Deploying Team Viewer with Intune

The scenario: you have computers that are only bound to AzureAD and you need to deploy a customized version TeamViewer to those computers. Me too! Here’s what I did.

Create the Custom Module & Policies

Log into to www.teamviewer.com

On the left hand side of the screen, choose Design & Deploy

You’ll see two tabs: Custom Modules and Policies.

The Policies tab has the custom settings used by the client (such as whitelisting, auto-starting, and auto-adding to groups).

Each custom module can only use one “Policy,” but each policy can have all possible settings. If you need to create a new policy, use the “Add policy” button at the top of the screen.

To change a policy, click the edit button next to the one of the policies. (The “enforce” checkbox for each setting prevents the end-user from being able to change that setting). These policies are checked by the client during installation.

Once the policy is setup, go to the Custom Modules tab. Create a new module with the Add Custom Module button or click the edit button on a existing module.

Customize the look of the TeamViewer app however you’d like.

Make sure the TeamViewer policy selected is the correct one from the Policies tab and you’ve selected the group you would like the devices added to under the “Automatically add computers to a group in your Computers list.”


Copy the API token and the Configuration ID. You will need these when creating the app in Intune.

Click the “Download MSI” link as well. Without any options, this MSI will just do a basic TeamViewer Host installation. Only when passed your configuration ID and API token during installation will it give you the customized client and add itself to your TeamViewer groups.

Package the Installer

The MSI file will come in a zip file; unzip it. Inside you will find two more folders: Full and Host. Go into the Host folder and copy the TeamViewer_host.msi file into another folder. I named mine “teamviewer-host”. Make sure there is nothing else in that folder.

If you haven’t already, download a copy of the Microsoft Win32 Content Prep Tool from https://github.com/Microsoft/Microsoft-Win32-Content-Prep-Tool

Open Windows Terminal or a command prompt and run:

IntuneWinAppUtil.exe -c <folder with the msi it in> -s TeamViewer_Host.msi -o <where you want the package file saved>

So for me, I had IntuneWinAppUtil.exe on the desktop and wanted the package file there as well, so I ran:

.\IntuneWinAppUtil.exe -c .\teamviewer-host\ -s TeamViewer_Host.msi -o .

Once you have done so, you will have a file called TeamViewer_Host.intunewin that can be uploaded to Intune.

Create & Deploy in Intune

Go to https://endpoint.microsoft.com

Choose Apps->All Apps

Click the Add Button

Choose the App Type “Windows app (Win32) then click Select at the bottom of the screen.

Choose the TeamViewer_Host.intunewin file you created (Firefox may have trouble doing the upload. If so, use another browser)

On the Program step change the install command from:

msiexec /i "TeamViewer_Host.msi" /q

To:

msiexec /i "TeamViewer_Host.msi" /qn CUSTOMCONFIGID=[configuration id] APITOKEN=[API Token] ASSIGNMENTOPTIONS="--grant-easy-access"

(Don’t include the brackets [ ])

Choose 64bit Windows 10 under the Requirements

Under Detection Rules choose “Manually configure detection rules”

Click + Add

Choose MSI for rule type. Intune will automatically enter the correct MSI Product code. Keep “MSI Product version check” as “no” so that the app won’t re-install if upgrades are done on the client side.

No Dependencies are needed.

Finally, assign it to whatever device groups you need. Devices in those groups will automatically download the TeamViewer Host app as well as place an icon called TeamViewer on the desktop.

That’s it! Your custom TeamViewer host should install on the selected devices and be ready for remote management.

Deploying Autodesk AutoCAD 2023 with Intune

Hi everyone. Now that Autodesk has moved to a new method of creating custom installers for their products my older “Deploying AutoDesk AutoCAD 2019 with Intune” article needed some updating.

Below you’ll find the instructions to deploy any Autodesk application using Microsoft Intune and Endpoint Manager. I’ll be using AutoCAD 2023 in my examples, but the process should be similar for any Autodesk product that appears on the Custom Install screen.

In order to create a custom installer you’ll need to perform some customization steps through the Autodesk website, some in Windows, and finally some in Endpoint Manager.

