This blog will provide the information how you can achieve this, and at the end, you will get a sample implementation from my LAB.<\/p>\n
Yes, that’s it. Now let us start creating the Azure Storage, and how you can access it. Go to the Azure portal, and open the storage accounts section. You can use the classic storage account as well, but I would recommend the newer ones: Click on Add, to add a storage account, if you don’t want to use an existent one. The creation process of a new storage account is straight forward, mind to select the appropriate replication model: After the storage Account is created, you can go ahead and get the access token, which we need afterwards. Click on your newly created storage account, and click on “Shared access signature” afterwards, the following screen should appear: Within this page, you can select how long the generated access token is valid, or for which access it will allow. This is the most restrict version I figured out to use, for downloading the files within the repository. Afterwards you can click on generate SAS and connection string, and copy the SAS token string, thus it’s the only one we require: As said before, copy the “SAS token<\/strong>” string.<\/p>\n Now go ahead to your storage account and add a blog beyond the container option: Now everything is set up, and you can test the download of the file through a browser. For this, you will need those three informations:<\/p>\n Getting the Container URL is that simple, just click on Properties of your recently created Container, and copy the URL from there: Putting this in your browser URL-bar should start the download of the file, and if it’s working, we only need a script, which will trigger the installation. Here comes my created script in action, it will download the required files, and will start an installation afterwards. The script is not yet golden, it is missing an option to download the files through BITS. And also some Variables inside the Script could be replaced with Input Parameters. Time will tell if I can upgrade the script. And this is the used script:<\/p>\n function Get-DLFileInfo { #return content of file function Download-File { } #adjustable Variables (you SHOULD CHANGE THOSE :) ############### #create temp folder for download, if existent delete it before #Get File info for downloading files afterwards if($DLFileContent) { #set continue script to true #set continue script to false #split input file #download the files } #check if script can continue #set continue script to false #execute the installation
\n![\"\"](\"http:\/\/blog.hosebei.ch\/wp-content\/uploads\/2018\/09\/intune_swrepo02.png\")
<\/a>
\n<\/p>\n
\n<\/a><\/p>\n
\n<\/a><\/p>\n
\nAllowed Services: Blob
\nAllowed Resource Types: Service, Container, Object
\nAllowed Permissions: Read, List
\n<\/a><\/p>\n
\n<\/a><\/p>\n
\n<\/a>
\nAfterwards you can simply upload files from your installation package to your container, my example shows the 7-zip Installation:
\n<\/a><\/p>\n
\n<\/a>
\nNow just put those thing together, in my case:
\nhttps:\/\/intuneposhrepo01.blob.core.windows.net\/7-zip-1805\/7z1805-x64.exe?$herecomestheSAStoken<\/p>\n
\nMind to adjust the line 15-17 and 20-21 to your needs. You can also install MSI files, if so, you will need to adjust line 19, beside 20-21.
