top of page
Search

How to Update macOS Apps using Intune

Writer's picture: Gareth OxendineGareth Oxendine
Oct 6, 20246 min read

Updated: Feb 1

SUMMARY:

Updating applications deployed to your machines is a big part of device management; below are a few key reasons why we need to update our apps:

  • to fix bugs

  • to patch security flaws

  • as preventative maintenance

  • so new machines receive the "latest and greatest"


In this article, I'll show how to use Intune to update macOS applications; these steps apply to all apps regardless of how they were installed.

Table of Contents


Updating Applications Using Intune Apps

If you already are deploying the application using Intune, you can use the same application deployment to deploy the latest version. If the application you are trying to update has not been deployed with Intune but is installed on your devices, you can also deploy the latest version using Intune; you will just need to create a new application deployment.


Step 1: Inspect the New PKG or DMG File

Remember that macOS applications have an identifier known as the bundle ID (CFBundleIdentifier). Applications with the same bundle ID are considered the same but may differ in versions.


Ensure the new installer file has the same bundle ID as the application currently installed on the devices. If the bundle IDs are the same, ensure the version number (CFBundleShortVersionString) is higher than what is currently installed.

To learn how to check these values, please use the links below:

Step 2: Test the Updated Application Version

IMPORTANT:

Always deploy the updated application to a few test machines first before deploying it company-wide. You never know what an update might potentially "break."

To test the new version, follow the steps below:

  1. Create a new app in Intune for testing purposes and upload the new PKG or DMG installer file.

  2. Set ignore version  to "no."

  3. Assign the deployment to a "test" group that contains the test machines.

NOTE:

If the new version installs side-by-side with the existing application rather than replacing/updating it, you may need to deploy a script to uninstall the old version. See the link below to learn how to use a script to uninstall macOS applications.


How to Uninstall macOS Applications using a Script

Step 3: Deploy the Updated Version

Once the new version has been tested successfully, deploy it company-wide.

IMPORTANT:

Follow the steps below after hours so that devices don't get the update midday. Remember that updating applications can cause downtime for the end user. For the most part, when an application updates, it closes and is unavailable for some time; we don't want users to lose work.

Also, ensure that the day you deploy it won’t affect dependent applications/processes.

If the application was originally deployed using Intune:

  1. Select the app listing in the Intune portal to upload the new installer file.

  2. Select Properties > Edit.

  3. Upload the new PKG or DMG file.

    1. If the app deployment type is macOS App (PKG), update the version under the Detection Rules section.

    2. If the app deployment type is macOS line-of-business App or macOS App (DMG), the version will automatically update.

  4. Set Ignore Version to No.

  5. Set a reminder to change ignore version to yes after a few weeks; if the app auto-updates itself in the future, we don't want Intune uninstalling it (having ignore version set to no means that Intune will keep reinstalling the uploaded version if a different version is detected).  

If the end-user installed the application or it came preinstalled:

  1. Create a new app listing and upload the new PKG or DMG file.

  2. Set Ignore Version to No.

  3. Assign the app to the appropriate group or to "all devices/users."

  4. Set a reminder to change ignore version to yes after a few weeks; if the app auto-updates itself in the future, we don't want Intune uninstalling it.


Updating Applications that were Deployed with a Script

As discussed in Using a Script and Intune to Deploy macOS Applications, sometimes a script is needed to install macOS applications if the Intune app deployment methods don't work for a specific app.


In this case, you can also use a script to update the app. The update script is similar to the install script in the linked article above.


Step 1: Inspect the New PKG or DMG File

Remember that macOS applications have an identifier known as the bundle ID (CFBundleIdentifier). Applications with the same bundle ID are considered the same but may differ in versions.


Ensure the new installer file has the same bundle ID as the application currently installed on the devices. If the bundle IDs are the same, ensure the version number (CFBundleShortVersionString) is higher than what is currently installed.

To learn how to check these values, please use the links below:


Step 2: Create the Script

IMPORTANT:

These scripts only update applications if the installer file is a PKG or a DMG file that contains a PKG(s).

Script Template for DMG Applications

  • First, before deploying the script, add the latest version to the NewVersion variable.

  • Next, this script checks to see if the application is already installed on the end user's machine; if it is, it will then check the app's version. If the version is the same as the new version, the script will exit with a success code (0). Change the application path as needed.

  • If the application is not already installed, then the script will do the following:

    • Create a subfolder in the /tmp folder. Change the folder name to whatever you'd like. Please note that items in the /tmp folder are deleted automatically when the computer is rebooted or after a short period if unused; this makes it the perfect place to download the installer file(s).

    • Use the cURL command to download the installer file(s). (Change the names of the files and folders in the file paths as needed.)

    • Mount the DMG file and use the installer command to install it. (To find the volume's name, mount the DMG on a test computer and use Finder to view it.)

    • Pause the script while the application is installed.

    • Unmount the DMG.


Script Template for PKG Applications

  • First, before deploying the script, add the latest version to the NewVersion variable.

  • Next, this script checks to see if the application is already installed on the end user's machine; if it is, it will then check the app's version. If the version is the same as the new version, the script will exit with a success code (0). Change the application path as needed.

  • If the application is not already installed, then the script will do the following:

    • Create a subfolder in the /tmp folder. Change the folder name to whatever you'd like. Please note that items in the /tmp folder are deleted automatically when the computer is rebooted or after a short period if unused; this makes it the perfect place to download the installer file(s).

    • Use the cURL command to download the installer file(s). (Change the names of the files and folders in the file paths as needed.)

    • Use the installer command to install it. (Change the names of the files and folders in the file paths as needed.)

    • Pause the script while the application is installed.

Step 3: Test the Script and the Updated Application Version

IMPORTANT:

Always deploy the script and the updated application to a few test machines first before deploying it company-wide. You never know what an update might potentially "break."

To test the new script and updated application version, follow the steps below:

  1. Create a new script in Intune for testing purposes. Click here to learn how.

  2. Assign the deployment to a "test" group that contains the test machines.

NOTE:

If the new version installs side-by-side with the existing application rather than replacing/updating it, then you may need to adjust the script to also uninstall the old version. See the link below to learn how to use a script to uninstall macOS applications.


How to Uninstall macOS Applications using a Script

Step 4: Deploy the Script using Intune

IMPORTANT:

Follow the steps below after hours so that devices don't get the update midday. Remember that updating applications can cause downtime for the end user. For the most part, when an application updates, it closes and is unavailable for some time; we don't want users to lose work.

      

Also, ensure that the day you deploy it won’t affect dependent applications/processes.

Once the script and the new application version have been tested successfully, deploy it company-wide. Click the link below to learn how to deploy scripts to macOS devices using Intune:






Cover Picture provided by Freepik

 
 
 

Comments

Recent Posts

Click the Heart to Like!

If this post is helpful,please click the heart at the bottom of the page. 

Follow us on LinkedIn!

We'd like to invite you to follow us on LinkedIn! Click the icon to follow.

Never Miss a Post. Subscribe Now!

Want to be notified whenever a new article is posted? Enter your email address and subscribe!

Thanks for submitting!

Donate to the Blog?

We hope the blog was helpful to you! If so, we'll take a donation as a form of thanks! :) 

© 2024 by DMTT. Powered and secured by Wix

$

Thank you for your donation!

bottom of page