Using the Azure VPN Client UWP application as an example this article will cover the steps needed to install the Azure VPN Client using either the Standard Policy (SMB/UNC) Method) or Web Policy Method.
Note: It’s up to the customer to ensure the UWP applications being used are legitimate Microsoft applications and that the applications are signed by Microsoft.
Using the Standard Policy (SMB/UNC) Method:
- First, you will need to download the UWP application bundle from the Microsoft Store, you can use the Microsoft Store link for the application at this site (use at your own risk) to download the application bundle: https://store.rg-adguard.net/
Copy the Microsoft Store link for the UWP Application:
https://www.microsoft.com/en-us/p/azure-vpn-client/9np355qt2sqb?activetab=pivot:overviewtab
Then use the link at https://store.rg-adguard.net/:
- Download the UWP application bundle, and store it on a UNC path that is accessible from your endpoint computers, i.e.
\\server\share\Microsoft.AzureVpn_1.1069.25.0_neutral___8wekyb3d8bbwe.Msixbundle
.
- Then using the Microsoft Group Policy Management Console (GPMC) create a new PolicyPak RWDM Standard Policy on either the Computer or User side.
- At the "Welcome to the PolicyPak Remote Work Delivery Manager wizard!" screen choose "Copy a single file", then click Next.
- At the "Specify policy target" screen choose "Apply this policy to all users who log on to the computer (switched mode)", then click Next.
- At the "Specify the copy source" screen use the UNC path for the UWP application bundle from Step 2 above, then click Next.
- At the "Specify the copy destination" specify the target folder on the endpoint(s) where you would like the UWP application to be downloaded to, leave the "File name" as is, then click Next. Note: The target folder will be created if it does not exist.
- At the "Specify file access settings" screen accept the default values and click Next.
- At the Specify when to process this policy" screen choose "Once" then click Next.
- At the "Post-copy actions" screen choose the "Run PowerShell script", and "Run process or script as user" options then add the command line below
Add-AppPackage -path "C:\Installers\Microsoft.AzureVpn_1.1069.25.0_neutral___8wekyb3d8bbwe.Msixbundle"
- Optional: At the "Revert actions" screen at a revert action, otherwise click Next to skip.
- You are done, give the Policy a descriptive name then click Finish.
Using the Web Policy (Azure Blob storage, Dropbox, etc.) Method:
- First, you will need to download the UWP application bundle from the Microsoft Store, you can use the Microsoft Store link for the application at this site (use at your own risk) to download the application bundle: https://store.rg-adguard.net/
Copy the Microsoft Store link for the UWP Application:
https://www.microsoft.com/en-us/p/azure-vpn-client/9np355qt2sqb?activetab=pivot:overviewtab
Then use the link at https://store.rg-adguard.net/:
- Download the UWP application bundle, then upload it to a PolicyPak supported web storage source, the following web sources are currently supported:
- Amazon S3
- Azure Blob Storage
- Dropbox
- Then using the Microsoft Group Policy Management Console (GPMC) create a new PolicyPak RWDM Web Policy on either the Computer or User side.
- At the "Specify policy target" screen choose "Apply this policy to all users who log on to the computer (switched mode)", then click Next.
- At the "Specify the copy source" screen add the direct download link for the UWP application, then click Next.
Note: In this example, I am using a temporary link I created for Dropbox: https://www.dropbox.com/s/gvzushhyu2qz9i/Microsoft.AzureVpn_1.1069.25.0_neutral___8wekyb3d8bbwe.Msixbundle?dl=1
Do not use this link, it is provided only as an example and will not work, please create a new link to use.
- Wait for the link to be validated, if it fails then verify that you are using a direct download link, i.e. paste the link into a browser to see if the file auto-downloads.
- At the "Specify the copy source" screen choose "File" then click Next.
- At the "Specify the copy destination" specify the target folder on the endpoint(s) where you would like the UWP application to be downloaded to, leave the "File name" as is, then click Next. Note: The target folder will be created if it does not exist.
- At the "Specify file access settings" screen accept the defaults and click Next.
- At the Specify when to process this policy" screen choose "Once" then click Next.
- At the "Post-copy actions" screen choose the "Run PowerShell script", and "Run process or script as user" options then add the command line below
Add-AppPackage -path "C:\Installers\Microsoft.AzureVpn_1.1069.25.0_neutral___8wekyb3d8bbwe.Msixbundle"
- Optional: At the "Revert actions" screen at a revert action, otherwise click Next to skip.
- You are done, give the Policy a descriptive name then click Finish.