A Guide to Microsoft Automation

A Guide to Microsoft Automation

Download the guide now

Introduction

This white paper will assist anyone considering Microsoft’s products to integrate, automate or orchestrate IT systems and processes to support business practices and ultimately achieve
cost savings by driving greater efficiencies across the organization.

Kelverion has been working with Microsoft automation tools since 2010, and the insights in this document reflect over 15 years of experience assisting customers to Simplify IT  Automation.

No two organizations are the same. Regardless of why a company looks to implement IT process automation, those in charge must first determine the success criteria of implementing IT Automation, establish clear goals to achieve, and guarantee minimal disruption to the
business through the transition from inefficient to efficient processes made more effective through automation.

Automation is broadly broken down into two categories;

Business Process Automation –
Integration between business applications to avoid manual re-keying and automating manual processes used to drive the day-to-day business operation.

IT Automation –
Automating the manual tasks undertaken to keep IT infrastructure and IT processes operating.

This guide will show how automation platforms further subdivide and how the Microsoft Automation tools fit into these categories.

Understanding Automation Tools

Automation tools fall into one of four categories;

Business Process Automation

Robotic Process Automation
RPA, for short, is a technology that uses software robots (or bots) to automate repetitive, rule-based tasks that humans would typically perform on a computer. These tasks include things like data entry, gathering information, sending emails and allowing human employees to focus on more complex high-value activities.

Integration Platforms
Targeted automation tools intended for linking two or more applications together to pass data and then trigger an action in an automated way.

IT Automation

Task Automation
Systems that allow the triggering of a scripted task execution, typically providing no feedback on execution results, or data return to the calling system. This is by far the largest category of automation products, as it covers scripting languages and most service desks with Automation, which only trigger scripts via their workflow capabilities.

This is the category with the fewest capabilities of all the automation tool options.

IT Process Automation
These are full specification Automation Platforms that use technology to automate repetitive IT tasks and workflows, like software deployment, system monitoring, and reporting, to improve efficiency, reduce errors, save costs, and free up IT staff for strategic work. Key benefits include enhanced productivity, faster responses to issues, and better operational resilience.

The first step in the automation journey is determining what tools to use and with four automation tools and a scripting language available from Microsoft that can be particularly complex, this guide outlines the tools and their intended use.

Power Automate – RPA platform

For those unaware of Microsoft’s multiple automation platforms, it would be easy to assume that Power Automate is the sole automation platform offered by Microsoft. This perception arises from the frequent references to Power Automate in various Microsoft and Tech Blogger articles. The reason behind this prominence is that Power Automate is an essential component of the Microsoft 365 (formerly Office 365) product family, which is heavily marketed to its vast customer base.

Power Automate primarily serves as an RPA (Robotic Process Automation) tool with a focus on automating application-to-application data transfer and orchestrating business processes within the Microsoft 365 suite of tools.

Power Automate allows users to create automated workflows, or “flows”, to connect different applications and services and automate repetitive tasks and business processes. Power Automate uses connectors to establish links between various applications, such as Microsoft 365 (OneDrive, Teams, SharePoint), other Online services, and even desktop apps.

TYPICAL USE CASES
Getting notifications when a new file is added to a folder, automatically collect and organize data from various sources into a central location, keeping files synchronized across different applications and cloud services, and creating automated approval workflows for documents or requests.

WHEN TO USE
While Power Automate provides No Code – Low Code authoring and can execute scripts like PowerShell and Python, these capabilities are intended for running on a desktop machine using Power Automate Desktop. Power Automate is not designed for remote automation of cloud and on-premises infrastructure, which is a key aspect of infrastructure and IT process automation.

Power Automate is ideal for business process automation requirements particularly in and around the Microsoft 365 suite of products.

Logic Apps – Integration Platform as a Service

While Power Automate is an RPA tool, Logic Apps is an Integration Platform as a Service. It helps automate and orchestrate tasks, business processes, and workflows when there is a need to integrate data across enterprises or organizations. Logic Apps have evolved from the Microsoft BizTalk platform, which is an on-premises business process application.

