Updated version with blogpost can be found here: http://wp.me/p5avG1-va
Last month I created an Azure Automation workflow which will add and remove members from an Azure Active Directory to a Hybrid Azure RemoteApp collection. With this runbook you get an automated sync solution between an AD Group and an Azure RemoteApp collection. The first version was not complete in terms of reporting what it actually did; which users were added and which were removed. I have now developed a second version of this runbook which will send an email with the results of the runbook to an email address.
To implement this new version of the runbook you have to first import the first version of the runbook by executing the following steps: http://www.vroege.biz/?p=1320.
When successfully added the first version of the runbook execute the following update steps:
- Download the updated runbook from this location: https://gallery.technet.microsoft.com/Sync-Azure-RemoteApp-4a1c397e
- Import this script as an Azure Automation Runbook in your Azure Environment
- Create a 2nd Azure Credential which will have your email environment credentials.
- Edit the runbook so both credentials will be used in the runbook. You have to change the following lines in the runbook:
$Cred = Get-AutomationPSCredential -Name 'Azure_Subscription' Add-AzureAccount -Credential $Cred Select-AzureSubscription -SubscriptionName '<< SUBCRIPTION_NAME >>'
$MailCred = "<< ENTER Azure AutomationCredential for Mail >>"
- After changing the above lines the following lines need to be changed before you can test the Runbook:
$userid = "<< ENTER USERID >>"
Send-MailMessage -To $Mail_Destination -Subject $subject -Body $Body -Port 587 -SmtpServer "<< ENTER MAILSERVER >>" -From $userid -BodyAsHtml -Credential $Cred
- The next step is to test the runbook, you will need to enter the following parameters each time you execute the runbook:
- AD_Group which will have the Azure AD Group which has the users
- RA_Collection which will have the name of the collection to which the users need to be added
- Mail_Destination which will have the email address where the reports need to be send to
- If the test is successfully you can publish the runbook
- The next step is to unlink the runbook and link it again with the above parameters.
After the execution of the runbook the users of the AD Group will be added to the Azure RemoteApp collection. The results of the runbook execution will be send to the email address. See below an example of the email which will be send: