In this article, we’ll show you how to install fonts on macOS using Intune. We will use the InstallFontsmacos.sh shell script to deploy custom font files on Mac devices using Intune.
Intune allows administrators to remotely manage and configure various aspects of macOS devices, including font installations. One of our customers requested that we deploy a set of fonts on Mac devices. Because the Mac devices were already in Intune, all that was needed was a shell script to install the fonts.
On macOS devices, to use fonts in your apps, you need to install the fonts using Font Book. When you install a font, Font Book automatically validates or checks the font you’re installing for errors. The Font Book also checks for duplicate fonts.
In our previous article, we showed you how to deploy fonts for Windows devices using Intune using different methods. Similarly, for Mac devices, you can use a simple shell script to install the fonts (.ttf and .otf) using Intune. If you are new to deploying shell scripts in Intune, we recommend reading a guide that explains how to run shell scripts on macOS using Intune.
MacOS Supported Font Types
On your Mac, you can download a font file from Apple or another source. The fonts that you download from other sources are referred to as custom fonts. According to Apple Support, the following font types are supported on macOS:
- TrueType (.ttf) fonts
- Variable TrueType (.ttf) fonts
- TrueType Collection (.ttc) fonts
- OpenType and OpenType-SVG (.otf) fonts
- OpenType Collection (.ttc) fonts.
- Legacy suitcase TrueType fonts and PostScript Type 1 LWFN fonts might work but aren’t recommended.
The font types listed above can be manually installed on Mac devices or installed using Intune. Make sure the font that you deploy is a supported font file type for macOS devices. Once deployed, these fonts will be automatically installed on all managed Macs, ensuring uniformity in typography throughout the organization.
Also Read: Remove Device from Company Portal for macOS
Ways to deploy custom fonts on Mac using Intune
Broadly, there are two ways to deploy fonts on macOS using Intune:
- Shell Script: Using a shell script to install fonts on macOS using Intune is a simple method. On Mac, you can install custom font files at the location of your choice.
- PKG App: Intune supports deploying PKG apps on Mac devices, so you can package all your custom font files into a .pkg file and distribute it with Intune. Creating a PKG file necessitates the use of software, and the majority of them require a license.
Prerequisites for Fonts Installation on macOS
The following prerequisites are required to deploy fonts on macOS using a shell script in Microsoft Intune:
- The macOS devices must be running version 11.0 or later.
- You must enroll macOS devices in Intune before you run shell scripts.
- The Mac devices must be connected directly to the Internet.
- You must have a font script ready to apply it to macOS devices.
- Shell scripts begin with #! and must be in a valid location, such as #!/bin/sh or #!/usr/bin/env zsh.
Useful Article: Create a Local Admin Account on MacOS using Intune
Location of Fonts on Mac Devices
Understanding the location of fonts on Mac devices is crucial when utilizing Intune for font installation. When you install fonts on Mac, the fonts are installed in the /Library/Fonts/ directory. When the fonts are installed for a system, they are available for all users on Mac. For example, the Arial Unicode.ttf font is located in /Library/Fonts/ and is available to all users.
If the fonts are installed for a user, they are located in ~/Library/Fonts/. When you install the fonts for a user, they are available only for that specific user. Any custom fonts installed manually by the Mac user will be placed in the /Library/Fonts/ location.
The InstallFontsmacos.sh shell script we will use in this article will install fonts in /Library/Fonts/ for all users to use. This is a recommended method, and most Mac applications, such as text editors, make use of fonts from this location.
Also Read: Set MacOS Device Name to Serial Number using Intune
Steps to install fonts on macOS using Intune
There are a series of steps involved in deploying fonts to Mac devices with Intune. We will go through each step in detail.
Step 1: Make the Font Files Publicly Accessible
It is crucial that the fonts you install on macOS devices using Intune are available in a publicly accessible location. This means that the font file can be hosted on an online storage service such as OneDrive, Google Drive, or, even better, an Azure Storage account.
In the screenshot below, we have created a storage account in Azure and placed the font files in a separate container called macfonts. You can use Microsoft Azure Storage Explorer or a browser to access the container you created in your Azure storage account.
We copied two font files into the macfonts folder and will use Microsoft Intune to deploy them to our macOS devices. There is no limit to the number of font files that can be deployed for macOS devices, but in an ideal world, you would only deploy the fonts that are required.
To obtain the publicly accessible URL for the macOS font files, simply navigate to the container properties. Here you can find the URL, and there is a copy button to copy the URL. The publicly accessible URL of the macfonts folder is shown below in the screenshot:
https://prajwaldesai.blob.core.windows.net/macfonts
You can use the above procedure to get the publicly accessible URLs of the individual font files hosted in Azure Storage. The below code shows the publicly accessible URLs of the individual font files.
https://prajwaldesai.blob.core.windows.net/macfonts/MouldyCheeseRegular.ttf
https://prajwaldesai.blob.core.windows.net/macfonts/SunnyspellsRegular.otf
Step 2: Download macOS Font Installation Script
We have created an InstallFontsmacos.sh shell script and hosted it for you on Prajwal Desai GitHub that you can use to install fonts on macOS using Intune. The InstallFontsmacos.sh script will download the font files from the publicly accessible location and install them on Mac devices with the help of Intune.
