Ivanti Workspace control and CustomAppModelID

As stated in DOC-63186, since Windows 8 (eg. Windows 8, 8.1 and 10) the Start Menu displays only 1 shortcut for each executable. In an IWC configuration there are a lot of application objects that contains an identical “Command line” but perform a different action by altering the “Parameters” configuration.

Examples of these commonly used applications are:

  • iexplore.exe <url>
  • mstsc.exe <path to .rdp file>
  • explorer.exe<path>

This, default behavior, is contolled by AppUserModeliD.

IWC can control / adjust the AppUserModeliD by placing a “CustomAppUserModeliDs.xml” in the root of the custom resources.
The layout of and the use of this file is explained in DOC-63186.

To ease the creation of this XML file, I created a Powershell Script. The script will take an Application Building Block (single file export of only the application node) as the input and will generate a CustomAppUserModeliDs.xml” . By adjusting a variable $strExe in the script a “CustomAppUserModeliDs.xml” can be generated for those application objects with this .exe in the command line.

In the first part of the script, an object is created ($obApps), containing the properties needed for the output ().

In the second part of the script the object $objApps is formated and writen as a xml file ($sPathToXML).

With running the script for multiple exe’s and combining the xml results, a complete “CustomAppUserModeliDs.xml” can be created for use within IWC.

The complete Powershell script can be download here:

[wpfilebase tag=file id=2 tpl=download-button /]


User Notifications with RESONE Workspace

My former co-worker Marcel Venema has written an article “Sending User Notifications with RESONE Workspace“. In his solution, a script is used to display the user notification.

To display a simple notification balloon, the executable of the “Windows log-on reminder” can be used:

wlrmdr.exe -s <time> 

-s <time> Time to show notification in milliseconds. Use 0 to display the notification without timeout.
 -f <x>  One or more of the following values that indicate an icon to display in the notification.

0x00000000 = Do not display an icon.
0x00000001 = Display an information icon.
0x00000002 = Display a warning icon.
0x00000003 = Display an error icon.
0x00000004 = Icon of keys.
0x00000010 = Do not play the associated sound.

x is decimal. To display an information icon without sound = 0x01 + 0x10 = 0x11 = 17 decimal

 -t <title>  Text first Line
 -m <text>  Text second Line

Use this command line in an execute command or use it in application object.

Command line examples:

wlrmdr.exe -s 0 -f 1 -t Tile -m text

Notification ballon with information icon.

wlrmdr.exe -s 0 -f 4 -t Tile -m text

Update 09-03-2018:

A powershell script to manage Balloons.

Want to become a Windows 10 Toast/Balloon expert – With or without Microsoft Intune



RES Automation Manager security Modules


When configuring a security role in RES Automation Manager (RES AM) it is posible to deny access to the content of the modules.

When editing the permisions of the Module node in a RES AM security Role, a select box is shown. With the option “Limit task details when read access permissions are set” selected, a user who is configured with this security role can not view the content of the tasks of the modules.


Option “Limit task details when read access permissions are set” selected.


Option “Limit task details when read access permissions are set” not selected. Setting and Script tab are accessible.