Deploying Team Viewer with Intune

The scenario: you have computers that are only bound to AzureAD and you need to deploy a customized version TeamViewer to those computers. Me too! Here’s what I did.

Create the Custom Module & Policies

Log into to www.teamviewer.com

On the left hand side of the screen, choose Design & Deploy

You’ll see two tabs: Custom Modules and Policies.

The Policies tab has the custom settings used by the client (such as whitelisting, auto-starting, and auto-adding to groups).

Each custom module can only use one “Policy,” but each policy can have all possible settings. If you need to create a new policy, use the “Add policy” button at the top of the screen.

To change a policy, click the edit button next to the one of the policies. (The “enforce” checkbox for each setting prevents the end-user from being able to change that setting). These policies are checked by the client during installation.

Once the policy is setup, go to the Custom Modules tab. Create a new module with the Add Custom Module button or click the edit button on a existing module.

Customize the look of the TeamViewer app however you’d like.

Make sure the TeamViewer policy selected is the correct one from the Policies tab and you’ve selected the group you would like the devices added to under the “Automatically add computers to a group in your Computers list.”


Copy the API token and the Configuration ID. You will need these when creating the app in Intune.

Click the “Download MSI” link as well. Without any options, this MSI will just do a basic TeamViewer Host installation. Only when passed your configuration ID and API token during installation will it give you the customized client and add itself to your TeamViewer groups.

Package the Installer

The MSI file will come in a zip file; unzip it. Inside you will find two more folders: Full and Host. Go into the Host folder and copy the TeamViewer_host.msi file into another folder. I named mine “teamviewer-host”. Make sure there is nothing else in that folder.

If you haven’t already, download a copy of the Microsoft Win32 Content Prep Tool from https://github.com/Microsoft/Microsoft-Win32-Content-Prep-Tool

Open Windows Terminal or a command prompt and run:

IntuneWinAppUtil.exe -c <folder with the msi it in> -s TeamViewer_Host.msi -o <where you want the package file saved>

So for me, I had IntuneWinAppUtil.exe on the desktop and wanted the package file there as well, so I ran:

.\IntuneWinAppUtil.exe -c .\teamviewer-host\ -s TeamViewer_Host.msi -o .

Once you have done so, you will have a file called TeamViewer_Host.intunewin that can be uploaded to Intune.

Create & Deploy in Intune

Go to https://endpoint.microsoft.com

Choose Apps->All Apps

Click the Add Button

Choose the App Type “Windows app (Win32) then click Select at the bottom of the screen.

Choose the TeamViewer_Host.intunewin file you created (Firefox may have trouble doing the upload. If so, use another browser)

On the Program step change the install command from:

msiexec /i "TeamViewer_Host.msi" /q

To:

msiexec /i "TeamViewer_Host.msi" /qn CUSTOMCONFIGID=[configuration id] APITOKEN=[API Token] ASSIGNMENTOPTIONS="--grant-easy-access"

(Don’t include the brackets [ ])

Choose 64bit Windows 10 under the Requirements

Under Detection Rules choose “Manually configure detection rules”

Click + Add

Choose MSI for rule type. Intune will automatically enter the correct MSI Product code. Keep “MSI Product version check” as “no” so that the app won’t re-install if upgrades are done on the client side.

No Dependencies are needed.

Finally, assign it to whatever device groups you need. Devices in those groups will automatically download the TeamViewer Host app as well as place an icon called TeamViewer on the desktop.

That’s it! Your custom TeamViewer host should install on the selected devices and be ready for remote management.

Tracking Down AzureAD Device Sign-Ins

I recently needed to track down who had recently used a device bound to AzureAD. We don’t tend to make use of the Primary User field, since our devices tend to be handed out in bulk to large groups of people at once, rather than one-at-a-time. This meant I had to track down who was using which device in a more roundabout method.

