Sprint 2 Outline - brian-anderson01/Capstone GitHub Wiki

Overview

The main purpose of sprint 2 is to get a VPN setup for clients so that they can access the Azure file share. The goal is to automate the deployment of the VPN to clients and set it up so that the VPN is always on. Once the VPN is configured I will be looking to setup Azure Files again and working on using AD authentication for access.

Objectives

• Create an Azure VPN that supports always-on VPN features
• Automate the deployment of the new VPN to all Intune enrolled computers
• Automate the deployment of the client certificate that will be used to authenticate users connecting to the VPN
• Setup Azure file shares again and test connection to them through the new VPN
• Automate the deployment of Azure file shares as mapped drives via Intune with PowerShell
• Get AD authentication working for the Azure file share access control

Tasks

• Setup a new VPN in Azure that can be configured to be always on
• Implement the new VPN on existing VMs
• Confirm connection works and resources on Azure are accessible
• Using Intune and PowerShell, automate the deployment of the always-on VPN
• Deploy any certificates that are required to connect to the VPN using Intune
• Deploy the actual VPN via Intune
• Confirm that it deploys automatically and works as expected
• Create new Azure file shares
• Integrate Azure files with the server
• Configure the Azure file share to use AD authentication
• Get the AD authentication working for Azure file shares, using the hybrid AD DS setup
• Test the authentication and confirm it is working