Create the Custom Installation Package

Log into the Audodesk management site at: https://manage.autodesk.com/products/deployments

Click Custom Install

Click Create new

Under License Type choose Serial Number
Select the product you are looking to package
Click Next

Next to Package name, I’m going to use AutoCAD2023
You can use whatever you’d like, but choosing that will make sure your files look just like mine.

You can only create a deployment to a network share. Since we’re using Intune, this isn’t relevant, so we’ll pick the hidden C: drive share to specify your local computer. Choose \\localhost\c$\users\[your username]\Desktop\autocad .

You can uncheck the “Install Autodesk desktop app” if you won’t be using it.

Click Download

Run the downloaded file. This will create a folder on your desktop called autocad .

You may see messages like the below when installing. You can ignore them and click Continue.

Package the Installer

If you haven’t already, download a copy of the Microsoft Win32 Content Prep Tool to your Downloads folder from https://github.com/Microsoft/Microsoft-Win32-Content-Prep-Tool

Open Windows Terminal or PowerShell. Change directory into the directory just above the autocad folder you create for the network installation.

For me that’s:

cd ~/Desktop

Tell the Intune prep tool to create a package from the autocad directory, use the Installer.exe located in the image folder, and save the package to your current directory:

~/Downloads/intunewinapputil.exe -c .\autocad\ -s image\Installer.exe -o .

The package will be named Installer.intunewin . Since that’s not very helpful, rename it to something that is.

mv Installer.intunewin autocad2023.intunewin

Create & Deploy in Intune

Log in to Intune device management at: https://endpoint.microsoft.com

Choose Apps->All Apps

Click the Add Button

Choose the App Type “Windows app (Win32) then click Select at the bottom of the screen.

Choose the autocad2023.intunewin file you created.

Open the autocad folder on your desktop.

Right click on AutoCAD2023.bat and click Edit

Under the line

rem ========== Install the deployment silently ==========

Copy your installer version number.

Return to Endpoint Manager.

On the Program step change the install command to the following (making sure to use the version of the installer copied in the previous step):

image\Installer.exe -i deploy --offline_mode -q -o "image\Collection.xml" --installer_version "1.32.0.7"

For the uninstaller, this is a bit of a kludge since it only uninstalls the main component, not the rest. For me, this is sufficient.

The IdentifyingNumber seems to be the same regardless of version number, but to be sure, on a machine with AutoCAD 2023 installed, run the following in PowerShell.

Get-WmiObject -Class Win32_Product | where name -eq "AutoCAD 2023 - English"

Make the uninstall command like mine below, but making sure to use the IdentifyingNumber that you got above.

msiexec /uninstall 
{28B89EEF-6101-0409-2102-CF3F3A09B77D}

Choose 64bit Windows 10 under the Requirements

Under Detection Rules choose “Manually configure detection rules”

Click + Add

Choose MSI for rule type and enter the same identifier as above: {28B89EEF-6101-0409-2102-CF3F3A09B77D}

No Dependencies are needed.

Finally, assign it to whatever device groups you need. Devices in those groups will automatically download and install AutoCAD 2023. Alternatively, you can assign it to user groups and those users can install AutoCAD from the Company Portal app.

Thanks again for all of you that patiently waited for this while we got our licensing sorted with AutoDesk and the amazing staff there who got it all working for us.

Please feel free to leave me comments below and I’ll reply as soon as I can.

-Adam

KDE on Rocky Linux 9

Installing KDE on Rocky Linux 9 is easy, as long as you enable the right repositories. One of these have changed since Rocky Linux 8, so if you’ve found a RL8 guide online, you may have been stymied.

Install Rocky Linux and choose either Server with GUI or Workstation under software selection.

Make sure the account you created for yourself is an administrator.

After installation has completed, log in and open up a terminal app.

Add the EPEL Repository

sudo dnf -y install epel-release

PowerTools is now called CRB. This repository has many of the prerequisites that KDE needs.

sudo dnf config-manager --set-enabled crb

Update packages with the new repositories

sudo dnf -y update

Install KDE Plasma

sudo dnf group -y install "KDE Plasma Workspaces"

Disable the GNOME login screen an enable the KDE login screen

sudo systemctl disable gdm
sudo systemctl enable sddm

Reboot

sudo reboot

Once you reboot, you should be at the KDE login screen.

