Showing items from Azure Virtual Desktop

Add Windows Cloud Login application to Conditional Access automated

Sander Rozemuller
Date : June 14, 2024
Categories : Conditional access ,Azure virtual desktop
Tags : Conditional access ,Azure virtual desktop ,Single sign on ,Microsoft graph ,Security

Single Sign On (SSO) for Azure Virtual Desktop (AVD) gives users a seamless login experience from their Windows 10 or Windows 11 device to AVD. This feature is available for a while and most people have configured this feature already. Also, most are also using Conditional Access (CA) (I hope). To make Single Sign On work for AVD in combination with CA policies you need to add the applications Microsoft Remote Desktop (a4a365df-50f1-4397-bc59-1a1564b8bb9c) to your CA policies. Based on your situation the applications are in- or excluded. Now, Microsoft announced that the Single Sign On traffic will be transitioned from the Microsoft Remote Desktop app to Windows Cloud Login. This means you have to add this application to your CA policies. This can be done manually, but I prefer to automate this. In this blog post, I will show you how to add the Windows Cloud Login application to your CA policies automated.

Configure AVD clipboard transfer direction automated

Sander Rozemuller
Date : March 8, 2024
Categories : Azure virtual desktop ,Zero trust
Tags : Automation ,Power shell ,Microsoft intune

Using the clipboard between Azure Virtual Desktop and the users client is a great way to send data back and forth. But it is also could big leak into the system. So maybe you want to limit the use of the clipboard or get more control on how the clipboard could be used between the user and the Azure Virtual Desktop enviroment.

Schedule image update Azure Virtual Desktop host pool

Sander Rozemuller
Date : February 20, 2024
Categories : Azure virtual desktop
Tags : Automation ,Azure API ,Power shell

When you want to update session hosts in a host pool with automated management, you use session host update. Session host update enables you to update the underlying virtual machine (VM) image, size, disk type, and other configuration properties. It does this by deleting or deallocating the existing virtual machine and creating a new one with the updated configuration stored in the session host configuration. I’m realy exited abou this new feature. In this blog, I explain this new feature in how it works, where to think of when using it and, how to manage this (in an automated way).

Find specific Azure Virutal Desktop assigned user

Sander Rozemuller
Date : February 6, 2024
Categories : Azure virtual desktop
Tags : Automation ,Azure API

Recently I saw a question on X (Twitter) where someone was looking for a way to filter for a specific Azure Virtual Desktop assigned user using the Azure management API. For some reason, the filter option is not working in this API. Where in the end it was not possible to find the correct user directly from an API request. In this post, I show a different, also more efficient way, to find the correct user assigned to an Azure Virtual Desktop session host.

Enable Azure Virtual Desktop Insights automated

Sander Rozemuller
Date : December 23, 2022
Categories : Azure virtual desktop
Tags : Insights ,Azure ,Power shell

Azure Virtual Desktop (AVD) Insights is a way to get sight into your AVD environment. In short (from Microsoft), Azure Virtual Desktop Insights is a dashboard built on Azure Monitor Workbooks that helps IT professionals understand their Azure Virtual Desktop environments.

Deploy Azure Bastion host in AVD environment automated

Sander Rozemuller
Date : November 11, 2022
Categories : Azure virtual desktop ,Security
Tags : Azure bastion ,Virtual machines ,Power shell ,The endpoint security train

The IT landscape is changing. Hardware takes place for serverless and resources are moving to public cloud platforms. With that, also the IT processes are changing. In this blog post, I show how to make one of the most common processes more secure in the public cloud. Manage a client endpoint with remote control.