To accomplish this, you’ll need to use both Microsoft Graph and Microsoft Endpoint Manager.

Lookup the Device ID

First you’ll need Azure’s device ID for the computer.

Go to https://endpoint.microsoft.com

Click Devices on the left then Windows Devices.

Search for the device you are looking for.

Click on it

In the address bar of the browser, the last part of the URL will be the device ID. Select and copy it.

Query Device Sign-In Information

Now that you have the Device ID, you can lookup the login history using Microsoft Graph.

Go to https://developer.microsoft.com/en-us/graph/graph-explorer

Make sure to sign into graph, or you’ll only see the sample data.

Query type: GET

Version: beta

URL: https://graph.microsoft.com/beta/deviceManagement/managedDevices/[device ID here]

Click Run Query

You’ll only see the first several lines, which probably won’t show the logged on users.

Click the Expand button

Scroll down to where it says usersLoggedOn then select and copy the ID inside of the quotes.

Go back to Endpoint Manager

Click Users on the left.

Paste the user ID into the search field. This should tell you the name of the user who logged into that device. If there were multiple people recently signed in, they’ll all be in the usersLoggedOn array.

Fixing KRDC VNC Scaling

I’m going to show you how to fix a problem that’s driven me crazy literally for years.
If you’re using KRDC to remotely access a computer with VNC, the Scale button, by default, does nothing.
It’s actually a super easy and kind of silly fix. If you prefer video, see my YouTube video on this embedded at the bottom.

If you click the Scale button nothing happens


If you look at the KRDC config file you can see that scaling defaults to 100.

~/.config/krdcrc


For some reason, this causes the scaling button to do nothing.
To fix this, you could hand edit the krdc config file every time you have a new connection, or, you can just add the Scaling Factor action to the toolbar.

Go Settings then Configure Toolbars


Scroll down and select Scaling Factor
Click the right arrow to add it to the toolbar
Click the up arrow to put it next to Scale
Click OK

If you click Scale, still nothing happens.
Turn Scale on and then drag the slider and scaling will start working!

Turn on Scale and adjust the slider


At this point you won’t have to drag the slider anymore.
Once scale is off of its default value, the scale button works as expected. Simply do this for every new VNC client you connect to.

If you prefer video, follow along here:

Fix for Android SDK Errors in Unity on Linux

When I add Android support for Unity on Linux as an additional module in Unity Hub, I find that Unity is unable to the SDK.

The problem appears to be that Unity does not set the binaries included as executable after extracting. I believe this may be fixed on newer versions of the Editor, but this is an issue for me on 2020.3.28f1.

The simple fix is to make all files in the AndroidPlayer executable. If Unity is open, close it.

Open Konsole or another terminal app.

cd ~/Unity/Hub/Editor/[Unity version]/Editor/Data/PlaybackEngines/AndroidPlayer
find . -type f -exec chmod +x {} \;

When you re-launch Unity, it should have no problem using the Android SDK.

VS Code Namespace Not Found With New Unity Input System

If you’re switching to the new Unity Input System and using Visual Studio code, you’ll probably hit the hiccup I did.

After switching back-ends, you’ll find that you’re not able to use the new namespace. If you try, you’ll get “namespace not found.”

using UnityEngine.InputSystem;

To fix this, you’ll simply need to create the csproj file so VS Code knows to use the new assembly.

In Unity Editor go to Edit->Preferences
Choose “External Tools”
Click the “Regenerate project files” button

After that, VS Code should recognize the new UnityEngine.InputSystem namespace!

Native KDE File Dialogs in Firefox

One of my favorite things about running KDE’s own distro, KDE Neon, is how it defaults to using the KDE file UI in Firefox. I’m not sure why Kubuntu and Fedora KDE don’t know this, but it’s easy enough to configure.

