Intune Package Store

24.09.2018 / Christian Kanja


On Monday, September 24, at Ignite in Orlando, Microsoft announced the new Intune Win32 App-Packaging technology (also named intunewin). Due to our strong relationship with the Intune product group our RealmJoin ecosystem is already completely adopted to this new format. That means that the new Intune technology is available to deploy hundreds of ready-to-use Windows application packages from the start. A cloud based package factory is ready to create any custom package request within hours to help customers to deploy 100% cloud managed workplaces - today.

RealmJoin at Ignite Intune Session

Background

When the global logistics company DB Schenker with 60,000 users in more than 1,000 branches needed a modern workplace strategy the idea was born to design a future workplace not only consuming cloud services but living a cloud operated client without any local dependencies. Instead of consolidating over 350 Active Directories, their trusted partner and Microsoft awarded Partner of the Year Glück & Kanja designed a solution to deploy a large-scale Azure AD together with Microsoft Intune provisioned Windows 10. This enables the customer to deploy secure corporate clients everywhere - no matter if the user works from headquarters or the local Starbucks.

Based on this experience, a blueprint was created to help other enterprise companies like EnBW, Uniper, and many more, deploy 100% cloud managed clients. The only real problem was that the deployment of Win32 applications were not possible at this time with native Intune. Glück & Kanja therefore developed a bridge technology called RealmJoin that closed the gap and worked as a companion to Intune to deploy thousands of different Windows applications from Adobe to SAP. Part of this ecosystem was a full-blown cloud based application store with pre-packaged Win32 applications to fast start any new project with predictable time and budget.

The Technology

Glück & Kanja designed a package factory based on modern development best practices. Instead of another incarnation of heavy loaded and aged SCCM or similar package formats and creation processes, the lightweight approach was to create a combination of binaries, metadata, and intelligence, into a well known package format called NuGet. These packages are used by millions of developers every day and is proven in countless instances. NuGet are created in a version control system (git) offering a reliable auditing about what, when, and who has changed anything in the lifetime of a package. When a change is committed an Azure driven automation builds the packages within deterministic environments (CI/CD system) and automated tests are done before a package is published to get tested by human delivery experts or key users. Finally, the preview packages are released to production to be deployed on thousands of devices.

RealmJoin Portal

When working with the Intune product group and their design of a modern packaging system for Win32 applications, it was obvious that their package format was nearly identical to the approach we have used for the last two years. And because of the automation system we’ve designed to create packages, we did not need to change anything in the sources but instead transformed the automation code to create the new .intunewin package format. We publish the packages directly into the Intune backend by using a pre-release of the Microsoft Graph API for Intune.This made it possible to offer hundreds of ready-to-deploy packages to a diverse customer audience that are interested in removing the barriers of an on-premise bound deployment, in favor of a 100% cloud managed Windows 10 experience.

The Product

RealmJoin is an enterprise ready SaaS infrastructure that supports AutoPilot, Azure AD, and Intune based Windows deployments, with the necessary companion technology to complete the cloud management picture of modern workplace deployments. While Intune was already great in managing lots of aspects in these scenarios a bunch of missing pieces like seamless Bitlocker rollout, asset and license inventory, legacy identity headaches, and most important the deployment of Win32 applications, was not ready for large scale deployments. RealmJoin solves these issues with an AzureAD/Intune integrated combination of a cloud based, multi-tenant operations backend, a lightweight client agent, and a package factory with a peer2peer-enabled CDN. Also, the package management allows application installation on thousands of machines worldwide with moderate bandwidth by using peer caching and offering all necessary extras like dependencies, staggered deployments, and managing the compliance state of devices.

RealmJoin Portal

With the release of the new Intune package format in October, the RealmJoin SaaS solution will offer the same companion features to the native Intune deployment ecosystem. A modern workplace deployment will be possible with no on-premise dependency by using the AzureAD and Intune in combination with the RealmJoin offered Intune packages. But this journey will not end by deploying the software - the whole lifecycle is cloud managed in an intuitive web portal with full insights about the health and state of all systems and easy assignment of software to AzureAD groups within one dashboard. This is also a great approach to separate the levels of administration, and gives first and second level support with the tools they need without the learning curve of a full blown Azure portal.

RealmJoin Portal

The RealmJoin App Store for Microsoft Intune helps to fast start any new project with predictable time and budget. But not only the pre-packaged applications are available for a fixed price. Also the Packaging-as-a-Service offering we provide for all modern workplace projects is a fixed price per package agreement to make your Windows 10 migration a safe and predictable project.

Along with the RealmJoin App Store, there are a few other products worth mentioning.

The migration to Windows 10 is well supported by great Microsoft Offerings, like Windows Analytics. However, when theory meets reality there are always some road-blockers. One issue we currently see is around documents and particularly PST files on local disks. RealMigrator is another SaaS product that helps to get the local data safely and silently migrated. And with Konnekt we provide for Citrix and the Virtual Desktop world, one can integrate OneDrive OnDemand and SharePoint/Office 365 group access without the headaches of massively synced data.

Next Steps

If you’re interested in the cloud approach of modern workplaces, we are happy to get in contact with you. We’ve also provided a Website intunewin.com and tweet at @intunewin to consolidate all information about the new Intune Win32 application deployment capabilities.