Make sure to choose Desktop Session: Plasma (X11) or Plasma (Wayland) from the login screen.

Enjoy KDE Plasma on Rocky Linux 9!

Fixing Unity3D Hub on Fedora

Unity3D isn’t officially supported on Fedora, only RHEL & Centos. It will work fine, it just needs a little tweak.

You can install Unity Hub by following the instructions for RHEL/Centos here: https://docs.unity3d.com/hub/manual/InstallHub.html#install-hub-linux

After doing so, you’ll probably get a blank screen:

Unity Hub Blank

If you run Unity Hub from the console you’ll see the following error:

ERROR: Licensing SDK logging callback is not registered. Please use 'registerLoggingAdapter' function from the SDK to do
so.
If you try running the licensing SDK directly you'll get this error:
/opt/unityhub/UnityLicensingClient_V1/Unity.Licensing.Client
No usable version of libssl was found
[1]    694717 IOT instruction (core dumped)  /opt/unityhub/UnityLicensingClient_V1/Unity.Licensing.Client

You can see from the error that Unity is looking for an older version of SSL that is present on RHEL/Centos systems, but not newer version of Fedora.

To fix this, just install a compatibility version of SSL and kill any running versions of Unity Hub

sudo dnf -y install openssl1.1 && killall -9 unityhub-bin

Once that’s done, Unity Hub should work as expected!
If you’re still having trouble, a full reboot should do the trick.

Unity Gamepad with UI Touch Support

This is probably a really simple topic, but it had me stumped for a bit, so I thought I’d post about it.

I have a Unity game I’m developing that I’m adding controller support to using the Unity Input System. One of the things I realized was that, when Unity detected that a gamepad/controller was connected, the UI stopped responding to touch.

The really simple fix is that Touchscreen needs to be added as an optional component to the Gamepad input settings.

First, find your Controls prefab and double-click it.

Click the drop-down next to All Controls and choose whatever you called your gamepad settings (I called mine Controller).

Click the dropdown next to Controller (or whatever you named this control scheme) and click Edit Control Scheme.

Gamepad should already be set to required.

Click the + icon, choose Touchscreen, and set it to optional.

That’s it! Now whenever a player connects a gamepad/controller they will still be able to use the UI in touchscreen mode.

Tracking Down AzureAD Device Sign-Ins

I recently needed to track down who had recently used a device bound to AzureAD. We don’t tend to make use of the Primary User field, since our devices tend to be handed out in bulk to large groups of people at once, rather than one-at-a-time. This meant I had to track down who was using which device in a more roundabout method.

To accomplish this, you’ll need to use both Microsoft Graph and Microsoft Endpoint Manager.

Lookup the Device ID

First you’ll need Azure’s device ID for the computer.

Go to https://endpoint.microsoft.com

Click Devices on the left then Windows Devices.

Search for the device you are looking for.

Click on it

In the address bar of the browser, the last part of the URL will be the device ID. Select and copy it.

Query Device Sign-In Information

Now that you have the Device ID, you can lookup the login history using Microsoft Graph.

Go to https://developer.microsoft.com/en-us/graph/graph-explorer

Make sure to sign into graph, or you’ll only see the sample data.

Query type: GET

Version: beta

URL: https://graph.microsoft.com/beta/deviceManagement/managedDevices/[device ID here]

Click Run Query

You’ll only see the first several lines, which probably won’t show the logged on users.

Click the Expand button

Scroll down to where it says usersLoggedOn then select and copy the ID inside of the quotes.

Go back to Endpoint Manager

Click Users on the left.

Paste the user ID into the search field. This should tell you the name of the user who logged into that device. If there were multiple people recently signed in, they’ll all be in the usersLoggedOn array.

Fixing KRDC VNC Scaling

I’m going to show you how to fix a problem that’s driven me crazy literally for years.
If you’re using KRDC to remotely access a computer with VNC, the Scale button, by default, does nothing.
It’s actually a super easy and kind of silly fix. If you prefer video, see my YouTube video on this embedded at the bottom.

If you click the Scale button nothing happens


If you look at the KRDC config file you can see that scaling defaults to 100.

~/.config/krdcrc


For some reason, this causes the scaling button to do nothing.
To fix this, you could hand edit the krdc config file every time you have a new connection, or, you can just add the Scaling Factor action to the toolbar.