Before you deploy the script, you’ll have to specify the publicly accessible URLs of the font files. In Step 1, we demonstrated how to obtain the URLs. The script can accept multiple URLs for font files.
The destination directory for font installation is set to /Library/Fonts/. The fonts copied to this location will be accessible to all Mac users. The font file types that this script deploys are .TTF and .OTF which are popular font types for Mac.
Click on the below button to download the macOS font install shell script from GitHub. Save the InstallFontsmacos.sh script to your computer. We will upload this script to Intune while deploying the fonts.
Step 3: Deploy InstallFontsmacOS.sh Script in Intune
In this step, we will add the InstallFontsmacOS.sh shell script to Intune and deploy it to macOS devices. When this script executes on a remote macOS device, it downloads the font files from the Azure blob container and installs them in the /Library/Fonts/ location.
Use the following steps to upload the InstallFontsmacOS.sh shell script in the Intune admin center:
- Sign in to the Microsoft Intune Admin Center.
- Select Devices > macOS, and under macOS policies, select Shell Scripts.
- Click on the Add button to upload the InstallFontsmacOS.sh for macOS.
Enter a name for the profile in the Basics tab of the Add Script pane. Add a brief description of the policy. For instance, you can enter the following information for the InstallFontsmacOS.sh shell script:
Name: Deploy Fonts on macOS using Intune
Description: Use a shell script to install custom fonts on macOS devices using Intune
Click Next.
On the Script Settings tab, click on the Browse icon and select the InstallFontsmacOS.sh script. The shell script file must be less than 200 KB in size. You can view the script that has been uploaded, but you cannot edit or modify the script here.
Scroll down a bit, and here you’ll find a few important settings that can be configured for your macOS script execution.
- Run script as signed-in user: Choose No (default) to run the script as the root user. By default, the script is run as the root user.
- Hide script notifications on devices: By default, script notifications are shown for each script that is run. To hide the script notifications, select Yes.
- Script frequency: Select how often the script is to be run on macOS devices. In the below example, we have configured the InstallFontsmacOS.sh script to run every 30 minutes.
- Max number of times to retry if script fails: Select how many times the script should be run if it returns a non-zero exit code (zero meaning success). In the below example, we have set this value to 3 times.
Click Next.
On the Assignments tab, you select the Entra ID groups to deploy the shell script. Select one or more user or device groups to whom you want to assign the script. The groups you select are shown in the list, and will receive your script policy. Click Next.
In Review + add, a summary is shown of the settings you configured. Select Add to save the script. When you select Add, the installmacOSfonts.sh script policy is deployed to the macOS device/user groups you chose.
The macOS Shell script you created now appears in the list of scripts. If needed, you can select and view the contents of macOS shell scripts after you upload them to Intune.
Step 4: Sync Intune Policies on Mac Devices
To force devices to check with the most recent policies deployed, you can sync the policies on both Windows and Mac devices that are enrolled in Intune. There are several ways to sync Intune policies on Windows devices. While on Mac, you can manually sync Intune policies from the company portal. This is done to speed up the deployments from Intune.
Also Read: Install Intune Company Portal on Mac Devices
Step 5: Verify Fonts Installation on Mac Devices
Once the macOS devices have received the font installation policy from Intune, the fonts should now be installed in the /Library/Fonts/ location as per the script. So let’s check if the font deployment is successful on our macOS devices.
Sign in to one of the Mac devices. Run the following command: Command+Shift+G and browse to the /Library/Fonts/ location. In the below screenshot, we see the custom font files have been successfully installed by Intune.
To use the custom fonts on Mac, launch the text editor app. Select Fonts > All Fonts, and here scroll down and select the custom font that you distributed through Intune.
Troubleshooting font Installation failures on MacOS
When troubleshooting app/script deployment failures or company portal sync issues on macOS devices, the Intune MDM agent logs are critical. If you encounter font installation failures on Mac devices, you must always review the IntuneMDMAgent and IntuneMDMDaemon logs.
On a macOS device, the Intune management agent logs are located in the following folders:
- /Library/Logs/Microsoft/Intune (System)
- ~/Library/Logs/Microsoft/Intune (User Account)
For further troubleshooting steps, refer to the guide on how to collect Intune logs from macOS devices.
Conclusion
We hope the installfontsmacOS.sh shell script was useful in deploying custom fonts to Mac devices using Intune. With Intune, IT administrators can easily distribute and install fonts on multiple macOS devices within their organization. This ensures consistency in branding and design across all platforms. By simplifying the installation process and enabling remote management capabilities, Intune empowers administrators to effortlessly deploy fonts while maintaining consistency in branding and design across their networked Macs.
We can deploy fonts using intune configuration profile , but we need to create separate configuration profile for each fonts