Hi Linden
I think your expectations (or those of your employer) might be a bit out of
sync with the reality of the software you're asking about.
This isn't a piece of installable software in the way that corporate entities
will likely recognise. There are no user accounts, any more than there's a user
account required to type "dir" in a command window. It's an old-school command
line tool. In many cases, under windows, it's a single executable file. Once
set up it mostly doesn't require any privileges beyond ability to read and
write the files it's working on. If you start using it to serve video over a
network, you'll need to ensure it's allowed to do whatever it needs to do.
Many environments are likely to treat unannounced executable files with a bit
of suspicion until persuaded everything's OK. None of this should be a problem
for the IT team where people genuinely need to use it.
It's open source software and as to licensing, one of the problems is that
there's nobody who's really going to be able to tell you that anything's OK
other than your legal team, based on a legal analysis of the relevant license
text. There is a loosely-defined core team of people behind ffmpeg but they're
volunteers, mostly concerned with engineering, and do not routinely answer
questions about licensing. Mostly my understanding is that if you're simply
using it, as opposed to distributing it to people outside the company,
licensing is essentially a non-issue
That's about the best guide you're likely to be able to get. You're talking to
a list of volunteers and users and I don't think anyone is going to go through
your questions point by point. They're questions intended for people selling
big corporate software packages and that's not what ffmpeg is.
P
On Friday, 19 June 2026 at 07:47:59 BST, Linden Beaumont via ffmpeg-user
<[email protected]> wrote:
Hello,
I work for Ideagen and my teams wants to use FFmpeg. Our company policy is to
know a bit about applications before allowing employees to install them. As
such I have a few questions (below). Is there a place on your website where
there is an answer to them all? Or would you be able to take a few minutes to
answer them?
Many thanks,
Linden
Administrative Privileges
We expect applications to run on our end-user compute devices without
administrative privileges.
Questions:
* Does your application require administrative privileges to run?
* If yes, please explain why and what specific privileges are required
* Are there any workarounds to run without administrative privileges?
Installation and Deployment
We install applications on our endpoints via Microsoft Intune.
For Windows applications, we require apps that can be deployed via:
* MSI installer
* Microsoft Store (via Microsoft Intune)
* WinGet package manager
For macOS applications, we require apps that can be deployed via:
* DMG or PKG installers (via Microsoft Intune)
For mobile apps (iOS/Android), we require:
* Apps that can be secured with Microsoft Intune App Protection Policy
* Apps that support Azure AD Conditional Access Policy
Questions:
* Have you verified that your application can be installed via Microsoft
Intune?
* What installation method(s) does your application support?
* Are silent installation switches available?
* Can installation be customized or pre-configured?
Authentication and Identity
Authentication Methods:
How does your application authenticate users:
* Modern authentication with Entra ID (OAuth 2.0, OpenID Connect)
* Windows Integrated Authentication
* Certificate-based authentication
* Biometric authentication (Windows Hello, Touch ID, Face ID)
* Other (please specify)
Entra ID Integration:
* Does the application support Entra ID Conditional Access policies?
* Does the application support device-based Conditional Access (compliant
device requirements)?
* Can the application enforce multi-factor authentication through Entra ID?
* Does the application support seamless single sign-on (SSO)?
Device Identity and Trust:
* Does the application verify device identity (Entra ID joined, Hybrid
joined, registered)?
* Can the application be restricted to corporate-managed devices only?
* Does the application support Intune App Protection Policies for data
protection?
Session and Token Management:
* How long do authentication sessions persist?
* Does the application support token refresh without user interaction?
* Can we configure session timeout policies?
* Does the application properly clear credentials on sign-out?
Offline Authentication:
* Can users authenticate when offline?
* How are cached credentials handled?
* What is the offline access duration before re-authentication is required?
Network Requirements
Connectivity:
* What outbound network connectivity is required for the application to
function?
* What ports and protocols are required?
* What are the destination IP ranges or FQDNs that need to be allowed?
* Do you support IPv6?
Dependencies:
* Does the application require internet access for licensing validation?
* Does the application require internet access for updates?
* Does the application send telemetry or diagnostic data?
* Can the application function offline or with limited connectivity?
Licensing and Activation
License Management:
* How is the application licensed (per-user, per-device, concurrent,
subscription)?
* How are licenses assigned to users or devices?
* Can licenses be managed centrally (e.g., through a license server or
management portal)?
Activation and Registration:
* What activation method does the application use:
* User-based activation (tied to Entra ID/user credentials)
* Device-based activation (tied to device identity)
* License key or activation code
* License file deployment
* Volume licensing/KMS activation
* Other (please specify)
Deployment Considerations:
* Can licensing be pre-configured during Intune deployment?
* Does the application support silent activation without user interaction?
* Can license keys or files be deployed via Intune configuration policies?
* Is online activation required, or can devices be activated offline?
License Validation:
* How frequently does the application validate its license?
* What happens if license validation fails (grace period, offline mode,
application locks)?
* Does license validation require internet connectivity?
* What network endpoints are used for license validation?
License Portability:
* Can users roam between devices with their license?
* How is license deactivation/reactivation handled when replacing devices?
* Are there limits on license transfers or device changes?
Update Management
* How are application updates delivered?
* Can updates be managed centrally via Intune?
* What is the frequency of updates?
* Are updates mandatory or optional?
* Is there a notification mechanism for available updates?
Implementation and Rollout
Please provide:
* Packaging and deployment guide for Intune
* Detailed implementation timescales for pilot and production rollout
* Resources required from Ideagen for testing and deployment
* User acceptance testing requirements
* Training requirements for end users
* Support model during and after rollout
* Known compatibility issues with enterprise security tools (antivirus, DLP,
etc.)
Linden Beaumont
Data Analyst and Developer
+44 1629 699 100
LinkedIn
https://ideagen.ai
Ideagen acknowledges the Traditional Owners and Custodians of Country
throughout Australia. We recognise their enduring connection to the lands, the
waterways, and the skies. We acknowledge the Gadigal people, on whose lands our
head office is located, as well as all other First Nation Countries we operate
across.
We pay our respects to Elders past, present and to all Aboriginal and Torres
Strait Islander peoples
This email has been sent from a PC belonging to Ideagen. Its contents are
confidential to the sender and the intended recipient. If you receive it in
error, please tell us by return and then delete it from your system; you may
not rely on its contents nor copy or disclose it to anyone. Opinions,
conclusions and statements of intent in this email are those of the sender and
will not bind Ideagen unless confirmed by an authorised representative
independently of this message. We do not accept responsibility for viruses; you
must scan for these. Please note that emails sent to and from Ideagen are
routinely monitored for record-keeping and quality control, to ensure
regulatory compliance and to prevent viruses and unauthorised use of our
computer systems.
Ideagen is committed to the environment. Please think before you print.
Ideagen, registered in England No. 2805019.
Registered office: One Mere Way, Ruddington Fields Business Park, Ruddington,
Nottinghamshire, NG11 6JS.
_______________________________________________
ffmpeg-user mailing list -- [email protected]
To unsubscribe send an email to [email protected]
_______________________________________________
ffmpeg-user mailing list -- [email protected]
To unsubscribe send an email to [email protected]
