Forum Discussion
Dynamic RDP Properties Based on User's Location and Device Type
Seem not native supported but you may try on below:
1. Liquidware ProfileUnity (You already here)
- WMI queries
- Registry keys
- Environment variables
2. FSLogix with Conditional Access
While FSLogix doesn’t control RDP properties, pairing it with Microsoft Entra Conditional Access can help:
- Restrict access based on device compliance, location, or risk level
- Enforce MFA or block access from unmanaged devices
This doesn’t modify RDP redirection but can prevent access entirely under certain conditions.
3. Custom Scripts or Agents
- Set registry flags or environment variables
- Are read by session hosts to trigger conditional logic (e.g., via login scripts or scheduled tasks)
I appreciate the response but I'm looking for any real-world implementations that have been put into place already and not necessarily 'potential' solutions. This customer requires dynamic allowance of certain activities and we need to factor in device type (managed vs unmanaged) and location. The devices are NOT yet managed in Intune.
Today, I fiddled with Defender for Cloud Apps (MCAS) and was successful with session control policies to stop copy/paste/print from a Windows App session in browser! I'm now looking at Microsoft Edge MAM policies in Intune to target users with a mix of Conditional Access to try and achieve the outcomes we're looking for.