.10.9 |
 Transnomino |
9.3 |
 Tunnelblick |
8.0 |
 Twingate |
2025.175.15032 |
 Typora |
1.10.10 |
 UnnaturalScrollWheels |
1.3.0 |
 UPDF |
2.0.3 |
 Upscayl |
2.15.0 |
 UTM |
4.6.5 |
 VeraCrypt |
1.26.24 |
 Vimcal |
1.0.37 |
 VimR |
0.54.0 |
 VisualVM |
2.2 |
 Vivaldi |
7.4.3684.55 |
 Viz |
2.2.1 |
 VLC media player |
3.0.21 |
 VSCodium |
1.101.24242 |
 Wave Terminal |
0.11.3 |
| β Webex | 45.6.1.32593 |
 Webex Teams |
45.6.1.32593 |
 WebStorm |
2025.1.3 |
 WeChat for Mac |
4.0.5.27 |
 WhatsApp |
2.25.18.85 |
 WindowKeys |
3.0.1 |
 Windows App |
11.1.8 |
 Windsurf |
1.10.5 |
 WineHQ-stable |
10.0 |
 Wire |
3.40.5285 |
 Wireshark |
4.4.7 |
 Witch |
4.6.2 |
 Wondershare Filmora |
13.0.25 |
 XCA |
2.9.0 |
 XMind |
25.04.03523-202505292348 |
 Xnapper |
1.17.1 |
 Yaak |
2025.4.0 |
 Yubikey Manager |
1.2.5 |
 Zed |
0.192.8 |
 Zed Attack Proxy |
2.16.1 |
 Zen Browser |
1.12.3b |
 Zoom |
6.5.3.58803 |
Note
Missing an app? Feel free to request additional app support by creating an issue!
First decide which authentication method you would like to use. There are currently the following methods implemented:
- System Managed Identity
- User Managed Identity
- ClientSecret & ClientID using App Registration
- Certificate based authentication
- Configuration File (for non-interactive/automated scenarios)
- Open your Automation Account and select Account Settings -> Identity.
- Turn Status on tab "System assigned" to "On".
- Add the following API permissions to your System Managed Identity using this PowerShell script: Microsoft Tech Community
- DeviceManagementApps.ReadWrite.All
- Open Entra admin center -> Applications -> Enterprise Applications. Change Filter "Application type" to "Managed Identities" and search for your Automation Account name. Open the entity.
- Verify that the right permissions are set to the Managed Identity in the Security -> Permissions tab.
- Create a new Variable in your Automation Account with the name "AuthenticationMethod" and value "SystemManagedIdentity" to use the System Managed Identity.
- Open Azure Portal and search for "Managed Identities".
- Click "Create" and select your Azure Subscription & Resource group. Choose your region and set a name for the identity.
- Open your Automation Account and select Account Settings -> Identity.
- Switch to tab "User assigned" and click "Add". Choose the previously created Managed Identity.
- Add the following API permissions to your System Managed Identity using this PowerShell script: Microsoft Tech Community
- DeviceManagementApps.ReadWrite.All
- Open Entra admin center -> Applications -> Enterprise Applications. Change Filter "Application type" to "Managed Identities" and search for your Automation Account name. Open the entity.
- Verify that the right permissions are set to the Managed Identity in the Security -> Permissions tab.
- Create a new Variable in your Automation Account with the name "AuthenticationMethod" and value "UserAssignedManagedIdentity" to use the User Assigned Managed Identity.
- Create a new App Registration in Azure
- Add the following API permissions:
- DeviceManagementApps.ReadWrite.All
- Update the parameters in the script with your Azure details.
- $appid = '' # App ID of the App Registration
- $tenantid = '' # Tenant ID of your EntraID
- $certThumbprint = '' # Thumbprint of the certificate associated with the App Registration
- Generate a self-signed certificate:
$cert = New-SelfSignedCertificate -Subject "CN=IntuneBrew" -CertStoreLocation "Cert:\CurrentUser\My" -KeyExportPolicy Exportable -KeySpec Signature -KeyLength 2048 -KeyAlgorithm RSA -HashAlgorithm SHA256 -NotAfter (Get-Date).AddYears(2)- Export the certificate:
$pwd = ConvertTo-SecureString -String "YourPassword" -Force -AsPlainText
Export-PfxCertificate -Cert $cert -FilePath "IntuneBrew.pfx" -Password $pwd- Upload to Azure App Registration:
- Go to your App Registration in Azure Portal
- Navigate to "Certificates & secrets"
- Upload the public key portion of your certificate
The -ConfigFile parameter enables non-interactive authentication, which is perfect for automation scenarios and macOS support. This method uses a JSON configuration file containing your authentication credentials.