Installation

The magic behind this is Firefox’s ability to use an XDG desktop portal. You probably already have the KDE XDG desktop portal installed, but if not, simply run:

Fedora
sudo dnf -y install xdg-desktop-portal-kde
Kubuntu
sudo apt install xdg-desktop-portal-kde

Configuring Your Shell

Next, we tell GTK apps, like Firefox, to use the KDE file dialogs if they’re able. We do that by setting in a variable in either our ZSH or BASH configuration (whichever your default shell is).

ZSH
echo export GTK_USE_PORTAL=1 >> .zprofile
BASH
echo export GTK_USE_PORTAL=1 >> .profile

Now just log out and back in and you get should native KDE file dialogs when saving or opening files with Firefox!

Thunderbird Flatpak & GTK Themes

One of the reasons I switched to Fedora recently was it’s support for Flatpaks. Sure they’ll work anywhere, but having them be such a big part of Fedora (check out Fedora Kinoite) really intrigued me. I love the idea of having the same version of apps across distros that’s also the latest (or nearly) version of the app.

I also like when every app looks like it’s part of the same ecosystem. The KDE and Gnome devs have done an awesome job of that by making themes that work in both GTK and Qt (KDE) apps. Unfortunately, Flatpak apps using GTK on KDE don’t automatically use the theme you’ve set in System Settings.

To fix that, I’ll show you how you can use the Flatseal app to set the GTK them for Flatpak apps. You can do this through the shell for individual apps and universally, but I prefer this way to give myself flexibility.

I’m assuming you’re using Breeze or Breeze-Dark here. Otherwise, substitute with the theme you are using. If the theme you are using is not in flathub, you might need to choose one that is.

sudo flatpak install org.gtk.Gtk3theme.Breeze
sudo flatpak install org.gtk.Gtk3theme.Breeze-Dark

Install the Flatseal app from flahub as well:

sudo flatpak install com.github.tchx84.Flatseal

Open the Flatseal app and choose Thunderbird on the left.
Scroll down to the variables section, slick the + symbol, and add:

GTK_THEME=Breeze-Dark

The next time you start Firefox it should be using the Breeze Dark Theme! You can do this for any flaptak app that uses GTK.

Fedora & Plasma Tips

I’m a serial distro jumper. I have been as far back as I can remember. I’d been on Kubuntu for quite a while, happy as can be, which obviously made me bored. With all the hype surrounding Fedora 35, I thought I’d give it a whirl! In a sense, it’s “coming home” for me: I started out on Mandrake way back in the late 90s followed by RedHat and Fedora Core for quite some time. So far, I’m loving Fedora! Here’s some quick tips and tricks I used to make Fedora my own.

ZFS Encrypted Home Directory

I love ZFS and disto-hopping, so using ZFS on a separate drive as my home directory was a no brainer! Here’s my guide on how you can set this up on Fedora or Ubuntu/Kubuntu.

KDE Native File Dialogs in Firefox

RPMFusion

RPM Fusion is where many of the apps and utilities you’ll want to use, but Fedora can’t/won’t distribute, live. Amongst these are the NVIDIA propriety drivers, HEIF support, etc.

RPMFusion is more or less “official” and is often referenced in the Fedora documentation. You can fairly safely add this repository without fear of configuration explosions or security risks.

Click this link, and choose your version of Fedora under the Graphical Setup heading: https://rpmfusion.org/Configuration

Flathub

One of the great things about Fedora is it’s becoming built around the idea of having all of your apps installed as Flatpaks. This increases system security, ensures you always have the latest versions of apps, and make it easy to always run the same version of apps across multiple distros. This is really handy if you’re sharing files across distros.

While Fedora hosts many Flatpacked (I think that’s a verb) apps on their infrastructure, I prefer Flathub which tends to be a bit more up-to-date, has more apps, and is available on pretty much every distro available.