Logic Apps are created in Azure and consist of a trigger, which when fired, calls a series of actions and conditions. For example: when a record is received in system A, send an email to a list of email addresses.

Microsoft Azure Logic Apps uses a variety of triggers and actions linked together to construct a process workflow. These triggers and actions are provided by making use of one or more product connectors. Workflows can be constructed to automate business processes linking a wide variety of systems in a graphical browser-based application, but the challenge with Logic Apps is the flow of the automations start at the top and run to the bottom, branching to run different tasks or triggering another Logic App is not practical.

TYPICAL USE CASES
With many business application connectors available, there are a lot of options when it comes to integration, especially when looking to create social linkage (i.e. X, Facebook etc.). For those who have found BizTalk to be effective in on-premises environments, Logic Apps emerges as a suitable choice when considering the migration of such workloads to the cloud.

WHEN TO USE
While Logic Apps offers No Code automation, the main disadvantage is that Logic Apps do not have the capability to execute on-premises tasks as there is no on-premises gateway or runbook server equivalent – it is a cloud-first API automation system.

The second drawback is that PowerShell cannot be executed natively within a Logic Apps; instead, a secondary function such as Azure Functions or Azure Automation needs to be initiated in order to run the script.

As you can see, Logic Apps are aimed at Cloud based automation and business application integration. It is very powerful for automating use cases where all requests flow the same predetermined processes.

Whilst Logic Apps may well be part of your Microsoft Automation toolkit it will be augmented by one of the other IT process automation platforms.

PowerShell – Task Automation

PowerShell is a cross-platform task automation solution made up of a command-line shell, a scripting language, and a configuration management framework.

PowerShell scripts are many organizations introduction to automation. Multiple actions can be performed within a single script, including performing actions directly against infrastructure components and integrating to other applications by calling their APIs from within the script.

There are also many PowerShell Modules to leverage, a Module is simply a group of functions, where each function performs a different task, and represents a new cmdlet. There are over 16,000 PowerShell Modules available in the PowerShell Gallery covering on-premises and cloud products from Microsoft and 100s of modules for other vendors; for instance, VMware PowerCLI module – this is basically a group of functions that perform basic, reusable tasks within vSphere.

TYPICAL USE CASES
With PowerShell’s breadth of infrastructure integration, the range of potential use cases is broad, but common use cases are;

• Creating, modifying, or deleting user accounts and groups in Active Directory.
• Configuring and managing devices on Windows servers.
• Creating, deleting, and moving files and folders.
• Changing Windows Registry keys and values.

WHEN TO USE
With cross-platform capabilities in both Windows and Linux, PowerShell scripts can be used to perform very complex automations, but they do have a few drawbacks;

• PowerShell scripts cannot self-execute; they must be triggered by some other calling mechanism or started manually. For most organizations this is via manual execution, which means they are not truly an automated solution.
• They lack error reporting. Whilst errors in script execution can be captured, PowerShell scripts, on their own, have no way to report this back if called remotely. The error handling is also only as good as the person who wrote the script in the first place. This lack of error reporting makes PowerShell scripts unreliable.
• They lack execution feedback when triggered remotely. It is easy to remotely call a PowerShell script, but this mechanism does not pass execution parameters back to the calling system, you need to embed an API call back to the calling system to pass over data on PowerShell execution. This is one of the major failings in Service Desks as many trigger PowerShell Scripts as their ‘automation’ capability but they lack the feedback mechanisms.

If you have a lot of PowerShell scripts today, we at Kelverion have a mechanism to wrap them and trigger the scripts via our Automation Portal and using its API we can return execution status and feedback data to the portal.

System Center Orchestrator – IT Process Automation Platform

Orchestrator is the old workhorse of the Microsoft Automation stable; it has been around since 2012, and whilst visually unchanged, has had many platform and capability updates over the years.

System Center Orchestrator is a graphical tool that automates data center processes and workflows by creating “runbooks”. It streamlines IT operations by connecting disparate systems and automating tasks like VM Provisioning, Incident Ticket creation and enrichment, or Automated Patching, enabling IT administrators to build end-to-end automation solutions without extensive coding.

Orchestrator provides integration with third-party service desks and systems tools and databases, operating systems, their resources, and system functions.

Numerous Integration Packs are available from Kelverion for non-Microsoft products, such as Atlassian, Amazon, BMC Helix, Citrix, ServiceNow, SolarWinds, and VMware vSphere.

TYPICAL USE CASES
Orchestrator’s wealth of integrations means that the breadth of use cases is only limited by the author’s imagination, and whilst it is an on-premise tool, it isn’t limited to
on-premise use cases. Common automations include;

• Alert to Incident Ticket creation and Remediation
• Self-Service Software Deployment
• VM Provisioning and Management
• Automated Patching
• Active Directory and Entra ID Account and Group Management

WHEN TO USE
In the 2010s, there was a constant push to move infrastructure to the Cloud, which accelerated further during the pandemic. Since then, it has become clear that for a proportion of organizations, the Cloud is not always the best route and that an on-premises (also known as on-prem) or a hybrid model is most beneficial.

The data security provided by Cloud vendors is very high and frequently just as high, if not higher than that provided on-premises; however, on-premises means total control over how and where data is physically stored and secured. Some sectors mandate that data is not to be stored or processed off premises, making a critical business case for remaining on-site.

In these cases, Orchestrator continues to provide a highly capable platform for on-premises and hybrid IT process automation and provisioning.

Orchestrator delivers a solution for IT Operations runbook automation and provides orchestration, integration, and automation of IT processes, enabling companies to define and standardize best practices and improve operational efficiency whilst reducing errors and costs.

Azure Automation –
IT Process Automation as a Service platform

Azure Automation is a cloud-based automation platform that harnesses the capability of PowerShell whilst overcoming the limitations of error handling and feedback by turn it into an automation platform. It provides an expansive automation service while remaining cost-effective, thanks to both low upfront and long-term running costs. Azure Automation enables users to automate tasks that would typically bog down and occupy IT and service desk personnel’s time.

Azure Automation is compatible with multiple vendors, cloud platforms, and on-premises systems. The PowerShell core of Azure Automation means it has an extensive reach of integration opportunities.

Thanks to Azure Automation being developed as a cloud platform, deployment is simple and speedy, and can be set up worldwide at the click of a button.

Whilst being a cloud platform, Azure Automation is not limited to just cloud execution; it has an on-premises execution node, the ‘Hybrid Worker’, which enables it to natively interact with any on-premises workloads. The communications are all outbound from the Hybrid Worker into Azure over secure HTTPS, so there is no need to open your firewalls to incoming data traffic, thus maintaining security controls.

The relative costs for using and deploying Azure Automation is very low, as it is charged on a pay-as-you-go model, where costs are only incurred while your automation is executing, and Microsoft actually provides you with the first 500 minutes of ‘execution time’ free. This significantly minimizes your initial outlay to achieve significant automation benefits.

With over 800 Vendor-Supported PowerShell Integration Modules available, there are numerous options for integration covering both Microsoft and other Vendors products and services.
Kelverion produces numerous Integration Modules for products that do not have native PowerShell module support, such as Atlassian, BMC Helix, EasyVista, Freshservice, Halo ITSM, and ServiceNow.

TYPICAL USE CASES
With PowerShell as the base capability and the option to run Python too, the automation options are huge. Common use cases include;

• Microsoft 365 Management
• Employee Onboarding and Off-Boarding
• Standard IT Task Automation on-premises and cloud
• Cloud Provisioning and Management
• Active Directory and Entra ID Account and Group Management

WHEN TO USE
Azure Automation has all the capabilities of Orchestrator and, being a modern PowerShell-based platform, adds new capabilities that are not easily available in Orchestrator, such as global deployment, cross-region resiliency, GIT integration for collaborative working, and change management.

