Enrolling Linux Device into Microsoft Intune

With the growing adoption of Microsoft Intune as a unified endpoint management (UEM) solution, organizations are now empowered to manage devices across various platforms, including Linux. Ubuntu, one of the most popular Linux distributions, can be seamlessly enrolled in Intune for compliance and security management.

In this blog post, I will guide you through the process of enrolling an Ubuntu 22.04 Linux device in Microsoft Intune, along with some prerequisites and tips. Let’s get started!

Why Enroll Linux Devices in Intune?

With the increased use of Linux systems in development and IT operations, integrating these devices into Intune provides several advantages:

• Unified Management: Centralized management of all devices, including Windows, macOS, iOS, Android, and now Linux.
• Security & Compliance: Ensure Linux systems comply with organizational policies.
• Monitoring & Reporting: Gain visibility over Linux devices in the organization.

Currently, Microsoft Intune supports Linux distributions such as Ubuntu 24.04, 22.04 and 20.04 LTS, RedHat Enterprise Linux 8 and 9.

Prerequisites

Before enrolling your Ubuntu device into Intune, ensure you meet the following prerequisites:

1. Microsoft Intune Licensing: Your tenant must include appropriate licensing for Microsoft Endpoint Manager (MEM). The user with which you’re planning to enroll the Ubuntu device into Microsoft Intune needs to be assigned with this license.
2. Ubuntu Version: Supported versions are Ubuntu 20.04 or 22.04 or 24.04LTS.
3. Microsoft Edge Browser: Install Microsoft Edge for Linux, as it is required for enrollment and for accessing your organization’s websites and other online resources.
4. Intune Company Portal App: The Intune Company Portal must be installed on your Linux device.
5. Access to Internet: Ensure your device can reach Microsoft Intune services.

Steps to Enroll Ubuntu 22.04 in Microsoft Intune

Follow the step-by-step process below to successfully enroll your Ubuntu 22.04 device.

Step 1: Install Microsoft Edge

To add Linux devices to Microsoft Intune, Microsoft Edge must be installed and used as the browser to access company resources. On Ubuntu, the Firefox browser comes pre-installed, and it can be used to download Microsoft Edge.

Simply open Firefox and visit the Microsoft Edge official download page. From there, download the Debian/Ubuntu (.deb) installation package.

When prompted, click the “Accept and Download” button to begin the download.

Once the download is complete, you can proceed to install Microsoft Edge on your Ubuntu device. Clicking on the installation package, it will prompt you to select application for this package to open with. You can choose either of the options: Archive Manager or Software Install, here I’m choosing the option: Software Install.

Click on the Install button to get the latest version of Microsoft Edge browser on Ubuntu Desktop.

After completing the installation of Microsoft Edge, click on Show Applications and type “Edge” in the search box. Microsoft Edge should appear in the search results, confirming a successful installation.

With this, the process of installing Microsoft Edge on Ubuntu Linux is complete.

Step 2: Install Microsoft Intune App on Ubuntu

The Microsoft Intune app allows you to enroll your Linux device in Intune, enabling device management and compliance. Before installing the Intune app, you must execute specific commands using a privileged account capable of installing programs on your Linux distribution.

The source files for the Microsoft Intune app are available at Microsoft Packages. Below are the detailed steps to install the Intune app on your Ubuntu Desktop.

1. Launch the Terminal App

To begin, click on Show Applications and search for Terminal. Launch the Terminal app, as you’ll need it to run the required commands for installation.

2. Install Curl

The first prerequisite is installing Curl. Enter the following command in the Terminal:

sudo apt install curl gpg

If prompted for a password, enter it to continue. Once the installation completes, verify that Curl has been successfully installed by reviewing the Terminal output.

3. Check Your Ubuntu Version

To ensure compatibility, check the version of your Ubuntu Desktop by running:

lsb_release -a

In the screenshot above, the release version is 22.04.

4. Install the Microsoft Package Signing Key

The Microsoft package signing key must be installed based on your Ubuntu version.

For Ubuntu 22.04, use these commands:

curl https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.gpg
sudo install -o root -g root -m 644 microsoft.gpg /usr/share/keyrings/
sudo sh -c 'echo "deb [arch=amd64 signed-by=/usr/share/keyrings/microsoft.gpg] https://packages.microsoft.com/ubuntu/22.04/prod jammy main" > /etc/apt/sources.list.d/microsoft-ubuntu-jammy-prod.list'
sudo rm microsoft.gpg

For Ubuntu 24.04, use the following commands:

curl https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.gpg
sudo install -o root -g root -m 644 microsoft.gpg /usr/share/keyrings/
sudo sh -c 'echo "deb [arch=amd64 signed-by=/usr/share/keyrings/microsoft.gpg] https://packages.microsoft.com/ubuntu/24.04/prod focal main" > /etc/apt/sources.list.d/microsoft-ubuntu-focal-prod.list'
sudo rm microsoft.gpg

5. Install the Intune App

After setting up the package signing key, update your package list and install the Intune app with the following commands:

sudo apt update
sudo apt install intune-portal

6. Reboot Your Device

To complete the installation, reboot your Ubuntu desktop. After rebooting, click Show Applications and type “Intune” in the search box. If the Microsoft Intune app appears in the results, the installation was successful.

With these steps, your Ubuntu device is now ready to be enrolled and managed via Microsoft Intune.

Step 3: Enrolling Your Linux Device in Intune

In this step, we will walk you through the process of enrolling your Ubuntu device in Microsoft Intune.

1. Launch the Intune App
   Begin by signing in to your Linux device and launching the Microsoft Intune app.

2. Start the Enrollment Process
   Once the Intune app opens, click on the Sign-in button to initiate the enrollment process. This allows the Intune Agent to access work or school resources securely.

3. Sign in with Your Account
   Enter your work or school account credentials to proceed. If the account is configured with the MFA, it will prompt you to insert Multi Factor Authentication (MFA) along with password.

4. Register the Device
   After signing in, you will be prompted to register the device. Click on the Register button to continue.

5. Begin Device Registration
   On the next screen, click the Begin button to start the device registration process.

6. Review Organization Access Details
   You will see an overview of the information your organization can access or manage when you enroll your Linux device. Till date, the details collected by the Intune agent include:
   • Device model, serial number, and operating system.
   • Names of installed apps.
   • Device name identification.
   • Information from work-related apps and networks.

Click Begin to proceed with enrollment.

7. Check Compliance Status
   Once registration is complete, the device will automatically check for compliance if any policies configured.

Step 4: Verify Device Enrollment

To confirm the enrollment:

1. Log in to the Microsoft Intune Admin Center at https://intune.microsoft.com/.
2. Navigate to Devices > Linux > Linux devices.
3. Your Ubuntu 22.04 device should appear in the list of enrolled devices.

You can now view and manage the device, apply compliance policies, and monitor its status.

Troubleshooting Tips

If you encounter issues during the enrollment process, consider the following troubleshooting tips:

• Ensure you have an active internet connection in Linux Device.
• Ensure the license is assigned to the user.
• Verify that the Microsoft Intune App is installed correctly and up to date.
• Check for the Error Logs shown in the Linux Device.

Conclusion

Enrolling your Ubuntu 22.04 Linux devices into Microsoft Intune enables you to unify device management and ensure organizational compliance. By following the steps outlined in this guide, you can seamlessly register your Linux systems and leverage the powerful capabilities of Microsoft Endpoint Manager.

If you are already using Intune for other platforms, adding Linux devices will further strengthen your endpoint management strategy. Stay tuned for more tips and tutorials on managing diverse IT environments!

Er. Janak Khadka