Forum Discussion

Copper Contributor

May 14, 2019

Lock down of Windows Virtual desktop

Is there a possibility of locking down of Azure Windows virtual desktop to be accessible from Corporate office ? Is conditional access supported and if yes, how to enable it?

Former Employee

May 15, 2019

Jasmer Yes, because Windows Virtual Desktop is a registered application in Azure AD you can configure conditional access. Follow the steps here (https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/app-based-mfa) and use the “Windows Virtual Desktop Client” app.”

A_priori_superior
Copper Contributor
Sep 02, 2019
evasse somehow I can't get it to work, configured everything but neither the app nor the webinterface are blocking me from acessing with my non-MFA account, anything I am missing here?
- Christian_Montoya
  Microsoft
  Sep 05, 2019
  A_priori_superior : Can you clarify what you mean by "with my non-MFA account"? Has this account never required MFA? I'm not sure of the direct interaction, but you may need to enable MFA for this user first: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates .
  - A_priori_superior
    Copper Contributor
    Sep 05, 2019
    Christian_MontoyaThis account has never been enabled for MFA, correct. But that's the whole reason to set a conditional access policy, to prevent user not meeting the criteria, in this case having MFA enabled, to access certain resources. If I enable MFA for the users manually or automatically, there is no reason to define a conditional access rule for certain apps.
    
    Btw it's working for other applications, but not WVD.

Resources