- Create a configuration file based on one of these templates:
For Client Secret Authentication (clientSecret.json):
{
"authMethod": "ClientSecret",
"tenantId": "your-tenant-id",
"clientId": "your-app-registration-client-id",
"clientSecret": "your-client-secret"
}Example clientSecret.json with actual values:
{
"authMethod": "ClientSecret",
"tenantId": "12345678-1234-1234-1234-123456789012",
"clientId": "87654321-4321-4321-4321-210987654321",
"clientSecret": "xyx8Q~1234567890abcdefghijklmnopqrstuvwx"
}Important notes for clientSecret.json:
authMethod: Must be exactly "ClientSecret" (case-sensitive)tenantId: Your Azure AD tenant ID (GUID format)clientId: The Application (client) ID from your App RegistrationclientSecret: The secret value (not the secret ID) from your App Registration
Warning
- Store the clientSecret.json file securely and never commit it to version control
- Add
clientSecret.jsonto your.gitignorefile - Consider using environment variables or Azure Key Vault for production scenarios
- Client secrets expire - remember to rotate them before expiration
For Certificate Authentication (certificateThumbprint.json):
{
"authMethod": "Certificate",
"tenantId": "your-tenant-id",
"clientId": "your-app-registration-client-id",
"certificateThumbprint": "your-certificate-thumbprint"
}Example certificateThumbprint.json with actual values:
{
"authMethod": "Certificate",
"tenantId": "12345678-1234-1234-1234-123456789012",
"clientId": "87654321-4321-4321-4321-210987654321",
"certificateThumbprint": "1234567890ABCDEF1234567890ABCDEF12345678"
}Important notes for certificateThumbprint.json:
authMethod: Must be exactly "Certificate" (case-sensitive)tenantId: Your Azure AD tenant ID (GUID format)clientId: The Application (client) ID from your App RegistrationcertificateThumbprint: The thumbprint of the certificate uploaded to your App Registration (40 character hex string, no spaces or colons)- The certificate must be installed in the current user or local machine certificate store
-
Ensure your App Registration has the required permissions:
- DeviceManagementApps.ReadWrite.All
-
Use the configuration file with any IntuneBrew command:
# Update all apps non-interactively
.\IntuneBrew.ps1 -UpdateAll -ConfigFile "clientSecret.json"
# Upload specific apps with automation
.\IntuneBrew.ps1 -Upload "slack", "zoom" -ConfigFile "certificateThumbprint.json"Tip
The ConfigFile parameter is especially useful for:
- Automated deployments in CI/CD pipelines
- Scheduled tasks without user interaction
- Avoiding interactive authentication prompts
Using the -CopyAssignments switch with IntuneBrew.ps1 or creating a CopyAssignments Variable with Boolean Value true in your Azure Automation indicates that assignments from the existing app version should be copied to the new version.
Apps are defined in JSON files with the following structure:
{
"name": "Application Name",
"description": "Application Description",
"version": "1.0.0",
"url": "https://download.url/app.dmg",
"bundleId": "com.example.app",
"homepage": "https://app.homepage.com",
"fileName": "app.dmg"
}IntuneBrew implements sophisticated version comparison logic:
- Handles various version formats (semantic versioning, build numbers)
- Supports complex version strings (e.g., "1.2.3,45678")
- Manages version-specific updates and rollbacks
- Provides clear version difference visualization
Version comparison rules:
- Main version numbers are compared first (1.2.3 vs 1.2.4)
- Build numbers are compared if main versions match
- Special handling for complex version strings with build identifiers
IntuneBrew includes robust error handling mechanisms:
-
Upload Retry Logic
- Automatic retry for failed uploads (up to 3 attempts)
- Exponential backoff between retries
- New SAS token generation for expired URLs
-
File Processing
- Temporary file cleanup
- Handle locked files
- Memory management for large files
-
Network Issues
- Connection timeout handling
- Bandwidth throttling
- Resume interrupted uploads
-
Authentication
- Token refresh handling
- Certificate expiration checks
- Fallback to interactive login
-
File Access Errors
- Ensure no other process is using the file
- Try deleting temporary files manually
- Restart the script
-
Upload Failures
- Check your internet connection
- Verify Azure AD permissions
- Ensure file sizes don't exceed Intune limits
-
Authentication Issues
- Verify your Azure AD credentials
- Check tenant ID configuration
- Ensure required permissions are granted
-
PowerShell 7 Command Not Found
If you're getting "IntuneBrew is not recognized as a name of a cmdlet, function, script file, or executable program" in PowerShell 7:
Step 1: Check your PATH environment variable
"Current PATH:" $env:PATH -split ';'
Step 2: Verify IntuneBrew installation location
$intuneBrewInfo = Get-InstalledScript -Name IntuneBrew -ErrorAction SilentlyContinue if ($intuneBrewInfo) { "Installed Location for IntuneBrew:" $intuneBrewInfo | Select-Object Name, Version, InstalledLocation } else { Write-Warning "IntuneBrew is not installed. Run: Install-Script IntuneBrew -Force" return }
Step 3: Add IntuneBrew to your PATH if needed
$scriptPath = $intuneBrewInfo.InstalledLocation if (-not ($env:PATH -split ';' | Where-Object { $_ -eq $scriptPath })) { Write-Host "`nπ Adding IntuneBrew script folder to PATH..." -ForegroundColor Yellow [Environment]::SetEnvironmentVariable("PATH", "$env:PATH;$scriptPath", [EnvironmentVariableTarget]::User) Write-Host "β Done. Restart PowerShell to use 'IntuneBrew' as a command." -ForegroundColor Green } else { Write-Host "β Script path is already in PATH." -ForegroundColor Green }
Contributions are welcome! Please feel free to submit a Pull Request. For major changes, please open an issue first to discuss what you would like to change.
- Fork the Project
- Create your Feature Branch (
git checkout -b feature/AmazingFeature) - Commit your Changes (
git commit -m 'Add some AmazingFeature') - Push to the Branch (
git push origin feature/AmazingFeature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
- Thanks to all contributors who have helped shape IntuneBrew
- Microsoft Graph API documentation and community
- The PowerShell community for their invaluable resources
If you encounter any issues or have questions:
- Check the Issues page
- Review the troubleshooting guide
- Open a new issue if needed
Made with β€οΈ by Ugur Koc
