Creating a Intune Application Deployment Overview – Part 2

Standard

Last week I posted the first version of my Intune Application Deployment Overview script. This script exported device deployment information from Intune through the Graph API to a CSV file and a HTML file. The CSV file contained all the device deployment details and the HTML contained a summary of the deployment status for all applications. You can find this first post here. This blogpost is build on top of this first blogpost, this blogpost describes the next version of this script. In this version I’ve added the user deployment information of Intune Application deployments. Before you continue I want to advise you to first read the first blogpost.

Continue reading

Deploy your HA RDS environment through an Azure ARM template

Standard

Last week I finally published my first Azure ARM template for deploying a RDS environment. This template was based on a Azure AD Domain Services environment and depends on the Azure AD Application Proxy for publishing the RD Web and RD Gateway role. The good news for this deployment was that no DMZ was necessary. The bad news was that the UPD channel of the RD gateway cannot be used. Today I will publish a template which is based on a existing Azure Active Directory (not specially Azure AD Domain Services) and on publishing the RD Web and RD Gateway roles in the DMZ for publishing the environment. This template is basically re-using 75% of the template and scripts of the Cloud Only Deployment.

Continue reading

Azure RemoteApp: Publish applications to individual users or a group of users

Standard

Last week the Azure RemoteApp team introduced the ‘most-voted’ feature in Azure RemoteApp: ‘Publish applications to individual users’. This functionality is now in private preview and can be requested by filling in this survey: http://www.instant.ly/s/AY83p/nav. When it’s enabled for your subscription you can publish applications to individual users. In this blogpost I want to explore this new functionality and look into how it can be activated and configured. I’m also looking into combining this new functionality with publishing applications based on group membership. If you want to try it yourself you can find the documentation here: https://azure.microsoft.com/en-us/documentation/articles/remoteapp-perapp/
Continue reading

Updates to Azure RemoteApp Membership Runbook

Standard

Based on announcement that Azure Automation now supports Azure Resource Manager (source) I checked my solution for synchronizing Azure RemoteApp membership through Azure Automation. You can find the original blogpost here. The solution used both Service Management API cmdlets and Azure Resource Manager cmdlets. Based on the testing the Azure Resource Manager cmdlets did fail during the execution of the runbook. I’ve updated the runbook and everything is now working again using the new Azure Resource Manager cmdlets.
Continue reading

Azure RemoteApp Clean-up AD with Azure Automation

Standard

You can deploy Azure RemoteApp in different scenarios. One of the scenarios is a Hybrid Deployment. In a Hybrid deployment the Azure RemoteApp instances are added to your Active Directory. The instances will be added to a dedicated OU in that Active Directory. When you start working with a Hybrid Deployment you will notice after some time that the orphaned AD Computer objects of Azure RemoteApp instances will not be deleted. This blogpost will focus on using cleaning up this computer accounts with using a new Azure RemoteApp cmdlet and Azure Automation.
Continue reading

Azure RemoteApp: App-V Support Part 3

Standard

This is the last part in the blog series about App-V support in Azure RemoteApp. In the first part I discussed the use of a standalone App-V deployment with Azure RemoteApp. The second part discussed the use of the full App-V infrastructure in combination with Azure RemoteApp. This last part will focus on deploying App-V applications through System Center Configuration Manager (ConfigMgr). This blogpost will describe the steps needed to add your RemoteApp instances to ConfigMgr and the steps needed to deploy the App-V applications.

Continue reading

Sync Azure RemoteApp Collection Membership with Azure Automation Part 2

Standard

Updated version with blogpost can be found here: http://wp.me/p5avG1-va

Last month I created an Azure Automation workflow which will add and remove members from an Azure Active Directory to a Hybrid Azure RemoteApp collection. With this runbook you get an automated sync solution between an AD Group and an Azure RemoteApp collection. The first version was not complete in terms of reporting what it actually did; which users were added and which were removed. I have now developed a second version of this runbook which will send an email with the results of the runbook to an email address.

Continue reading

Sync Azure RemoteApp Collection Membership with Azure Automation

Standard

Granting user’s access to Azure RemoteApp is done by adding them as a user to an Azure RemoteApp collection. There are 2 ways to do this, the first option is by adding single users through the Azure portal or the second option is to use the bulk user import functionality based on a csv file. Both options need to be executed from the Azure Portal. Unfortunately out-of-the-box it’s not possible to use an Active Directory group for granting access to Azure RemoteApp. There is a PowerShell solution made by Freek Berson which you will give this functionality through a PowerShell Script. You can find the link at the end of this blogpost. In this blogpost I want to focus on syncing an Azure Active-Directory group with Azure RemoteApp through Azure Automation. Since in a Hybrid scenario AD Sync is enabled you can also use an on premise AD group which will be synced to Azure Active Directory and use this group as your source. I like the idea of using Cloud technology where possible so this is why I created this solution.
Continue reading

SCOM 2012: ACS Security Log Retention Monitor (Update)

Standard

A couple of weeks ago I released a Management Pack with a Security Log retention monitor. This monitor uses PowerShell to determine the retention of the security log. This is important in ACS implementations and therefore you want to monitor this. Unfortunately I discovered some performance issues with the monitor so I changed the monitor to resolve these problems for Windows 2008 and later systems. Continue reading

SCOM 2012: ACS Forwarder Security Log Retention Monitor

Standard

In an OpsMgr Audit Collection Services implementation the local security logs on the forwarders are the queue when the collector is not available. So the retention time of the Security Log is a very important, but out-of-the-box not monitored by OpsMgr. Today I decided to create a PowerShell monitor which monitors the retention time of the security event log. This PowerShell monitor uses the following script to define the retention of the Security event log of an ACS forwarder.

Continue reading