Managing Win32 Applications in Microsoft Intune

When deploying Win32 applications, consider using the Intune Management extension approach exclusively, especially when you have a Win32 application installer with multiple files. Failure to install may occur if you combine the installation of Win32 applications and line of business applications while registering with AutoPilot. The Intune management extension will be installed automatically when a PowerShell script or Win32 application is assigned to the user or device.

Read more:

How to copy files or folders to all computers via GPO
Microsoft Teams add-on does not appear in Outlook
Microsoft Lists, Planner, Tasks in Teams or To Do, which one to use?
How to uninstall programs using PowerShell
Deploy Azure VM to Powershell


To use Win32 application management, make sure that you meet the following criteria:

  • Use Windows 10 version 1607 or later (Enterprise, Pro and Education versions).
  • The devices must be registered with Intune and have been:
  • The size of the Windows application cannot exceed 8 GB per application.

Prepare the content of the Win32 application for upload

Before adding a Win32 application to Microsoft Intune, you must prepare the application using the Microsoft Win32 Content Preparation Tool. Use this tool to pre-process classic Windows applications (Win32). The tool converts application installation files to the format. intunewin. Check out more information and steps in Preparing the content of the Win32 application for upload.

Prepare the application for Intune

Before we can extract an application on Intune to make it part of our AP profile, we need to “package” the application for delivery using the following address:

 After downloading the tool, gather the following three information to use the tool:

  1. The source folder for your application
  2. The name of the installation executable file
  3. The output folder of the new file

For the purposes of this lab, we will use the Adobe Reader tool as our Win32 application.

Download the Adobe Reader package and copy the file to a known location, such as C: \ testeapp \ v1.0 \ Adobe Reader.

After downloading the file we will start the preparation of a package that will be taken to Intune for distribution, this example will be used with a program called Adobe Reader DC that we will download the .exe file directly from the Adobe website and transform it into a MSI file and on the Intune platform this file will be loaded with the extension. intunewin with the tool IntuneWinAppUtil.exe.

The tool provides a detailed record when done !!! it is shown that the. intunewin is ready for deployment.

Let's open the executable intunewinapputil.exe in elevated mode as an administrator.

After running the application as an administrator, we will point out where the tool's source folder is. C: \ testeapp \ v1.0 and press enter.  

In the next line we point to the executable intunewinapputil.exe and press enter.

Now let's point to the folder where the adobe reader executable file is located that we downloaded to the folder C: \ testeapp \ v1.0 \ Adobe Reader where we will transform it into MSI and load it into an intunewin extension through Intune.

After creating the package the file was saved in the destination folder in the path C: \ testeapp \ v1.0 \ Adobe Reader where we mention the evidence below.

The file intunewinapputil.intunewin will be uploaded via Intune via upload to be distributed in the environment to their respective devices as shown below.

After creating the intunewin file, we now need to upload this file that was generated.

We will access the following address:

After entering the Intune panel we will start uploading the file by accessing, applications, windows applications, add and we will now select the type of application, Windows application (Win32).

Now we will click on Applications, Windows, Application package file we will point the file saved on the computer in the folder C: \ testeapp \ v1.0 \ Adobe Reader \ intunewinapputil.intunewin.

The file has been uploaded and is now ready to be uploaded and distributed in its respective environment.

After the file is loaded into intune we will define the name of the application in the case Adobe Reader DC which is the program that we will load on Intune to be distributed in the environment.

We can define a type logo referring to the program that we are loading on the platform, the management is more visible since Intune has a very wide range of features on its Dashboard.

In the programs field, we define how the program automatically executes the installation of the resource as soon as the user's desktop appears.

In the Requirements section, we insert a minimum version so that a machine within the Organization can receive this installation on the Device, respecting the environment's compliance profile and the minimum Build version.

In the definition rules, we mention the rule type as a file, pointing the path from where this file will be installed C: \ Program Files (x86) \ Adobe \ Acrobat Reader DC \ Reader, the file AcroRD32.exe and the detection method that would be an existing file or folder.

In the field of assignments is where we define who will receive this installation, all users or a specific group of machines existing in the environment applying the mass installation for example.

After these settings, we click on the create button so that the rule is created and we can replicate the configuration to the environment.

The mass installation of the application in the environment was successful.


At Intune you can package non-microsoft software respecting the prerequisites and size limits of a given file, making the company's Help Desk area more productive in terms of time and availability for more complex tasks.

Bearing in mind that Intune is not a System Center, it deploys to Workstations and mobile devices, in the Server environment, we use other appropriate tools for this.

I believe that in the very near future Intune will make available many more resources than they already exist today, this is a matter of time and things have evolved very quickly and effectively, mainly due to the moment we are currently experiencing.

Was this article helpful?

To maintain a quality standard for you, we have invested in a great hosting plan, Paid CDN, Website Optimization Plugins, etc ...

Help us to keep the project active! 

Follow the news in real time. Follow our Instagram profile..

Diego Gonzalez
Cloud Security Consultant in one of the largest Digital Security consultancies in Brazil, graduated in Computer Science responsible for Cloud Security tools (Azure), MDM and MAM management in Intune, for administering and supporting (Microsoft CAS, Defender ATP, Azure ATP, Conditional Access, AIP, Secure Identity Management and Compliance), Currently I work in the Implementation of new Projects and business continuation related to Information Security in products such as Office 365 and Azure, I am certified by Microsoft and I am still searching new Certifications on existing platforms in the market.



Do you want to upgrade your career? 

Invest in yourself and get ahead! Get that dream job in 2022!