Once that's complete, you will need to upload the file to a publicly accessible file share. I used Azure Files to create a storage container and provide direct access to the file. This URI will be pointed to in the script, so you cannot use something like OneDrive or SharePoint without special configuration.
Before running this script, you will need to change the following XXX values:
$QuestODMMSIURI – This will be the publicly accessible MSI that you uploaded to your file share.
Ringcentral requires audio files to be saved as .mp3 files.
To do this, you'll need to convert your audio that you recorded in the Voice Recorder from .m4a into .mp3 using the app Audacity and the ffmpeg plugin. Audacity and ffmpeg are open source programs that can convert audio into different formats. Audacity is the main program and ffmpeg is an extension that Audacity uses to open .m4a files.
Install Audacity and the ffmpeg extension
Before you'll be able to convert the file, follow these steps to get Audacity and ffmpeg set up on your computer:
If you've deployed an Azure VM and did not enable the “Login with AAD credentials”, option, you can enable sign in using Azure Active Directory credentials later using Cloud Shell with this command in Azure CLI:
az vm extension set \
--publisher Microsoft.Azure.ActiveDirectory \
--name AADLoginForWindows \
--resource-group ResourceGroup \
After running that command, you'll need to add an entry to the local group to allow interactive sign in using RDP. The extension doesn't add this permission and you will need to do it manually, running this command in a remote Powershell:
net localgroup "remote desktop users" /add "AzureAD\firstname.lastname@example.org"
You will also need to add 2 lines the RDP file downloaded from the “Connect” tab so that you can connect without issues:
After connecting to the VM using RDP, you will also need to disable network-level authentication from Control Panel.
In the background, the extension will change the Join Type of the VM to “Azure AD Joined” and your Devices blade will update with that information after a couple of minutes.
Change entry at Computer Configuration > Administrative Templates > System > Specify settings for optional component installation and component repair to “Enabled” and check the box for “Download repair content and optional features directly from Windows Update instead of Windows Server Update Services (WSUS)”
Run gpupdate in Command Prompt.
Open Settings > Apps > Apps & features > Optional features and click “Add a feature”. Search for and install “RSAT: Active Directory Domain Services and Lightweight Directory Services Tools”
Click on “Devices” and select “Configuration profiles”. Click on “Create profile”. Change Platform to “Windows 10 and later” and the Profile type field to “Settings catalog (preview)”. Click the “Create” button.
Give it a basic name and navigate to the “Configuration settings” page.
Click the “Add settings” button. Double click on the “Local Policies Security Options” entry in the Settings picker pane on the right. Check the box for the option “User Account Control Switch To The Secure Desktop When Prompting For Elevation”. Back on the main settings area to the left, change the dropdown to “Disabled” and click the “Next” button.
Enable the policy to all devices (as needed) and then test.