Most solutions that describe how to deploy a font through Intune use an external source to host fonts such as Azure Blob storage.
If you want to KISS (keep it simple, stupid), you don’t want to maintain two different things (your script and externally accessible storage).
The following example shows how to embed a file in a PowerShell script, and then install it into the Fonts folder. This could, of course, be used for other purposes, but don’t forget that the script size limit in Intune is only 200kb.
First, execute the following in a PS window:
$inputFontPath = "C:\fonts\YourFont.ttf"
Compress-Archive $inputFontPath -CompressionLevel Optimal -DestinationPath (Join-Path $Env:TEMP -ChildPath "tempzipfontzipfile.zip") -Force
[Array]$bytes = [io.file]::ReadAllBytes((Join-Path $Env:TEMP -ChildPath "tempzipfontzipfile.zip"))
$b64 = [System.Convert]::ToBase64String($bytes)
$b64 | Set-Clipboard
You have now compressed and base64 encoded YourFont.ttf, and this is loaded in memory (clipboard).
Create a new file, e.g. YourFont.ps1 and add the following:
$b64 = "<SELECT EVERYTHING BETWEEN THESE QUOTES, THEN PRESS CTRL+V>"
$byteContent = [System.Convert]::FromBase64String($b64)
$byteContent | Set-Content (Join-Path $Env:TEMP -ChildPath "tempzipfontzipfile.zip") -Encoding Byte -Force
Expand-Archive -Path (Join-Path $Env:TEMP -ChildPath "tempzipfontzipfile.zip") -DestinationPath (Join-Path $Env:TEMP -ChildPath "tempfontsfolder") -Force
$sa = new-object -comobject shell.application
$Fonts = $sa.NameSpace(20)
gci (Join-Path $Env:TEMP -ChildPath "tempfontsfolder") | % {$Fonts.MoveHere($_.FullName)}
Remove-Item (Join-Path $Env:TEMP -ChildPath "tempzipfontzipfile.zip") -Force -ErrorAction SilentlyContinue
Remove-Item (Join-Path $Env:TEMP -ChildPath "tempfontsfolder") -Force -Recurse -ErrorAction SilentlyContinue
On the first line, follow the instructions (e.g. paste your b64-encoded font on that line). Now save and check if the size is below 200kb, then distribute the script to your users. For Fonts, don’t forget to let the script run in system context as administrative permissions are required when installing Fonts.
This method can be used to deploy other payloads as well, happy scripting!
[…] organisation. Looking online there are several scripts that allow you to deploy an individual font (Deploying an embedded file (FONT) in a Powershell script through Intune MDM) however I had two font families with a total of 15 fonts that needed to be deployed. Encoding […]
Any reason this is not working on Windows 10 1809? I have it and it works with 1803 but I am not seeing any success for 1809.
Hi,
I used the OneDrive Mapper (After some minor changes it worked).
However, the mapped drive has a limit of 236gb (My OneDrive has 5TB). Is there a portion of the code that limits, or is this something Microsoft does? I’d like to have full access to my account.
Thanks,
David
[…] Original source/post: https://www.lieben.nu/liebensraum/2019/01/deploying-an-embedded-file-font-in-a-powershell-script-thr… […]
I also have a problem with 2nd script, paste your b64-encoded font on that line. Not sure what it is asking for?
Hi
I have problem with the point of your 2nd script, paste your b64-encoded font on that line
where do i get the b64-encoded font?
thanks and kind regards
EDit: i got it !!!!!