Here’s Flathub’s instructions on how to make their apps available in Fedora: https://flatpak.org/setup/Fedora/

Flatseal

(coming soon)

HEIC/HEIF Images in Gwenview & Dolphin

Gwenview is KDE’s default image viewer. It’s a great application, but it’s missing HEIF image support out-of-the-box. If you have an iPhone, this probably the format all of your photos are stored in. Luckily, adding HEIF support fore Gwenview is very simple in Fedora!

First, make sure to install the RPM Fusion repository. Instructions are above: https://www.shernet.com/linux/fedora-and-plasma-tips/#rpmfusion

Next, run the lines below to update your repository database and install the plugin.

sudo dnf update
sudo dnf install qt-heif-image-plugin

Now that you have support for HEIC/HEIF installed, you can configure Dolphin to show image previews.

sudo nano /usr/share/kservices5/qimageioplugins/heic.desktop

Paste in the following:

[Desktop Entry]
Type=Service
X-KDE-ServiceTypes=QImageIOPlugins
X-KDE-ImageFormat=heic
X-KDE-MimeType=image/heic
X-KDE-Read=true
X-KDE-Write=true

sudo nano /usr/share/kservices5/qimageioplugins/png.desktop /usr/share/kservices5/qimageioplugins/heif.desktop

Paste in the following:

[Desktop Entry]
Type=Service
X-KDE-ServiceTypes=QImageIOPlugins
X-KDE-ImageFormat=heif
X-KDE-MimeType=image/heif
X-KDE-Read=true
X-KDE-Write=true

sudo nano /usr/share/kservices5/imagethumbnail.desktop

Add to the end of MimeTypes:

image/heic;image/heif;

Finally, log out and back in.

Thunderbird

Date/Time

For reasons I still can’t suss out (and I had these same issues with Kubuntu and Thunderbird installed from apt), I always end up with 24 hour dates in the mail list. Now, arguments over the best format aside, I’d really just like to see them as eg: 2:15 PM.

To fix this, 1st open Thunderbird then go to Preferences. Scroll to the bottom and click “Config Editor.”

Type in: intl.date_time.pattern_override.time_short
Click the “+” symbol to add a new config and choose “string”
Set it to: h:mm a

You can find all of your options here: https://support.mozilla.org/en-US/kb/customize-date-time-formats-thunderbird

Hiding the GRUB Boot Menu

(coming soon)

Unity3D

If you using Unity3D, you may find you have issues with Visual Studio Code, Omnisharp, and the version of mono that comes with Fedora. Here’s my quick fix:

That’s all! I hope you found some of these tips and tricks useful and enjoy what I’m finding to be a fantastic distro!

ZFS Home Directory

I tend to hop from Linux distro to Linux distro. One of the things that makes doing so much easier is keeping my home folder on a separate disk. That way I can re-install distributions to my heart’s content without fear of losing my files and settings.

I’m also a big fan of ZFS (ZFS on Ubuntu Server). That means jumping through a few extra hoops to setup ZFS on a separate drive as well as re-importing the zpool every time I swap distributions, but I find it’s well worth it. Here’s a handy guide on how to do just that! I’ll be showing the steps for Fedora and Kubuntu, but they should generally apply to other distros as well.

Disclaimer: I’ve not a ZFS expert, but these steps have worked very well for me on multiple systems. YMMV.

One quick note: ZFS works best with plenty of RAM (it will use everything available to keep data cached). If you are on a RAM-limited system, you can do something similar with encrypted XFS or EXT4.

Pre-Step: Setup Encrypted Home Drive

I’ll be configuring ZFS to use an encryption key stored on the root drive. This is only secure if the root drive is also encrypted. Make sure when you install Linux you tell the installer to use drive encryption.

It will look like this in Fedora:

Encrypted root drive in Fedora

And like this in Ubuntu:

Encrypted root drive in Kubuntu

You’ll be asked to set a password that’s used to encrypt your root drive. You cannot change this password and you’ll be asked to enter this password every time you boot your computer, so make sure you do not forget it!

