The topic that we cover today seems pretty basic … but to be honest, Azure Role-Based Access Control (RBAC) is one of the mayor issues I see in most environments. So, let’s have a look how we can control access in Microsoft Azure… What are Roles in Azure?! When you are spinning up your first…
There are so many tutorials, step-by-step articles and descriptions in the WWW, how to configure the integration of Windows Store for Business
But most of them have been created in the “good old times”
Now with Azure AD in the new Azure Portal (Ibiza – ATTENTION still preview at the moment), the steps are the same to get your Store for Business connected to ConfigMgr but the User Interface had changed, so there are some new menus and settings. Also the Windows Store for Business UI has changed a bit over time
So today we will have a look into the steps in the new portals
STEP 1 – Azure AD Applikation and APP-Key
First we have to create a new application in Azure AD. This application is used later, to establish a connection between ConfigMgr and Store for Business. The important thing is not the application configuration itself, but the key and the app-id created, because these two will be required during configuration.
So actually it is not important to use a really existing Sign-On URL for your application
In the new portal you can create new apps here:
When creating this app, we have to choose a name (one you can remember and find, because you need it in the next steps) for the application and the Sign-On URL:
As soon as the application got created you can create the connection key in the “keys” menu. To do this you only need to give your key a description and choose a duration for the key.
IMPORTAN: You should consider changing the key at the right time. So maybe directly add the date of expiration to your calendar 🙂
The key is shown right after saving. It is important to copy the key at this moment, because you are not able to read the key after leaving this blade…
STEP 2 – Microsoft Store for Business – Configuration
As soon as you application is successfully created in Azure AD, you can head over to the Store for Business. Here you have to log in with you Company credentials. In the “Manage” menu you can check your actual permissions.
IMPORTANT: These permissions do not relate to ConfigMgr at all…
After this you should check if your store is configured for the usage of “Offline” Apps. Without this you will not be able to deploy Apps without Store Connection on the client
Now we have to register the newly created application as a management app in the settings…
…now search for you app name
after adding the application check if it is set to “Active” … otherwise the ConfigMgr cannot connect the store later
STEP 3 – Microsoft Store for Business – Apps
With these settings in place we can go ahead and “buy” some apps in the store. Some apps are only available in “Online” Mode…some apps are available also in “Offline” Mode
If you have added your required apps…you can finish your work in the ConfigMgr Console
STEP 4 – Integration into ConfigMgr CB 1702
the integration into System Center Configuration Manager is quite easy. In the Administration panel open “Cloud Services” and add a new Store for Business Account
put in you data here and set the application-id from the Azure Portal as the Client-ID
Now choose your required applications, but don’t be afraid…you can change this later
To finish the configuration trigger a sync with Store for Business
STEP 5 – deploy app with ConfigMgr
When the first sync is done you should see your license information filled in the application management area. here you can see, that there are some apps with “License Type” set to Online and some set to “Offline”
From this view it is easy to create a new application
If you create an application from an online app, it will result in an Application-Deeplink Installer:
When adding Offline Apps the full content and all required frameworks are downloaded in .appx or .appxbundle files. There are also multiple deployment types for different Windows Versions created.
In the application you can see all the frameworks. When installing Online Apps these are deployed through the store too
Integration Store for Business with the new Azure Portal and the new SfB UI is not very different. Only some Options are hidden in new places…
The administration of store apps is on a level now where enterprise can handle Store Apps with ConfigMgr in a good way.
Dieser Post ist auch verfügbar auf: German