Loadabc570

-->

Use the information in this article to help you add macOS line-of-business apps to Microsoft Intune. You must download an external tool to pre-process your .pkg files before you can upload your line-of-business file to Microsoft Intune. The pre-processing of your .pkg files must take place on a macOS device.

Note

SOLVED: MacBook Will Not Start Up After macOS Update. I have a MacBook pro running MacOS Mojave. For the past year or so, every time a new MacOS update rolls out, and is attempted to be installed on my MacBook, it ends up displaying the circle slash (Prohibitory Symbol). Rebooting still produces a prohibitory symbol.

A macOS LOB app can only be installed as managed when the app distributable contains a single app without any nested packages and installs to the /Applications directory. Managed line-of-business apps will be able to be removed using the uninstall assignment type on supported devices (macOS 11 and higher). In addition, removing the MDM profile. Updating macOS can be a real chore sometimes, especially if you get stuck in an update loop because there isn’t enough free space. Some users started the update but found themselves stuck in this “boot loop” after it failed, returning to the update installer page every time their Mac booted up again.

Starting with the release of macOS Catalina 10.15, prior to adding your apps to Intune, check to make sure your macOS LOB apps are notarized. If the developers of your LOB apps did not notarize their apps, the apps will fail to run on your users' macOS devices. For more information about how to check if an app is notarized, visit Notarize your macOS apps to prepare for macOS Catalina.

Note

While users of macOS devices can remove some of the built-in macOS apps like Stocks, and Maps, you cannot use Intune to redeploy those apps. If end users delete these apps, they must go to the app store, and manually re install them.

Update Mac Os Command Line

Before your start

You must download an external tool, mark the downloaded tool as an executable, and pre-process your .pkg files with the tool before you can upload your line-of-business file to Microsoft Intune. The pre-processing of your .pkg files must take place on a macOS device. Use the Intune App Wrapping Tool for Mac to enable Mac apps to be managed by Microsoft Intune.

Important

The .pkg file must be signed using 'Developer ID Installer' certificate, obtained from an Apple Developer account. Only .pkg files may be used to upload macOS LOB apps to Microsoft Intune. However, conversion of other formats, such as .dmg to .pkg is supported. For more information about converting non-pkg application types, see How to deploy DMG or APP-format apps to Intune-managed Macs.

1. Download the Intune App Wrapping Tool for Mac.

   Note

   The Intune App Wrapping Tool for Mac must be run on a macOS machine.

2. Mark the downloaded tool as an executable:

   • Start the terminal app.
   • Change the directory to the location where IntuneAppUtil is located.
   • Run the following command to make the tool executable:
     chmod +x IntuneAppUtil

3. Use the IntuneAppUtil command within the Intune App Wrapping Tool for Mac to wrap .pkg LOB app file from a .intunemac file.
   

   Sample commands to use for the Microsoft Intune App Wrapping Tool for macOS:

   Important

   Ensure that the argument <source_file> does not contain spaces before running the IntuneAppUtil commands.

   • IntuneAppUtil -h
     This command will show usage information for the tool.

   • IntuneAppUtil -c <source_file> -o <output_directory_path> [-v]
     This command will wrap the .pkg LOB app file provided in <source_file> to a .intunemac file of the same name and place it in the folder pointed to by <output_directory_path>.

   • IntuneAppUtil -r <filename.intunemac> [-v]
     This command will extract the detected parameters and version for the created .intunemac file.

Select the app type

1. Sign in to the Microsoft Endpoint Manager admin center.
2. Select Apps > All apps > Add.
3. In the Select app type pane, under the Other app types, select Line-of-business app.
4. Click Select. The Add app steps are displayed.

Step 1 - App information

Select the app package file

1. In the Add app pane, click Select app package file.
2. In the App package file pane, select the browse button. Then, select an macOS installation file with the extension .intunemac.The app details will be displayed.
3. When you're finished, select OK on the App package file pane to add the app.