Don’t worry about configuring your 2nd drive with your home folder during the installation. I find it’s much easier to have the distribution do it’s typical install, then go back and mount your new /home. Just make sure that you create yourself as an administrator or have a root password set.

Once you’ve installed your new distro, reboot into it, but don’t log in. Your computer will get grumpy if you’re logged into a desktop environment while swapping out your home directory.

Press Control-Alt-F3 to get to a terminal window then log in as yourself if you made your account an administrator, or ‘root’ if you did not.

ZFS Installation

Fedora

Make sure Fedora up-to-date

sudo dnf -y update

If there are any updates, reboot (sudo reboot), press Control-Alt-F3, and log back in.

Install ZFS for Fedora by following the official steps below, do not use the zfs-fuse package included with Fedora: https://openzfs.github.io/openzfs-docs/Getting%20Started/Fedora/index.html

Kubuntu/Ubuntu
sudo apt install zfsutils-linux

Creating a New Home Drive

If you already have created a home drive and are re-attaching after re-installing Linux, skip to Importing an Existing Home Drive.

To make things easier, I’ll be running all of the commands as root by first running:

sudo -s

Create an encryption key that will be used to encrypt and decrypt your home drive. Make sure this is only stored on an encrypted root drive and that you have backed up this key somewhere safe. If you lose this key you will lose all access to your drive. You’ve been warned 😉

dd if=/dev/urandom of=/etc/home.key bs=32 count=1 && chmod 600 /etc/home.key

Next you’ll need to find out the name of your drive. Since easy names (e.g. sda, sdb) can change, we want to set it up by something that will not change. I’ll be using the device’s physical location.

Let’s make sure we know which drive has Linux installed on it, and which is going to be used for our home drive, by runing:

lsblk

This will list all of your drives (also called block devices), any partitions on them, and where those partitions are mounted. My output (on a virtual machine) looks like the following. On real hardware, your devices will probably be called sda and sdb (if they’re SATA), or nvme0n1 and nvme1n1 (if they’re nvme):

NAME                                          MAJ:MIN RM  SIZE RO TYPE  MOUNTPOINTS
sr0                                            11:0    1    2G  0 rom    
zram0                                         251:0    0  5.8G  0 disk  [SWAP]
vda                                           252:0    0   64G  0 disk   
├─vda1                                        252:1    0    1G  0 part  /boot
└─vda2                                        252:2    0   63G  0 part   
 └─luks-a954d91b-fda3-4c22-90a6-2b35554129b1 253:0    0   63G  0 crypt /home
                                                                       /
vdb                                           252:16   0  128G  0 disk  

I can see here that my disk with Linux installed on it is called vda, since it has multiple partitions (vda1 and vda2) that are all mounted (as /boot and /). The disk with nothing installed on it is vdb. Therefore, I’ll need to check the physical location of vdb. Please comment below if you’re having trouble figuring out which drive is which and I’ll try to give you a hand!

To list all disks by their location, run:

ls -lh /dev/disk/by-path/

The result will look something like this:

total 0
lrwxrwxrwx. 1 root root  9 Jan 28 09:42 pci-0000:00:1f.2-ata-1 -> ../../sr0
lrwxrwxrwx. 1 root root  9 Jan 28 09:42 pci-0000:00:1f.2-ata-1.0 -> ../../sr0
lrwxrwxrwx. 1 root root  9 Jan 28 09:42 pci-0000:07:00.0 -> ../../vda
lrwxrwxrwx. 1 root root 10 Jan 28 09:42 pci-0000:07:00.0-part1 -> ../../vda1
lrwxrwxrwx. 1 root root 10 Jan 28 09:42 pci-0000:07:00.0-part2 -> ../../vda2
lrwxrwxrwx. 1 root root  9 Jan 28 09:42 pci-0000:08:00.0 -> ../../vdb

This tells me that the path I’ll be using is /dev/disk/by-path/pci-0000:08:00.0, since that’s the one that’s being called vdb (see the end of the last line).

