Forum Discussion
Intune, AVD and loopback
With Group Policies comes the ability to configure loopback: applying user policies when logging into a session host. Such group policies apply to a machine and not so much to a user (unless the user logs on to the machine). This is mostly important when building RDS, Citrix, AVD and other related environments. How can we achieve such results with Intune? When we read the MS Docs, it clearly states that we can not assign user-based configuration policies to devices in a multi-session scenario. See also https://learn.microsoft.com/en-us/mem/intune/fundamentals/azure-virtual-desktop-multi-session#compliance-and-conditional-access. And indeed, all configuration settings that shows (User) in their name will result in a 'Not applicable' status. There is a configuration setting that deals with Group Policy Loopback processing mode, but that will only loopback GPOs and we would like to use Intune....
3 Replies
More than a year later and still no solution from MS. We are still running in to the same problems. MS should make the policies available for device targeting. @ this moment the only solution is to deploy the lockdown setting to the users, this would also have an affect the user devices. You must use a filter to apply the policies to the AVD machines only, but as it has happened before the filters can fail, this is a high risk that could lock down your entire environment. A betters solution is to make the loopback processing available for the intune configuration baselines.
- Unfortunately not. Intune supports some features with AVD (multi-session), but they are certainly not best of friends.
