-
Notifications
You must be signed in to change notification settings - Fork 0
Home
This solution uses only Entra ID Groups and Intune MDM configuration profiles to scope software in Munki.
The process is really pretty straight forward. At a high level it looks like this:
- In Intune, you create a MDM delivered configuration profile and scope it to a static or dynamic group
- Intune MDM delivers preference files to /Library/Managed Preferences on the Mac
- Munki looks for the presence of those files or the contents of the files with a Munki Condition
- If a specific file is there, or it has a specific preference key, then a software title becomes available for installation
That's really all there is to it.
This allows you to use a single Munki manifest for all client machines and have munki calculate the applicability of any given software title at run time.
There are Munki Conditions for the following items managed by membership of Entra ID groups:
See the Getting Started page for more specifics about how to implement.
There are some other interesting solutions that will dynamically create Munki manifest files based on similar attributes or group assignments. Those solutions need extra Azure resources to work, many or which come with additional overhead and cost. Here's one:
munki-manifest-generator:
https://github.com/almenscorner/Munki-Manifest-Generator