We’re finally ready to create our ZFS filesystem! First we create a zpool that encompasses all of the drives we’ll be using (we’ll just be using one, but ZFS can be mirrored or RAIDed in more advanced setups).

The command we’ll run is:

zpool create homepool -O xattr=sa -O acltype=posixacl -O atime=off -O compression=lz4 -O encryption=aes-256-gcm -O keyformat=raw -O keylocation=file:///etc/home.key -o ashift=12 /dev/disk/by-path/[your disk here]

Here’s what some of those options mean:
ashift=12 : This specifies the drive’s block size. From what I’ve cobbled together, use the number 12 for most use cases unless it’s a Samsung NVME or you know your drive uses 8K clusters. In that case, use 13.
homepool: this is the name we’ve given to the zpool. You can use something else if you’d prefer.
compression=lz4: This compresses all data, increases the performance of ZFS, and essentially costs no additional CPU resources. More information here: https://www.servethehome.com/the-case-for-using-zfs-compression/
encyption=aes-256-gcm: Use AES 256 GCM encryption which is both highly secure and hardware accelerated

Now, let’s check out that brand new zpool!

zpool status

You should see something like this:

  pool: homepool
 state: ONLINE
config:

        NAME                STATE     READ WRITE CKSUM
        homepool            ONLINE       0     0     0
          pci-0000:08:00.0  ONLINE       0     0     0

errors: No known data errors

A zpool is a container for filesystems. Now that we’ve got one, we can create a filesystem where our home drive will live. In all of the steps below, replace [user] with your username.

zfs create homepool/[user]

To see information on this new filesystem, you can run:

zfs list

Now, let’s replace our old home drive (that was created when Linux was installed) with the filesystem on our second drive:

cd /home
mv /home/[user] /home/[user].bak
mkdir /home/[user]/
zfs set mountpoint=/home/[user] homepool/[user]
zfs set mountpoint=none homepool
chmod --reference=/home/[user].bak /home/[user]
mv /home/[user].bak/* /home/[user]/
mv /home/[user].bak/.* /home/[user]/
rmdir /home/[user].bak
chown -R [user]:[user] /home/[user]
#For Fedora and other distros with selinux, run the next line too:
restorecon -vR /home

Linux doesn’t yet load keys for encrypted zfs mounts automatically. You’ll need to create a simple service to automatically load zfs encryption keys on boot.
Like most good things, this is from the Arch Linux wiki: https://wiki.archlinux.org/title/ZFS#Unlock_at_boot_time:_systemd
You MUST do this before you reboot or you will not be able to log in graphically. If you forget, press Control-Alt-F3 and log into the console.

nano /etc/systemd/system/zfs-load-key.service

Type in the following (if you’re uncomfortable typing by hand, you should be able to switch to the graphical login (Fedora: Control-Alt-F2, *buntu Control-Alt-F1) and copy paste).

[Unit]
Description=Load encryption keys
DefaultDependencies=no
After=zfs-import.target
Before=zfs-mount.service

[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/sbin/zfs load-key -a
StandardInput=tty-force

[Install]
WantedBy=zfs-mount.service

Next, tell Linux to start the new service every time it boots:

systemctl enable zfs-load-key

Finally, reboot and log in normally to make sure everything works as anticipated:

reboot

Now you should have a fully functioning install with encrypted ZFS home directory! Remember to backup /etc/home.key somewhere secure that *isn’t* in your home directory, since you’ll need to copy this key back any time you re-install Linux. I’d recommend an encrypted USB key.

If you have multiple users, you can follow those same steps to create a zfs filesystem for each of them in zpool you created.

