cyber security

Push apps to Android devices using Microsoft Endpoint Manager (Intune)

/ mattsoseman / Leave a comment

When a device (iOS, Android, Mac, Windows) is enrolled into Mobile Device Management (MDM) to Microsoft Endpoint Manager (Intune), applications can be pushed to that device. These apps can be custom line of business (LOB), apps from a public marketplace i.e. Apple App Store, Google Play Store, Microsoft Store), win32 (Windows only),etc.

In this blog we will cover how to push an app to an Android device using Microsoft Endpoint Manager. This is assuming a device is already enrolled (for instructions on how to enroll see:

Android Corporate Owned Fully Managed MDM Enrollment

How to MDM Enroll Android Devices (Personal w/ Work Profile)

What apps can be pushed to an Android device?

The following apps can be pushed to an Android device:

  • Android Store apps
  • Managed Google Play app
  • Web links
  • Built-In Apps
  • Line of Business Apps
  • Android Enterprise System App

For more information see Add apps to Microsoft Intune https://docs.microsoft.com/en-us/mem/intune/apps/apps-add

Add app to Microsoft Endpoint Manager

Browse to https://endpoint.microsoft.com and navigate to Apps ->Android

Click Add -> choose Managed Google Play App and click Select. Notice the other app types under Other.

Type Microsoft Edge in the search box and press Enter

Click Microsoft Edge then click Approve

Click Approve again to approve the permissions

Then click Done


Next click Sync


Click Microsoft Edge on the Android Apps screen

Click Properties then click Edit next to Assignments

For demo purposes, we are going to deploy this app to all users. Intune/Microsoft Endpoint Manager is intelligent to know that if you are on an Android device to push the app, but if you are on an iOS/iPadOS device to not push the app.

You can also create a security group (recommend practice) add the users to that group and then assign that group, or create a dynamic device security group and assign to devices.

On Assignments screen click Add all users under Required then click Review + save

Then click Save

Time to Test!

On my Android device, within a few moments I will see a notification appear indicating Microsoft Edge was successfully installed

On the home screen the app will be shown, indicating it was installed

Lastly, in the Google Play store, tapping on the Microsoft Edge app you will notice Per your administrator, this app may not be uninstalled

It’s that easy!

Confirm App Deployment from Intune/Microsoft Endpoint Manager

Let’s go back to Microsoft Endpoint Manager, and navigate to the Microsoft Edge app screen. (You can also get here by browsing to Apps -> Android -> Microsoft Edge)

Clicking on Device Install Status will show the app is installed on the Android device

Push apps to iOS devices using Microsoft Endpoint Manager (Intune)

/ mattsoseman / Leave a comment

When a device (iOS, Android, Mac, Windows) is enrolled into Mobile Device Management (MDM) to Microsoft Endpoint Manager (Intune), applications can be pushed to that device. These apps can be custom line of business (LOB), apps from a public marketplace i.e. Apple App Store, Google Play Store, Microsoft Store), win32 (Windows only),etc.

In this blog we will cover how to push an app to an iOS/iPadOS device using Microsoft Endpoint Manager. This is assuming a device is already enrolled (for instructions on how to enroll, see this blog)

What apps can be pushed to an iOS/iPadOS device?

The following apps can be pushed to an iOS/iPadOS device:

  • Apple App Store apps
  • Web links
  • Built-In Apps
  • Line of Business Apps

For more information see Add apps to Microsoft Intunehttps://docs.microsoft.com/en-us/mem/intune/apps/apps-add

Add app to Microsoft Endpoint Manager

Browse to https://endpoint.microsoft.com and navigate to Apps -> iOS -> iOS Apps

Click Add -> choose iOS Store App and click Select. Notice the other app types under Other.

Click Search the App Store

Type in the name of the app you want to push. For demonstration purposes in this blog I will search for Microsoft Edge. When finished, click Microsoft Edge then click Select

On the App Information tab click Next

On scope tags click Next (if you want to learn more about scope tags see this article)

For demo purposes, we are going to deploy this app to all users. Intune/Microsoft Endpoint Manager is intelligent to know that if you are on an iOS/iPadOS device to push the app, but if you are on an Android device to not push the app.

You can also create a security group (recommend practice) add the users to that group and then assign that group, or create a dynamic device security group and assign to devices.

On Add App screen click Add all users under Required then click Next

Note: If I select yes on Uninstall on device removal then when the device is removed from MDM enrollment, this app (Microsoft Edge) will be uninstalled from the user’s device)

On Review + create click Next

Time to Test!

On my iPad, within a few moments I will see a dialog box appear prompting permissions to install the app. Tap Install.

On the home screen the app will be installed

It’s that easy!

Confirm App Deployment from Intune/Microsoft Endpoint Manager

Let’s go back to Microsoft Endpoint Manager, and where we left off was on the Microsoft Edge app screen. (You can also get here by browsing to Apps -> iOS -> Microsoft Edge)

Clicking on Device Install Status will show the app is now installed on the iPad

IMPORTANT: It can take up to 60 minutes for the installation status to be updated in the portal.