Go Settings then Configure Toolbars


Scroll down and select Scaling Factor
Click the right arrow to add it to the toolbar
Click the up arrow to put it next to Scale
Click OK

If you click Scale, still nothing happens.
Turn Scale on and then drag the slider and scaling will start working!

Turn on Scale and adjust the slider


At this point you won’t have to drag the slider anymore.
Once scale is off of its default value, the scale button works as expected. Simply do this for every new VNC client you connect to.

If you prefer video, follow along here:

Fix for Android SDK Errors in Unity on Linux

When I add Android support for Unity on Linux as an additional module in Unity Hub, I find that Unity is unable to the SDK.

The problem appears to be that Unity does not set the binaries included as executable after extracting. I believe this may be fixed on newer versions of the Editor, but this is an issue for me on 2020.3.28f1.

The simple fix is to make all files in the AndroidPlayer executable. If Unity is open, close it.

Open Konsole or another terminal app.

cd ~/Unity/Hub/Editor/[Unity version]/Editor/Data/PlaybackEngines/AndroidPlayer
find . -type f -exec chmod +x {} \;

When you re-launch Unity, it should have no problem using the Android SDK.

VS Code Namespace Not Found With New Unity Input System

If you’re switching to the new Unity Input System and using Visual Studio code, you’ll probably hit the hiccup I did.

After switching back-ends, you’ll find that you’re not able to use the new namespace. If you try, you’ll get “namespace not found.”

using UnityEngine.InputSystem;

To fix this, you’ll simply need to create the csproj file so VS Code knows to use the new assembly.

In Unity Editor go to Edit->Preferences
Choose “External Tools”
Click the “Regenerate project files” button

After that, VS Code should recognize the new UnityEngine.InputSystem namespace!

Native KDE File Dialogs in Firefox

One of my favorite things about running KDE’s own distro, KDE Neon, is how it defaults to using the KDE file UI in Firefox. I’m not sure why Kubuntu and Fedora KDE don’t know this, but it’s easy enough to configure.

Installation

The magic behind this is Firefox’s ability to use an XDG desktop portal. You probably already have the KDE XDG desktop portal installed, but if not, simply run:

Fedora
sudo dnf -y install xdg-desktop-portal-kde
Kubuntu
sudo apt install xdg-desktop-portal-kde

Configuring Your Shell

Next, we tell GTK apps, like Firefox, to use the KDE file dialogs if they’re able. We do that by setting in a variable in either our ZSH or BASH configuration (whichever your default shell is).

ZSH
echo export GTK_USE_PORTAL=1 >> .zprofile
BASH
echo export GTK_USE_PORTAL=1 >> .profile

Now just log out and back in and you get should native KDE file dialogs when saving or opening files with Firefox!

Thunderbird Flatpak & GTK Themes

One of the reasons I switched to Fedora recently was it’s support for Flatpaks. Sure they’ll work anywhere, but having them be such a big part of Fedora (check out Fedora Kinoite) really intrigued me. I love the idea of having the same version of apps across distros that’s also the latest (or nearly) version of the app.

I also like when every app looks like it’s part of the same ecosystem. The KDE and Gnome devs have done an awesome job of that by making themes that work in both GTK and Qt (KDE) apps. Unfortunately, Flatpak apps using GTK on KDE don’t automatically use the theme you’ve set in System Settings.

To fix that, I’ll show you how you can use the Flatseal app to set the GTK them for Flatpak apps. You can do this through the shell for individual apps and universally, but I prefer this way to give myself flexibility.

I’m assuming you’re using Breeze or Breeze-Dark here. Otherwise, substitute with the theme you are using. If the theme you are using is not in flathub, you might need to choose one that is.

sudo flatpak install org.gtk.Gtk3theme.Breeze
sudo flatpak install org.gtk.Gtk3theme.Breeze-Dark

Install the Flatseal app from flahub as well:

sudo flatpak install com.github.tchx84.Flatseal

Open the Flatseal app and choose Thunderbird on the left.
Scroll down to the variables section, slick the + symbol, and add:

GTK_THEME=Breeze-Dark

The next time you start Firefox it should be using the Breeze Dark Theme! You can do this for any flaptak app that uses GTK.