Intune deployment

Deploy Aegress Extension with Intune

Use either Win32 app deployment or browser policy. Both paths force-install Edge or Chrome, push managed storage, and record browser family, install identity, policy source, tenant, and org metadata with extension events.

Configure deployment kit

Deployment kit is not ready.Missing: tenant ID, extension API token, Edge or Chrome extension ID.

Win32 app path

PackageUse the deployment kit policy folder as the Win32 app source. Keep the scoped extension token in Intune or your packaging secret store.
Install commandUse the generated windows-edge or windows-chrome Intune install command. It force-installs the browser extension and writes managed storage.
DetectionUse the matching detection script. It checks force-install policy and required managed storage keys before Intune marks the app installed.
AttributionPass AegressDeviceId from inventory when available. The script defaults AegressDeviceLabel to the Windows computer name.

Browser policy path

Policy channelUse Settings Catalog or Administrative Templates for Edge or Chrome ExtensionInstallForcelist.
Force installPaste the force-install value from the deployment kit for the matching browser.
Managed storagePush tenant ID, org ID when used, deployment ID, policy source, and extension token for the same extension ID.
Rollout sourceSet aegressPolicySource to intune so Aegress separates policy-managed installs from other rollout channels.

Device and user identity

Signal	Key	Use
Device name	AegressDeviceLabel	Defaults to COMPUTERNAME in the Windows script.
Device ID	AegressDeviceId	Pass an Intune, Entra, Jamf, Kandji, or Chrome Enterprise inventory identifier.
User ID	aegressUserId	Push only from a user-scoped browser policy or identity-aware MDM profile.
Fallback	aegressInstallId	Generated by the extension when no stronger user or device identity is available.

Win32 app path

PackageUse the deployment kit policy folder as the Win32 app source. Keep the scoped extension token in Intune or your packaging secret store.

Install commandUse the generated windows-edge or windows-chrome Intune install command. It force-installs the browser extension and writes managed storage.

DetectionUse the matching detection script. It checks force-install policy and required managed storage keys before Intune marks the app installed.

AttributionPass AegressDeviceId from inventory when available. The script defaults AegressDeviceLabel to the Windows computer name.

Browser policy path

Policy channelUse Settings Catalog or Administrative Templates for Edge or Chrome ExtensionInstallForcelist.

Force installPaste the force-install value from the deployment kit for the matching browser.

Managed storagePush tenant ID, org ID when used, deployment ID, policy source, and extension token for the same extension ID.

Rollout sourceSet aegressPolicySource to intune so Aegress separates policy-managed installs from other rollout channels.

Device and user identity

Signal	Key	Use
Device name	AegressDeviceLabel	Defaults to COMPUTERNAME in the Windows script.
Device ID	AegressDeviceId	Pass an Intune, Entra, Jamf, Kandji, or Chrome Enterprise inventory identifier.
User ID	aegressUserId	Push only from a user-scoped browser policy or identity-aware MDM profile.
Fallback	aegressInstallId	Generated by the extension when no stronger user or device identity is available.