RealmJoin contains an internal application store compatible with Intunewin, with over 500 existing applications. Glück&Kanja Consulting offers packaging-as-a-service to provide any missing applications. Also, it is possible to use additional deployment repositories completely maintained independently.
RealmJoin v4 is only available for Windows 10.
The sync between Azure AD and RealmJoin is scheduled every 15 minutes and based on your custom pattern ruleset.
Force reinstall by using the debug mode. After opening the tray in debug mode, you can find all available software, even if assigned hidden or already installed and rerun the package.
A general uninstall feature is currently not implemented. In a 100% modern workplace environment with evergreen applications, regular removable of installed software does not exist anymore. Chocolatey packages provide a generic uninstall component that would be usable for RealmJoin. But because of the volatile history of unattended and the sometimes unpredictable issues with incomplete uninstalls we have decided against using it.
There are typically three reasons to uninstall software:
- The license should be re-used for a different user. In this case, it's easy to just create a package to enable/disable a license for a user.
- The software needs to be removed because of [choose your reason]. In this situation, a dedicated remove-software-package can be created.
- There is a newer version of the software. This is not a reason to use an uninstall command but instead, it is a common practice for every software package used by RealmJoin to 'clean' any precursory binaries or settings.
All items above describe special usecases and should be solved in cooperation with Glück & Kanja Consulting AG.
This highly depends on the application itself as well as your internal processes. For some applications, that might be prone to attacking and are very well maintained by the vendor - like Google Chrome - we recommend to use the applications internal update. For other software, it might be more useful to include a regular update via RealmJoin into your processes.
RealmJoin tries to restart failed installations according to your selected installation phases. To reinstall the package manually please use the Debug Mode of the RealmJoin agent.
Yes. NuGet and Chocolatey repositories are based on open protocols. Using search commands one is able to find all repositories that are hosted on the GK tenant. Since packages should not contain personalized information like licenses or user-specific data, there is no potential harm in e.g. installing an Office package with a different company name in the package description. It is in principle possible to host the RealmJoin
Yes. Our suggestions can be found in the workflow section of this documentation.
See section States in the RealmJoin Portal - Clients article. It is possible to get virtually any information from each client in JSON-form. There are several applications available to evaluate the data, for example, PowerBI, which allows to sort and process the data in logical and visually pleasing ways.
If in the future, Microsoft Intune becomes more capable and the installation of software is as versatile and organized as with RealmJoin, you may use the existing packages in Intune. Since RealmJoin does only need Chocolatey and PowerShell to run the installers, there might be possibilities to use Intune to install the software.
All packages created by the Glück & Kanja Consulting AG Package Factory can be prepared as .intunewin packages.
Glück & Kanja takes data protection very seriously. All contracts with customers and partners consider data protection.
For virtual machines, the encryption is only enforced if the virtual machine variable $env:RjDisableVmDetection=1 is set. This setting can be bypassed in the OOBE screen with the command
setx /m RjDisableVmDetection 1in a cmd shell.
It is possible to request reading rights for a specific application package from Glück & Kanja. The installation script of already installed packages can be found under
Yes. To do so, the target has to be set to the process and optional args can be provided. Additionally, for edge, the protocol handler can be used:
- Key: "WebLinks" (directing to process):
The communication between the RealmJoin Service (Backend) and the RealmJoin Agent (Client) is secured with Transport Layer Security (TLS) 1.2 or higher.
Additionally some content (e.g. software packages) is signed by the RealmJoin Service, so that the RealmJoin Agent can ensure, that data was not changed during transport.
- Our development and our operations team is ISO 27001 certified.
- We work with latest cloud development tools (e.g. Github) and code is stored in secured repositories.
- We are committed to state-of-the-art development, built and operations methodologies (e.g. CI/CD).
- Our team members use Azure AD identities and require to use multifactor authentication.
- Endpoints, identities and services are protected by the latest technologies (e.g. Microsoft Sentinel and M365 Defender Suite incl. EDR) and monitored by a Security Operations Center.
- All systems are updated continuously.
- Our services run on well protected Azure platforms.
- We run signed binaries.
- Our app-packages are built in a consistent way, leveraging state-of-the-art code repositories and CI/CD methodology to ensure a maximum of integrity.
- App packages are signed during the built process and checked by the RJ agent prior installation on the client.
- RealmJoin leverages strong Azure AD identities for administrators.