Monday, January 24, 2022

Sharpe’s….Company Portal

Must read

avatar
Rudy Oomshttps://call4cloud.nl/
Rudy is a Modern workplace architect and currently working for a company in the Netherlands, called Deltacom Steenbergen. He has been working in IT since he was 16 years old. Within these years, he gained a lot of experience in different kinds of expertise. I guess like most of you, he started working with active directory environments. In June 2021 he received the MVP status in the category Enterprise Mobility for the first time. The multi-tenant PowerShell scripted Deltacom-Cloud environment is one of his creations.

In this blog, I am going to show you which 3 options you have when you want to make use of the Company Portal app. Also, I will point out the differences between the “Offline” and “Online” versions.

Because after reading the next question a lot of times:

“What’s the difference between offline and online apps? and which or when to use them”

I decided to write a blog about it, so here we go!

I am going to divide this blog into multiple parts

  1. How to add the Company Portal to Intune
  2. Adding the Company Portal App manually
  3. Differences between the Online and Offline version
  4. Taking a good look at the Company Portal App installation
  5. Conclusion

But before I am going to show you more about how to install the Company Portal app etc, please read my other blogs about WHY you need to use the Company Portal app

When we want to add the Company App to our Window 10 AADJ devices we have multiple options at our disposal.

Let’s start with the first Offline And Online company App Portal.

Before we can start deploying the Company Portal App, we first need to establish a connection between the Microsoft Store for Business and Intune/Endpoint Manager. Please beware the Microsoft Store will be retired in the first quarter of 2023, but let’s go further.

Open Intune and browse to Tenant administration/Microsoft Store for Business and click to open the business store.

Afbeelding met tekst  Automatisch gegenereerde beschrijving

First, we need to enable Offline Apps. We can do this by clicking on Manage/Settings and switching the button for “Show Offline Apps”. Do you notice that nice Yellow bar with a warning in it?

Now we still need to create the Intune connection. To do this, click on “Distribute” on the same screen and click on “Activate” Microsoft Intune.

Now we are almost ready, but we still need to add the App’s when we have created the connection. To do so, search for the Company Portal in the search bar and click on “get the app”.

Now we are done, don’t forget to click on the sync button on the Tenant Administration screen. When the apps are synced you will notice the Offline and Online Apps will be visible in the Apps section of Intune.

There is also another possibility to add the Company App Portal. When you have configured the Microsoft Store for Business, maybe you have clicked on the Offline Company App?

Afbeelding met tekst  Automatisch gegenereerde beschrijving

To go further, you need to download ALL of the packages first. After all the files are downloaded go Add a new LOB app. Because when you add a new LOB app, you will have the possibility to select/upload a .appxbundle

Afbeelding met tekst  Automatisch gegenereerde beschrijving

Now select the Company Portal app you downloaded earlier.

When you have added this app, you will also need to upload the Dependency App files.

After all, files are uploaded, a new LOB app will appear in the App section of Intune

Now we have seen the possibilities to add the Company Portal App, we still need to learn about the differences between the Offline and Online App versions.

So let’s take off our jacket and take a look at what in my opinion the 3 really biggest differences are between the Offline and Online Apps.

Sean bean GIF on GIFER - by Anabandis

Difference 1:

Offline Apps: These apps DON’T require the Microsoft Store to install the app.

Online Apps: These apps DO require the Microsoft Store to install the app

Difference 2:

But I am not done yet, as I need to point out another difference we need to beware off

Online Apps: Are Automatically updated by The Microsoft Business Store (Windows Store App)

Offline Apps: Are Managed by Intune and installed by the Intune Management Extension and NOT automatically updated on the device. When you want to update it, you need to use the Company App portal and you will need to choose to reinstall the app when you want to update the app.

Difference 3:

Online Apps: Are always installed during the Account phase of the ESP and don’t support device context assignment

Offline Apps: Are installed during the Device Phase of the ESP when the device context was configured.

When you want to make sure the Company App is installed before the user logs in, you will need to use Autopilot White Glove and the Offline Version.

When you are using the Online version, you will need to sign in with your user (SSO silently) before it will be installed (User context)

So the resume, if you are blocking the Microsoft Store like I am showing in this blog below, the Offline version is the one you will need.

When using the Offline version, please, pretty please with sugar on top, don’t forget to assign it to a device group and device license like I am showing below…

Now we know the difference between how the 2 types of Apps are managed and updated, let’s take a look at which logs we need to take a look at when something failed.

Online Apps:

When you want to start troubleshooting the install of Online apps, the first thing you will need to do is to start collecting the store logs. You can do this by entering the “wscollect.exe” command (Windows Store Collect)

This will produce a nice .CAB file on your desktop. Open the ReportingEvents.log and take a look at what happens when you install the Online version of the company App Portal.

Offline Apps:

But you will notice that with the Offline version, there will be no installation entry inside the ReportingEvents.log. As mentioned earlier the installation of Offline Apps is handled by Intune, so you might think we need to open the IntuneManagementExtension event log.

The IntuneManagementextension event log will log all Win32 apps which are installed by the Intune Management Extension. But like I said…. The Win32 Apps..

A piece of Quick advice, when deploying the Offline version of the Company App portal with Windows 10 please make sure you didn’t configure the download modus in Delivery optimization to Bypass mode. Configuring bypass mode will cause the installation of the Company App to fail

So what would be the best choice? The Offline or the Online version? I guess it all depends on your wishes. When you really want to make sure the Company App is installed during Autopilot white-glove esp, you will need to choose the Offline version (Beware of the device license!).

Richard Sharpe Sean Bean GIF - Richard Sharpe Sharpe Sean Bean - Discover &  Share GIFs

If you want to make sure the Company Portal is always up to date, you will need to use the Online version of the company app portal. But beware of the ESP when you are requiring the Online version as a required app during autopilot, it could break.

For me? I would still go for the online version of the company Portal app. Why you might ask? 2 reasons I guess.

*I am also seeing a lot of Autopilot white-glove enrollments failing because of the offline version of the company app

*We are not requiring the company portal during the ESP and skipping the User Status page…Within a few minutes after the user logs in it pops up and for me that works pretty pretty fine.

For the people who are afraid of the Microsoft Store and people installing a lot of stuff on their own, when you locked down the Microsoft Store properly, you have nothing to worry about!

P.S. I am aware that there is also a PowerShell script to install the company App portal… but in my opinion, I want to use the Apps section, so I have one pane of what apps are deployed.

More articles

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest articles