Set app information

1. In the App information page, add the details for your app. Depending on the app that you chose, some of the values in this pane might be automatically filled in.
   • Name: Enter the name of the app as it appears in the company portal. Make sure all app names that you use are unique. If the same app name exists twice, only one of the apps appears in the company portal.
   • Description: Enter the description of the app. The description appears in the company portal.
   • Publisher: Enter the name of the publisher of the app.
   • Minimum Operating System: From the list, choose the minimum operating system version on which the app can be installed. If you assign the app to a device with an earlier operating system, it will not be installed.
   • Ignore app version: Select Yes to install the app if the app is not already installed on the device. Select No to only install the app when it is not already installed on the device, or if the deploying app's version number does not match the version that's already installed on the device.
   • Install as managed: Select Yes to install the Mac LOB app as a managed app on supported devices (macOS 11 and higher). A macOS LOB app can only be installed as managed when the app distributable contains a single app without any nested packages and installs to the /Applications directory. Managed line-of-business apps will be able to be removed using the uninstall assignment type on supported devices (macOS 11 and higher). In addition, removing the MDM profile removes all managed apps from the device. The default value is No.
   • Category: Select one or more of the built-in app categories, or select a category that you created. Categories make it easier for users to find the app when they browse through the company portal.
   • Show this as a featured app in the Company Portal: Display the app prominently on the main page of the company portal when users browse for apps.
   • Information URL: Optionally, enter the URL of a website that contains information about this app. The URL appears in the company portal.
   • Privacy URL: Optionally, enter the URL of a website that contains privacy information for this app. The URL appears in the company portal.
   • Developer: Optionally, enter the name of the app developer.
   • Owner: Optionally, enter a name for the owner of this app. An example is HR department.
   • Notes: Enter any notes that you want to associate with this app.
   • Logo: Upload an icon that is associated with the app. This icon is displayed with the app when users browse through the company portal.
2. Click Next to display the Scope tags page.

Step 2 - Select scope tags (optional)

You can use scope tags to determine who can see client app information in Intune. For full details about scope tags, see Use role-based access control and scope tags for distributed IT.

1. Click Select scope tags to optionally add scope tags for the app.
2. Click Next to display the Assignments page.

Step 3 - Assignments

1. Select the Required, Available for enrolled devices, or Uninstall group assignments for the app. For more information, see Add groups to organize users and devices and Assign apps to groups with Microsoft Intune.
2. Click Next to display the Review + create page.

Step 4 - Review + create

1. Review the values and settings you entered for the app.

2. When you are done, click Create to add the app to Intune.

   The Overview blade for the line-of-business app is displayed.

The app you have created appears in the apps list where you can assign it to the groups you choose. For help, see How to assign apps to groups.

Note

If the .pkg file contains multiple apps or app installers, then Microsoft Intune will only report that the app is successfully installed when all installed apps are detected on the device.

Update a line-of-business app

1. Sign in to the Microsoft Endpoint Manager admin center.
2. Select Apps > All apps.
3. Find and select your app from the list of apps.
4. Select Properties under Manage from the app pane.
5. Select Edit next to App information.
6. Click on the listed file next to Select file to update. The App package file pane is displayed.
7. Select the folder icon and browse to the location of your updated app file. Select Open. The app information is updated with the package information.
8. Verify that App version reflects the updated app package.

Note

For the Intune service to successfully deploy a new .pkg file to the device you must increment the package version and CFBundleVersion string in the packageinfo file in your .pkg package.

Next steps

• The app you have created is displayed in the apps list. You can now assign it to the groups you choose. For help, see How to assign apps to groups.

• Learn more about the ways in which you can monitor the properties and assignment of your app. For more information, see How to monitor app information and assignments.

• Learn more about the context of your app in Intune. For more information, see Overview of device and app lifecycles

The Particle CLI is a powerful tool for interacting with your devicesand the Particle Device Cloud. The CLI uses Node.js and can easily run on Windows, macOS (OS X), and Linux. It's also open source so you can edit and change it, and even send in your changes as pull requests if you want to share!

Installing

Using macOS or Linux

The easiest way to install the CLI is to open a Terminal and type:

Update Git Mac Command Line

This command downloads the particle command to your home directory at ~/bin, installs a version of Node.js to ~/.particle and installs the particle-cli Node.js module that contain the code of the CLI.