\nThe script expects a file called “fileinfo.txt” in the root of the Container, conataining all the files required to download on a separate line. The file should lool like follows:
\n<\/a><\/p>\nIf ($ENV:PROCESSOR_ARCHITEW6432 -eq \"AMD64\") {
\nTry {
\n&\"$ENV:WINDIR\\SysNative\\WindowsPowershell\\v1.0\\PowerShell.exe\" -File $PSCOMMANDPATH
\n}
\nCatch {
\nThrow \"Failed to start $PSCOMMANDPATH\"
\n}
\nExit
\n}<\/p>\n
\n $webrequest = Invoke-WebRequest -Uri ($ContainerUrl + \"\/fileinfo.txt\" + $SASToken) -UseBasicParsing -ErrorAction Continue<\/p>\n
\n return $webrequest.Content
\n}<\/p>\n
\n try {
\n $fileDownload = Invoke-WebRequest -Uri $fileDLURL -UseBasicParsing -Method Head -ErrorAction Continue
\n }
\n catch {
\n $returnError = $_.Exception.Message<\/p>\n
\n finally {
\n $fileDownload = Invoke-WebRequest -Uri $fileDLURL -OutFile ($AppTempDLPath + \"\\\" + $file) -UseBasicParsing -ErrorAction SilentlyContinue
\n }
\n #return status of download
\n return $returnError
\n}<\/p>\n
\n$SASToken = \"?sv=2011-11-09&ss=b&srt=sco&sp=rwl&se=2019-09-18T22:24:51Z&st=2008-09-17T14:24:51Z&spr=https&sig=4pYCjCt7%2B%2B1nCXrHex7NnGJO3242342BybvYR5kSQN521Fk%3D\" #todo: as input variable
\n$ContainerUrl = \"https:\/\/intuneposhrepo011111.blob.core.windows.net\/keepass2-40\" #todo: as input variable
\n$ClientTempLocation = $env:TEMP
\n#Application Installation
\n$MSIInstall = $true # set to true, and use the $installexecutable parameter for your MSI
\n$InstallExecutable = \"KeePass-2.40.msi\" #if using MSI, name the MSI here. e.g: \"7zipinstall.msi\"
\n$InstallParameters = \"\/qn\"<\/p>\n
\n##Main Script
\n#variables
\n$bContinue = $false<\/p>\n
\n#get Application Name from ContainerURL
\n$ApplicationName = $ContainerUrl.Split(\"\/\")[$ContainerUrl.Split(\"\/\").Count - 1]
\n#Setup Temp path for Application
\n$AppTempDLPath = ($ClientTempLocation + \"\\\" + $ApplicationName)
\n#check for temp folder
\nif(Test-Path $AppTempDLPath) {
\n Remove-Item -Path $AppTempDLPath -Recurse
\n $silentcreate = New-Item -Path $AppTempDLPath -ItemType Directory
\n}
\nelse {
\n $silentcreate = New-Item -Path $AppTempDLPath -ItemType Directory
\n}<\/p>\n
\n$DLFileContent = Get-DLFileInfo<\/p>\n
\n #download instruction file found, nothing to do here<\/p>\n
\n $bContinue = $true
\n} else {
\n Write-Warning \"Download File not found\"<\/p>\n
\n $bContinue = $false
\n}<\/p>\n
\n$DLFileContent = $DLFileContent.Split()<\/p>\n
\nif($bContinue -eq $true) {
\n $bDLContinue = $true
\n #download file was found, now download all the files
\n foreach($file in $DLFileContent) {
\n #filter empty lines
\n if($file) {
\n #setup DL URL
\n $fileDLURL = $ContainerUrl + \"\/\" + $file + $SASToken
\n #download the file
\n $DownloadedFile = Download-File
\n If($DownloadedFile) {
\n #if a file was not correctly downloaded, set variable to false
\n $bDLContinue = $false
\n Write-Warning (\"Download error: \" + $DownloadedFile)
\n Write-Warning (\"The following file could not be downloaded: \" + $file)<\/p>\n
\n else {
\n #if the file was successfully downloaded, notihn to do here
\n }
\n }
\n }
\n}<\/p>\n
\nif($bDLContinue -eq $false) {
\n Write-Warning \"A file was not successfully downloaded, Script will not execute further\"<\/p>\n
\n $bContinue = $false
\n}<\/p>\n
\nif($bContinue -eq $true) {
\n if($MSIInstall -eq $false) {
\n start ($AppTempDLPath + \"\\\" + $InstallExecutable) -ArgumentList $InstallParameters -Wait
\n }
\n else {
\n $msiexec = $env:SystemRoot + \"\\system32\\msiexec.exe\"
\n #Write-Host $msiexec -ArgumentList $InstallParameters -Wait
\n $PathToMSI = $AppTempDLPath + \"\\\" + $InstallExecutable
\n Start-Process $msiexec -ArgumentList (\"\/i \" + $PathToMSI + \" \" + $InstallParameters +\" \/L*vx C:\\windows\\temp\\\" + $ApplicationName + \".log\") -Wait
\n }
\n}
\n<\/code><\/p>\n