Steam

If you use Steam and want to keep your game installations separate so they don’t get backed up with zfs snapshots, you can create a separate filesystem for it.

mkdir -p /home/[user]/.local/share/Steam
sudo zfs create homepool/[user]/steam -o mountpoint=/home/[user]/.local/share/Steam

Importing an Existing Home Drive

Only follow these steps if you’ve re-installed Linux. They aren’t necessary if you just created a new zpool above.

After you’ve re-installed Linux, make sure you complete ZFS Installation above. Once those are done, you can proceed from here.

If you are not the root user yet, run:

sudo -s

Next, you’ll need to copy your backed up key to /etc/home.key

If it’s stored on an encrypted flash drive, it may be easiest to log in graphically, restore the file, then log out and return the console with Control-Alt-F3.

Once it’s restored, make sure it still has the correct permissions

chown root:root /etc/home.key && chmod 600 /etc/home.key

Rename your existing home directory:

cd /home
mv /home/[user] /home/[user].bak
mkdir /home/[user]
chmod --reference=/home/[user].bak /home/[user]
chown [user]:[user] /home/[user]

List all zpools the system can find for import:

zpool import

You should see your homepool listed

   pool: homepool
     id: 16378698673868876678
  state: ONLINE
 action: The pool can be imported using its name or numeric identifier.
 config:

        homepool            ONLINE
          pci-0000:08:00.0  ONLINE

You can now import it by name and mount the zfs filesystems:

zpool import homepool

Before the filesystems can be mounted, we’ll need to create and enable the ZFS key loading service.

nano /etc/systemd/system/zfs-load-key.service

Type in the following:

[Unit]
Description=Load encryption keys
DefaultDependencies=no
After=zfs-import.target
Before=zfs-mount.service

[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/sbin/zfs load-key -a
StandardInput=tty-force

[Install]
WantedBy=zfs-mount.service

Next, tell Linux to start the new service every time it boots, and start it now:

systemctl enable --now zfs-load-key

Finally, we can mount all of the zfs filesystems:

zfs mount -a

You can confirm they are mounted by typing:

mount

The last line of the output should be something similar to:

homepool/adam on /home/adam type zfs (rw,noatime,seclabel,xattr,posixacl)

If you’re on Fedora, be sure to run the following to make selinux happy:

restorecon -vR /home

Reboot and log in. Since all of your personal settings are saved to your home drive, everything should be exactly how you left it!

Memory Usage

If you find ZFS is using too much memory (apps keep crashing), you can adjust how much RAM ZFS uses for its cache (how much of your drive it keeps in memory for quick access).

To test different settings, set the maximum arch size in bytes and then clear the cache. This setting is temporary, so if you run intro trouble, just reboot.

sudo echo "8589934592" > /sys/module/zfs/parameters/zfs_arc_max
sudo echo 3 > /proc/sys/vm/drop_caches

Once you’ve found a size that works for you, you can set the size permanently.

sudo echo "options zfs zfs_arc_max=8589934592" >> /etc/modprobe.d/zfs.conf

Unity3d On Fedora

I recently switched from Ubuntu to Fedora and realized that Omnisharp in VS Code for Unity3D projects was not working correctly, even with Use Global Mono set to Always.

The fix ended up being simple: even though they are the same version, install Mono from the mono project’s repository, not Fedora’s.

First: Install mono from here:
https://www.mono-project.com/download/stable/#download-lin

Then, open VS Code and go to settings. To make this change for all projects, click User. To change for just this project (which I’d recommend) click Workspace. This will allow you to do your regular .Net development using the built-in mono (and eventually .Net Core).

Set Omnisharp: Use Global Mono to “always.”

That’s it! That should do the trick.

Deploying AutoDesk AutoCAD with Intune

AutoDesk’s AutoCAD is the next piece of software I’m deploying via Intune that was clearly never designed to be. It took a few tries, but I believe I’ve got the process down. I hope this makes your life much easier!

The directions here are for AutoCAD, but they should apply to any of the AutoDesk products (Architect, etc.).