It will also try to install DFU-util, a utility program for programming devices over USB. See the instructions for installing DFU-util if the installer is not able to automatically install dfu-util.

The installer also works on the Raspberry Pi!

Using Windows

Download the Windows CLI Installer and run it to install the Particle CLI, the device drivers and DFU-util.

The CLI is installed to %LOCALAPPDATA%particle (C:UsersusernameAppDataLocalparticle for Windows in English).

Advanced Install

You can manually install the particle-cli Node.js package if you need the CLI installed in a different location or you need to install a specific version of the CLI.

Make sure you have a recent LTS version of Node.js installed.

Next, open a command prompt or terminal, and install by typing:

If you experience permission errors, we recommend you change the directory where npm installs global packages (ones installed with -g) to another directory as documented here. If you must install particle-cli to the default global package location as the superuser, you have to use the --unsafe-perm flag to successfully install all dependencies: sudo npm install -g --unsafe-perm particle-cli.

For more OS-specific install instructions, see below.

On Windows, make sure to download and install the Windows Drivers if you installed the CLI through npm and did not use the Windows CLI Installer.

To use the local flash and key features you'll also need to install dfu-util, and openssl. They are freely available and open-source, and there are installers and binaries for most major platforms.

Here are some great tutorials on the community for full installs:

Upgrading to the latest version

If you installed the Particle CLI through the installer, it will periodically update itself to the latest version.

To force it to update, run the installer script again or enter this command:

If the CLI is outputing unexpected errors after an update, delete the ~/.particle (macOS and Linux) or C:Users<username>AppDataLocalparticle directory and run the installer script again to start over.

To prevent the Particle CLI from automatically updating, set the environment variable PARTICLE_DISABLE_UPDATE=true for your system. Use particle update-cli to manually update.

If you installed manually using npm install, you can upgrade by running the same command you used to install the tool.

Running from source (advanced)

To grab the CLI source and play with it locally

View README#Development for more

Getting Started

These next two commands are all you need to get started setting up an account, claiming a device, and discovering new features.

particle setup

This command will guide you through logging in or creating a new account as well as claiming your device!

particle help

Shows you what commands are available and how to use them. You can also give the name of a command for detailed help.

Flashing over Serial for the Electron

If you're wanting to save data on your Electron you should definitely consider flashing your Electron overUSB instead of OTA (over-the-air).

Assuming you've compiled and downloaded the firmware binary from the Web IDE by clicking the cloud button next to the file name, you shouldbe able to use the Particle CLI, mentioned above, to flash your application firmware to your Electron without using data.

Steps:

• 1: Put the Electron in to DFU mode (blinking yellow).
• 2: Open a command prompt or terminal window.
• 3: Navigate to the folder where you've downloaded the firmware.bin file.
• 4: From the CLI issue particle flash --usb firmware.bin

Note: If your Electron goes into safemode blinking magenta you should put the Electron back into DFU mode (blinking yellow) and do:

Blink an LED with Tinker

If you're just opening a new device, chances are it's already loaded with Tinker, the app we load at the factory. If you don't have Tinker, or if you've been using the build IDE already, let's load it quickly by typing:

Let's make sure your device is online and loaded with Tinker. We should see the four characteristic functions exposed by Tinker, 'digitalWrite', 'digitalRead', 'analogWrite', and 'analogRead'.

Let's try turning on the LED attached to pin D7 on your device.

Nice! You should have seen the small blue LED turn on, and then off.

Update your device remotely

You can write whole apps and flash them remotely from the command line just as you would from the build IDE. Let's write a small blink sketch to try it out.

Copy and paste the following program into a file called blinky.ino

Then let's compile that program to make sure it's valid code. The CLI will automatically download the compiled binary of your program if everything went well.

Replace photon with the type of device you have:

• argon
• boron
• photon
• p1
• electron (also E series)

Now that we have a valid program, let's flash it to our device! We can use either the source code again, or we can send our binary.

Compile and flash code locally

You can find a step-by-step guide to installing the local build toolchain for the firmware in the FAQ section of the documentation.

After building your code on your machine, you can flash it to your device over Serial or remotely.

Working with projects and libraries

When your code gets too long for one file or you want to use librariesthat other developers have contributed to the Particle platform it'stime to create a project.

