In order to deploy the HEIMDAL Agent through Microsoft Intune, you need to download the HEIMDAL Agent package, replace the filename with the license key, upload it to Intune, and push it to your macOS endpoints/groups.
Adding the new app in Microsoft Intune Manager
1. Log in to the Microsoft 365 admin center and access the Endpoint Manager.
2. On the left-side menu, click on Apps and then on All apps to access the list of available applications.
3. Press Add to add the new app, select the Line-of-business app type and press the Select button.
4. From the Add App window, press Select app package file, browse for the App package file (on the right-side pane), and press OK.
5. Configure the app by specifying the required information in the fields below:
- Name - You can configure it to be Heimdal Thor Agent (or Heimdal Agent);
- Description - You can give it a description that will be visible in the Company Portal;
- Publisher - You can specify the publisher name: Heimdal Security;
- Minimum operating system - macOS Mojave 10.14 (gets automatically filled in);
- Ignore app version - select Yes, since the HEIMDAL Agent is updated by Heimdal Security;
- Install as managed - this option applies to macOS 11 and higher.
6. The HEIMDAL Agent package includes a couple of components that get installed in order to work, but they need to be removed from the App bundle ID list to allow Intune to validate the app installation status. This means that the following components (prerequisites) need to be deleted: com.heimdalsecurity.HeimdalDomain, org.cocoapods.SSZipArchive, org.cocoapods.RealmSwift, com.heimdalsecurity.HMLog, org-sparkle-project.Sparkle, orc.cocoapods.Realm, com.heimdalsecurity.HeimdalClient, com.heimdalsecurity.SharedUI, org.cocoapods.SnapKit, org.cocoapods.Socket.
The only app bundle ID that needs to be left on the list is the com.heimdalsecurity.heimdalAgent.
7. The following details are optional and can be filled in according to your needs.
8. Once the application is added, you can assign it to a group or multiple groups, to a user or all users, or to a device or all devices. After you select the assignment press Next.
9. Review the configuration and press Create.
Deploying the newly-added application
Once the assignment has been configured, Intune will take care of the deployment and it will install the HEIMDAL Agent on the computers that are selected for deployment. On macOS devices, Intune requires Company Portal in order to push settings and applications. Once you have Company Portal running on the device, you can follow the steps below:
1. On the computer where you want the deployment to occur, run Company Portal.
2. From the Company Portal, select the device, click the 3-dot button and Check status.
3. The Company Portal will sync with Intune and will apply the new settings or install the applications that are assigned on the endpoint.
5. It will take a couple of minutes until the application will be pushed by Intune onto the device, but you can have a look in the Finder -> Applications to see when the deployment takes place.
6. Once the deployment is finished, the Microsoft Intune Manager will display an Installed status: