LogoLogo
LogoLogo
  • Welcome
    • Navigation
  • RealmJoin Deployment
    • Onboarding
    • Required Permissions
    • Infrastructure Considerations
      • Multi User Devices
    • Migration to RealmJoin vNext
  • User, Group and Device Management
    • Overview
    • User Profile
    • Organization Details
    • User, Group and Device Lists
      • User Details
      • Group Details
      • Device Details
    • User and Group Settings
      • Available RealmJoin Policies
  • App Management
    • Packages
      • Package Store
        • Application Store Details
      • Package Management
      • Package Details
      • Package Assignments
        • Package Migration
      • Package Settings
      • Packaging Requests
        • Organic Packages
    • AVD Templates
  • Automation
    • Connecting Azure Automation
      • Required Permissions
      • Runbook Parameters
    • Runbooks
      • Runbook Customization
      • Runbook Permissions
      • Naming Conventions
      • Runbook Scheduling
      • Runbook Logs
        • Runbook Job Details
      • Runbooks Changelog
    • Requirements
    • Remediation Scripts
  • RealmJoin Agent
    • Features
      • Local Admin Password Solution (LAPS)
        • KeyVault
        • Application Insights
      • Notifications
      • AnyDesk Integration
        • RealmJoin Tasks
        • Customer Tasks
      • App Deployment using the Agent
        • RealmJoin ESP
    • Deploying the Agent
    • User Interface
  • Logs
    • Connecting Azure Log Analytics Workspace
    • Audit Log
  • RealmJoin Settings
    • Overview
    • General
    • Permissions
    • Group Namespaces
    • Workplace Cloud Storage
    • Self Service Forms
    • Custom Roles
      • Available Permissions
  • Developer Reference
    • RealmJoin API
      • Authentication
    • Interacting with Runbooks
    • Simulating a Runbook Environment
    • Local Admin Password Management
  • Other
    • FAQ
      • Security
    • Troubleshooting
      • Package Installation Issues
        • Collecting Logfiles
        • Logfiles Structure
        • Analysing chocolatey.log
        • Troubleshooting failed chocolatey packages
        • Troubleshooting failed craft packages
        • Fixes for common issues
        • Intunewin Debugging
      • LAPS Issues
        • LAPS account passwords cannot be retrieved
        • Requested LAPS Accounts are not being created
    • Changelog
  • Legal
    • Licensing
    • Support
  • RealmJoin Website
Powered by GitBook
On this page
  • Automatic Deployment using Microsoft Intune
  • Manual Deployment using Microsoft Intune
  • Intune Portal
  • Windows Defender Exceptions
  • Interactive Installation
  • Command Line Installation
  • Silent Installation
  • Additional Infos
  • Signed MSI

Was this helpful?

Edit on GitHub
  1. RealmJoin Agent

Deploying the Agent

Last updated 23 days ago

Was this helpful?

RealmJoin Agent can be deployed on a device using one of multiple ways - depending on the individual scenario. As a first step, download the RealmJoin installer of your choice and proceed to the desired installation method.

  • Stable release (Automatic Deployment recommended instead): RealmJoin Release Version

  • Beta Channel (near to stable, for long term testing): RealmJoin Beta Version

  • Canary Channel (Experimental, first testing): RealmJoin Canary Version

Automatic Deployment using Microsoft Intune

RealmJoin directly integrates with your Microsoft Intune tenant. No downloading of the client is necessary. This method only deploys the stable release of the agent.

  1. Head to the Package Store

  2. Select the RealmJoin Agent on the banner

  3. Select your preferred deployment method and click "Continue"

  4. Add users to the managed app groups for RealmJoin or directly on Intune, depending on preference

  5. Intune will automatically deploy the RealmJoin Agent after some time

Manual Deployment using Microsoft Intune

RealmJoin can be deployed through Microsoft Intune by deploying the MSI as a Line-of-Business app. This may be useful if you wish to deploy Beta or Canary versions using Intune.

Intune Portal

Use the following instructions to deploy the RealmJoin Agent:

  1. Navigate to Microsoft Intune and select Apps > All Apps

  1. Then click + Add

  2. Under Other choose Line-of-business-app and click Select

  1. Next click Select app package file

  2. As App package file browse for RealmJoin.msi on your device

  1. Then, click OK

  2. Under App information fill in all required fields and set Ignore app version to Yes

  1. Under Assignments add groups and users for your RealmJoin app

  1. Under Review + create check all your settings

  1. Finally click Create

Like any other application in Intune, ReamJoin can be assigned to the desired user groups as (required) software. It is not necessary to install additional software on the client devices to run RealmJoin. RealmJoin will be deployed on the client devices on the next Intune sync.

Windows Defender Exceptions

RealmJoin has worked with the Microsoft Defender Team to be whitelisted from malware detection. Since Defender is using more and more machine learning mechanisms to identify potential threats and RealmJoin has several features like cloud downloaded application installations, RealmJoin might be recognized by Windows Defender as a possible threat.

While this behavior is not certain, it is recommended to implement additional Windows Defender exceptions. Create a new device configuration profile, type Device restriction, or edit your existing profile and add the following Windows Defender Antivirus Exceptions:

Defender Exceptions

Files and Folders

%ProgramFiles%\RealmJoin

%ProgramFiles%\RealmJoin\RealmJoin.exe

%ProgramFiles%\RealmJoin\RealmJoinService.exe

%ProgramFiles%\RealmJoin\RealmJoinUpdate.exe

Processes

%ProgramFiles%\RealmJoin

%ProgramFiles%\RealmJoin\RealmJoin.exe

%ProgramFiles%\RealmJoin\RealmJoinService.exe

%ProgramFiles%\RealmJoin\RealmJoinUpdate.exe

It`s important to configure the same path in Files and Folders and Processes. In some cases, Microsoft only checks one of this Defender Exceptions.

Interactive Installation

If an administrator wants to install RealmJoin on a device without mass deployment or the Microsoft Intune infrastructure, he/she may download the MSI and do an interactive installation or copy one of the command lines below to download and run in a single step.

Command Line Installation

You may download and install RealmJoin in a single step by using the following command lines. This may help especially when testing scenarios or new software packages in virtual machines.

Release Channel:

@powershell -NoProfile -ExecutionPolicy unrestricted -Command "((new-object net.webclient).DownloadFile('https://gkrealmjoin.s3.amazonaws.com/win-release/RealmJoin.exe', 'realmjoin.exe'))" && .\realmjoin.exe

Beta Channel:

@powershell -NoProfile -ExecutionPolicy unrestricted -Command "((new-object net.webclient).DownloadFile('https://gkrealmjoin.s3.amazonaws.com/win-beta/RealmJoin.exe', 'realmjoin.exe'))" && .\realmjoin.exe

Canary Channel:

@powershell -NoProfile -ExecutionPolicy unrestricted -Command "((new-object net.webclient).DownloadFile('https://gkrealmjoin.s3.amazonaws.com/win-canary/RealmJoin.exe', 'realmjoin.exe'))" && .\realmjoin.exe

Silent Installation

When installing RealmJoin during unattended OS installation or any other non-interactive deployment method you may decide not to have any UI interaction during installation. To install RealmJoin in such a scenario, use the silent installation option:

reamjoin.exe -install

Additional Infos

Signed MSI

The RealmJoin.MSI is SHA2 (256 bit) signed by RealmJoin and therefore recognized by Windows as safe to install.