Creating a project

By default projects are created in your home directory under Particle orin your Documents folder under Particle on Windows. You can also createprojects in the current directory.

Using libraries

The CLI supports using libraries with your project. This allows you toincorporate already written and tested code into your project, speedingup development and assuring quality.

The overall flow when consuming a library goes like this

• set up the initial project for your application
• find the library you want to add particle library search
• add the library to your project - particle library add
• edit your source code to use the library
• compile your project - particle compile

These commands are described in more details in the CLI reference.

library search

The library search command allows you to search for libraries that are related to the text that you type in.

For example,

Will find libraries containing neo in their name.

library add

The library add command adds the latest version of a library to your project.

For example, if you wanted to add the InternetButton library to your project, you would type

This will add the InternetButton dependency to your project's project.properties file.

The InternetButton library itself is not present in your project, so you won't see the InternetButton sources.The library is added to your project when the project is compiled in the cloud.

To make the library functionality available to your application, you add an include statement to your application source code.The include statement names the library header file, which is the library name with a .h ending.

For example, if we were using the library 'UberSensor', it would be included like this

library view

The library view downloads the source code of a library so you can view the code, example and README.

Change to the directory indicated to view the sources.

library copy

Adding a library to your project does not add the library sources. For times when you want to modify the library sources, you can have them added locally.

The library will be copied to the lib folder of your project. If you already have the library in your project.properties make sure to remove it so the cloud compiler doesn't overwrite your changed copy with the published code.

Incorporating the library into your project

Once the library is added, it is available for use within your project.The first step to using the library is to include the library header, which follows the name of the library. For example:

The functions and classes from that library are then available for use in your application.Check out the library examples and documentation that comes with the library for specifics on using that library.

Contributing Libraries

Contributing a library is the process where you author a library and share this with the community.

The steps to creating a library are as follows:

• optionally, create a project for consuming the library
• scaffold a new library structure - library create
• author the library, tests and examples
• publish the library

Create a project for consuming the library

While it's not strictly necessary to have a project present when authoringa new library, having one can help ensure that the library works as intended before publishing it. The project allows you to consume the library, check that it compiles and verify it behaves as expected on the target platforms before publishing.

For the library consumer project that will consume the library mylib, create an initial project structure that looks like this:

The library will exist in the directory lib/mylib.

All these files are initially empty - we'll add content to them as the library is authored.

Scaffolding the library

The library create command is used to scaffold the library. It creates a skeleton structure for the library, containinginitial sources, examples, tests and documentation.

In our example project structure we want to create a new library in lib/mylib so we will run these commands:

The command will prompt you to enter the name of the library - mylib, the version - 0.0.1 and the author, your name/handle/ident.

The command will then create the skeleton structure for the library.

Authoring the library

You are then free to edit the .cpp and .h files in the lib/mylib/src folder to provide the functionality of your library.

It's a good idea to test often, by writing code in the consuming project that uses each piece of functionality in the library as it's written.

Consuming the library

To test your changes in the library, compile the project using particle compile <platform>

particle compile photon

This will create a .bin file which you then flash to your device.

particle flash mydevice firmware.bin

(Replace the name firmware.bin with the name of the .bin file produced by the compile step.)

Contributing the library

Once you have tested the library and you are ready to upload the library to the cloud, you run the library uploadcommand. You run this command from the directory containing the library

Before the library is contributed, it is first validated. If validation succeeds, the library is contributedand is then available for use in your other projects. The library is not available to anyone else.

Update Macos Command Line Tools

Publishing the Library

If you wish to make a contributed library available to everyone, it first needs to be published.

Macos Software Update Command Line

When publishing a library, it's important to ensure the version number hasn't been published before -if the version has already been published, the library will not be published and an error message will be displayed.

Incrementing the version number with each publish is a recommended approach to ensuring unique versions.

Once the library is published, it is visible to everyone and available for use. Once the a given version of a libraryhas been published, the files and data cannot be changed. Subsequent changes must be via a new contributed versionand subsequent publish.

Reference

For more info on CLI commands, go here.

Also, check out and join our community forums for advanced help, tutorials, and troubleshooting.