Update: AutoDesk has changed how their packaging works for AutoDesk 2022 products. You must create a deployment from their website rather than the downloaded installer. I’ll have an updated guide for AutoCAD 2022 over the summer! https://knowledge.autodesk.com/customer-service/network-license-administration/network-deployment/creating-deployment/create-deployment

Create the Custom Installation Package

Log into the AudoDesk management site at https://manage.autodesk.com

Download the AutoCAD 2019 x64 installer.

Installer from the AutoDesk website

There’s 4 levels of installer we’ll be dealing with.
1) The installer you download AutoDesk’s website. This is just a self-extracting, compressed version of the actual installer. I’ll call this “the downloaded installer.”
2) The actual installation files that get extracted. I’ll call this “the extracted installer.”
3) The installation package you’ll create from the extracted installer. I’ll call this the “installation package.”
4) The intunewin file you’ll generate that actually gets uploaded to Intune.

Run the downloaded installer to extract the installation files.

Go to the extracted installer folder and run setup.exe .

Choose “Create Deployment.”

The AutoCAD 2019 Installer

Give your deployment a name without any spaces. This name will automatically be used to create the installation .ini file that will contain the setup information such as your serial key. You’ll need to know this name later.

You can only create a deployment to a network share. Since we’re using Intune, this isn’t relevant, so we’ll pick the hidden C: drive share to specify your local computer. Choose \\localhost\c$\users\[your username]\Desktop\autocad .

Disable the “Create a network log file” since this won’t be running off your LAN.

The AutoCAD 2019 Installation Packager Creator

Choose which components you’d like to install. If your users are not administrators on their machines, I’d recommend disabling AutoDesk Desktop since they won’t be able to use any of its functionality.

If you’re using a license key and serial, enter it.

Wait for the installation package to be created.

Package the Installer

If you haven’t already, download a copy of the Microsoft Win32 Content Prep Tool to your Downloads folder from https://github.com/Microsoft/Microsoft-Win32-Content-Prep-Tool

Open Windows Terminal or PowerShell. Change directory into the directory just above the autocad folder you create for the network installation.

For me that’s:

cd ~/Desktop

Tell the Intune prep tool to create a package from the autocad directory, use the Setup.exe located in the img folder, and save the package to your current directory:

~/Downloads/intuneapputil.exe -c .\autocad\ -s img\Setup.exe -o .

The package will be named setup.intunewin . Since that’s not very helpful, rename it to something that is.

mv setup.intunewin autocad2019.intunewin

Create & Deploy in Intune

Log in to Intune device management at: https://endpoint.microsoft.com

Choose Apps->All Apps

Click the Add Button

Choose the App Type “Windows app (Win32) then click Select at the bottom of the screen.

Choose the autocad2019.intunewin file you created.

On the Program step change the install command to:

Img\Setup.exe /W /q /I Img\[deployment name].ini /language en-us

In my case, it’s:

Img\Setup.exe /W /q /I Img\autocad2019.ini /language en-us

(you can double check the name of your ini file by looking in the autocad\img folder)

For the uninstaller, this is a bit of a kludge since it only uninstalls the main component, not the rest. For me, this is sufficient. You can customize yours by checking out all of the options in the autocad\sms_sccm scripts\[deployment name]_Uninstall.txt file.

msiexec /uninstall {28B89EEF-2001-0409-2102-CF3F3A09B77D}

Choose 64bit Windows 10 under the Requirements

Under Detection Rules choose “Manually configure detection rules”

Click + Add

Choose MSI for rule type and enter the product code for AutoCAD 2019: {28B89EEF-2001-0409-2102-CF3F3A09B77D}

No Dependencies are needed.

Finally, assign it to whatever device groups you need. Devices in those groups will automatically download and install AutoCAD 2019. Alternatively, you can assign it to user groups and those users can install AutoCAD from the Company Portal app.

That’s it; good luck!

-Adam