Accelerate MSIX Adoption with Rimo3

By Rory Monaghan

SHARE

When people suddenly went to work from home, it was a scary situation for all, including InfoSec who, in some cases saw corporate assets walk out the door with no line of sight to them for the foreseeable future. End User Computing also faced a logistical nightmare, with some relying on Virtual Private Networks that were frankly not fit for purpose when pushing patches or deploying applications. You need a performant reliable network to yield high success doing enterprise deployments.

As workstyles look set to change permanently with more organizations moving to 100% work from home or at least a blended hybrid workstyle, there has never been a greater need to manage remote devices, including enforcing security settings, measuring compliance, and of course managing applications on those remote devices. Microsoft’s Intune (new branding: Microsoft Endpoint Manager) offers a cloud native solution for managing these devices. Intune is a cloud native product, so unlike traditional on-prem architected deployment solutions, no unreliable VPN is required.

Microsoft for their part have started to make it even easier for current Microsoft Endpoint Configuration Manager customers to move more toward Intune with the Cloud Attach feature within MECM providing some line of site and making enrolling into Intune that bit easier. Once onboarded with Cloud Attach, devices in your MECM collections will be visible in MEM. If you currently use MECM and a VPN for remote management this could offer a major lifeline to help move toward Intune and cut that VPN chord once and for all or at least reduce your dependency on the VPN when it comes to security and device management. Who knows, if you can deploy apps and patches outside of hours when remote devices may not be connected to the VPN, maybe without large app deployments and patches saturating an already limited VPN in the morning, the network can become reliable for other types of workflows.

Whilst enrolling your devices into Intune can be a quick win for Mobile Device Management needs like ensuring device compliance, managing firewall, Windows Defender etc. moving your app management from MECM to MEM requires some effort unless you use an automated solution like Rimo3.

Rimo3 Overview

Rimo3 can be your best friend for various migration efforts including moving to Azure Virtual Desktop, moving from Windows 10 to Windows 11 or indeed for modernizing your applications and moving those to Intune. The latter of which I will focus on in this blog.

For the actual product setup, there are multiple options to select from. I decided to go with the cloud hosted managed service integrated with my Azure tenant. Getting setup was easy, I got my entitlements from Rimo3, I created an app registration and ran a few simple PowerShell scripts. This built out several resources including a virtual machine that would be used as a task runner e.g., this VM would be used for running automated conversions of my App-V and MSI packages to MSIX, as well as testing the apps etc. I did briefly look at the option to upload by my own custom image for testing purposes, but I decided for my conversion needs, the Microsoft Azure Gallery image was fine.

For my scenario I decided to try getting Rimo3 to convert a sample of App-V applications to MSIX, but I also fed it some Windows Installers too. You may recall, I covered my previous attempts to convert App-V packages to MSIX in my blog post: Life After App-V and that proved to be pretty unsuccessful and time consuming. The good news with Rimo3 is that not only does it convert the applications, but it also tests the apps. Unlike other products such as AppDNA, this is not a static analysis of the packages, it spins up a virtual machine (Task Runnner), installs the applications and performs a smoke test. If you are migrating from one platform or Operating System to another, you can have it test against whatever your current state image is and against your future state.
Rimo3 provides a nice report showing the level of performances across the different platforms and importantly, highlights any discrepancies.

If you do not want to dig into the finer details like on the previous chart, the performance across platforms is also shown in a high-level chart as seen above.

Exporting Converted MSIX Containers

Now that I have my report that shows the applications, I converted to MSIX, showing which of the apps are likely to work and which are unlikely to work, I can focus on testing the apps that may have issues and move forward with User Acceptance Testing for those that tested successfully. I can choose to export all the packages to various platforms including directly to my Intune tenant. In my scenario, that is exactly what I did. I exported some of the apps that tested successfully straight to Intune and downloaded some of the apps that didn’t work or those that did but I wanted to deploy with another product.

Once the export to Intune is complete, my package is staged as a Windows application. I tested with MSIX and Windows Installers and it seems at the time of this writing, Rimo3 determines based on complexity of the package whether the application should be deployed as a Line of Business app or Win32 app. Packages like standalone MSIs will export as a Line of Business app whereas an exe or possibly an MSI with a transform will be exported as a Win32 app (Intunewin format).

In my experience, most of the applications I onboarded and sequenced with Rimo3 did successfully convert to MSIX. Now, while most did convert, not all packages ended up getting deployed that way e.g. It converted Foxit PDF Editor. On testing the MSIX, I discovered that the application did launch and somewhat functioned, but the print driver was not working which is the main purpose of this application. So, for that one, MSIX was not an option at this time.

I mentioned earlier that I exported some of the MSIX packages and deployed with a different product. That different product is Numecent Cloudpager and in the case of PDF Editor, while that did not work as an MSIX container, it did work as a Cloudpaging container. So, this let me take those apps that were flagged by Rimo3 as not suitable and instead convert them into Cloudpaging containers. I also took some of the applications that did convert to MSIX and tested managing them with Cloudpager instead of Intune as Intune can be a little slow when it comes to net new application deployments plus Cloudpager provides modern application management and container orchestrations features like seamless updates, rapid rollbacks, automated license policy enforcement and more.

Checkout my video overview of just some of the features of Rimo3 including an example of exporting an MSIX package to Intune and also how to export to deploy the converted MSIX containers to a Cloudpager Workpod.

Conclusion

Rimo3’s managed service is quick and easy to get setup and the automation provides a quick launch approach to migrating your applications to a new platform or Operating System. While it doesn’t provide 100% certainty on testing or conversion of applications, it can handle a lot of your applications saving your from needing to touch every single application in your estate.

Let's make virtualization easier!

Be amongst the first to know when I publish new reviews, guides and tools to simplify your projects.

By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.