Azure Automation offers users the capability to create graphical PowerShell runbooks, which, when combined with the Kelverion Runbook Studio, provides the familiar No Code – Low Code authoring experience that users have grown accustomed to with Orchestrator.

Azure Automation is the perfect platform for anyone looking to embark on IT Process Automation who runs a cloud-first or hybrid data center model and isn’t limited to on-premises platforms, and any existing System Center Orchestrator customers who are looking to modernize an old system or grow out their automation.

Automation Portal –
Trigger, track, and report on automation

One of the biggest challenges with any automation initiative is that no matter what tools or techniques you are using, you need to be able to trigger, track, and report on the operation of the automated process and the benefits being achieved.

This is very difficult when most automation tools and scripted processes, in particular, offer no management interface to trigger, track, or report on the success or failure of their operations. Very few organizations deploy only one automation technology, which further complicates management. These tools lack a simple user-friendly interface for humans to trigger the automation, requiring that to be built separately; often, the best that is offered is a command-line execution, which requires administrator-level knowledge to utilize.

The traditional way to get something from IT has been to submit a request via the Service Catalogue of the Service Desk, but this approach fails because a lot of Service Desks have no capability to trigger external automation, and it takes so long to get the Service Catalogue offerings built in the Service Desk that the automation project never gets going.

KELVERION AUTOMATION PORTAL
The Automation Portal offers an easy-to-implement, intuitive forms-driven interface for your IT Team or End Users to trigger, track, and report on automated processes, whatever automation tool you use. It offers a versatile interface without the lengthy list of prerequisites required by many other self-service portals available today.

The Portal can directly trigger automation execution in any automation platform that supports Web Hooks, and interaction between the automation tool and the Automation Portal is via pre-built integrations, or optionally via a REST API, so that any system can interact with the Portal.

The Automation Portal provides the vital component in an automation project, the ability to quickly provide an interface for humans to interact with automation, and then the ability to be able to trigger, track, or report on the automation operation.

Summary

As you can see, Microsoft has automation tools that cover all four towers of the automation marketplace, so whatever your needs, Microsoft has you covered. Therefore, working out what tool to use is very much dictated by your data center makeup and broad use case.

For organizations that are restricted to on-premises data centers, for regulatory or security reasons, and who are already System Center users, then Orchestrator is the tool to give you a broad range of automation capabilities in a highly reliable platform.

Organizations that have more flexibility and can use cloud platforms have a broader choice, and the options then come down to the broad use case.

For Business Process Automation (RPA) use cases, i.e., integration between business applications to avoid manual re-keying and automating manual processes used to drive the day-to-day business operation, then you should first consider Power Automate.

If your use case involves IT Process Automation, i.e., Anything infrastructure-related or to automate repetitive IT tasks and workflows, like user onboarding, permissions management, software deployment, system monitoring, and reporting, then Azure Automation is the platform of choice.

Whether you are not sure how to get started with automation or have gotten going and now want to expand your deployment, Kelverion are here to help.

With over 15 years of experience you can be sure we have implemented your use case before and can provide guidance on what others have done and what pitfalls to avoid, ensuring your project is a success.

About Kelverion

Experts in Cloud, On-Premise, and Hybrid automation, Kelverion provides solutions and integrations that remove the manual process tying up IT staff, transforming the productivity, efficiency, and supportability of IT service automation. Our products utilize and enhance the power of Microsoft Azure Automation and System Center Orchestrator.

Working closely alongside Microsoft, we have developed our integrations and automation solutions to help bridge the gap between Microsoft’s automation platforms and third-party systems, in the process building key alliance partnerships with multiple vendors to ensure our products are fully certified.

Since 2010, Kelverion has delivered hundreds of Microsoft Automation projects, with offices in the US, UK, and Canada. Through this, we can offer and support products and professional services engagements to enterprise-level organizations globally.

Kelverion – Simplify IT Automation
Get in touch to find out more

info@kelverion.com