Deploy the Kolide agent in Intune

1. Download the Kolide agent MSI installer from the Kolide website.
2. Use the Microsoft Win32 Content Prep Tool to create an .intunewin file for deployment.
3. Add Kolide as a Win32 app in Intune.
   • On the “App package file” pane, upload the .intunewin file you created in step 2.
   • On the “App information” page, set Publisher to 1Password, then download this image of the Kolide logo and upload it in the Logo field.
   • On the Program page, set “Allow available uninstall” to No. Don’t edit the “Install command” or “Uninstall command” fields.
   • On the “Detection rules” pane, choose Manually configure detection rule for the “Rules format”, then choose MSI. You can also choose to prevent your team from installing older versions of the Kolide agent.
4. Assign Kolide to your desired device groups, then review and create the app in Intune.

Prevent manual installations of an older Kolide agent

To prevent your team from installing an older version of the Kolide agent themselves, you can define a minimum installed version number in Intune.

To get your current version number, run the following PowerShell command on a Windows PC where the Kolide agent is installed and up-to-date, then record the numerical value displayed (for example, 1024001).

    Get-ItemProperty 'HKLM:\Software\Kolide\Launcher\kolide-k2\InstalledVersionNum'

Then, on the “Detection rules” pane, create a Registry rule and set the following values:

• Key path: Enter HKEY_LOCAL_MACHINE\SOFTWARE\Kolide\Launcher\kolide-k2\InstalledVersionNum
• Value name: Leave this field empty
• Detection method: Choose String comparison
• Operator: Choose Greater than or equal to
• Value: Enter the version number you recorded earlier