Repository to onboard Ubuntu Desktop to Microsoft Intune on automated way so you need to do these manual steps one by one.
Onboarding Ubuntu Desktop will include following actions:
- Enabling Firewall - ufw (if not enabled already).
- Checking for updates and install all available ones.
- Downloading and installing Microsoft Edge (Stable).
- Downloading and installing Intune Company Portal.
- Removing following duplicate file related to Microsoft Edge that causes pointles errors when checking for updates (This is known issue. More information here).
/etc/apt/sources.list.d/microsoft-edge.list - Setting default browser to Microsoft Edge.
- Checking last time updates again and installing all available ones.
-
Open Terminal.
-
Copy and paste below command and press Enter.
cd Downloads && wget "https://raw.githubusercontent.com/janparttimaa/onboard-ubuntu-desktop-to-microsoft-intune/main/prod/ubuntu-desktop-22.04-lts/onboard.sh" && sudo chmod +x ./onboard.sh && ./onboard.sh -
Provide password of your sudo-rights if asked.
-
You will get last minute instructions that will ask you to save all unfinished work and close all applications completely but not the active Terminal-window. You will get separate prompt at the end of the onboarding process where you are asked to reboot your device and after rebooting the device, open the Company Portal-application and sign in using your Work or School account in order to register the device to Intune and Entra ID.
Are you getting Error 1001 when you are trying to sign into Company Portal using your Work or School account? If so, try to open Microsoft Edge. If Microsoft Edge is asking you to do first-time setup, please do that but please notice that you cannot yet sign into Microsoft Edge as your device is not registered to Intune and Entra ID. After doing first-time setup to Microsoft Edge, try again to open Company Portal and sign in with your Work or School account. It should work now normally.
-
Deploy Microsoft Defender for Endpoints (MDE) to managed Ubuntu Desktop-devices. I recommend to check this blog post from nickname RootRouteway.
Tip: You can also use Azure Blob Storage for Python-file deployments without having to maintain separate server for those on your local network or DMZ. Make sure that your Azure Blob Storage Container is using Shared Access Signature (SAS). -
Make sure that Compliance-policy have been created and deployed to managed Linux-devices.
-
If you don't need Firefox and Thunderbird-applications on your managed Linux-devices, deploy script via Intune that will uninstall these applications automatically. Replacement managed apps and services would be following:
Original app Replacement managed app or service More information Firefox Microsoft Edge N/A Thunderbird Microsoft Outlook on the Web (OWA) Employees can install PWA-app of this app if wanted.
- Here you can find some sample scripts for Intune provided by Microsoft.
- Here you can find list of applications that Microsoft provides to Linux-users: Linux resources at Microsoft.
- Please note though that list is not quite perfect as this does not provide 100% list of Microsoft Applications available for Linux. For example, Company Portal is totally missing.
I gathered simple table of applications and services that are available for Ubuntu-users. This list is evolving so it might be always 100% up-to-date. If you something is missing, please report that issue and I will update the list.
The list does not contain Admin-consoles that can be use for web browser (e.g Entra ID, Intune, Azure) as those will work on any opeating systems. The table below only focuses on applications that non-admin users and developers uses.
| Software | Purpose | Method | More information |
|---|---|---|---|
| Microsoft Edge | Company device management, Web browsing |
apt | Required application for all Managed Linux-devices. This will be deployed automatically using the onboarding script. |
| Intune Company Portal | Company device management | apt | Required application for all Managed Linux-devices. This will be deployed automatically using the onboarding script. |
| Microsoft 365 applications ans services (e.g. Outlook, Teams, Word, Excel, PowerPoint, OneDrive and Visio) |
Office activities | web/PWA | Use Microsoft Edge -browser for these services. Please note that Microsoft no longer provide native application of Microsoft Teams for any Linux distros. |
| Microsoft Defender for Endpoint (MDE) | Company device management | apt | If your company is already using Microsoft Defender on your fleet, this is then required application. This is something that MDM-admin usually deploys via Intune to managed Ubuntu-devices without need for manual installation by hand. |
| Visual Studio Code | Development | apt/snap | N/A |
| PowerShell | Development | apt/snap | N/A |
| Azure Storage Explorer | Development | snap | N/A |
| Azure Data Studio | Development | dpkg | N/A |
| Azure CLI | Development | apt | N/A |
| .NET | Development | apt/snap | N/A |
| Microsoft Remote Desktop | Development | web | Use Microsoft Edge for this. |
| Microsoft Build of OpenJDK | Development | apt | N/A |
| Skype for Consumers | Non-work related apps | snap | If employees are using Linux-distros on their personal life, just FYI that Skype for Consumers is also available as a native application. |
| Microsoft Casual Games | Non-work related apps | web | If employees are using Linux-distros on their personal life, just FYI that Microsoft's Solitaire, Minesweeper etc. can be play using web browser e.g. Microsoft Edge. |