Forum Discussion
Lock down of Windows Virtual desktop
MicrosoftJasmer Yes, because Windows Virtual Desktop is a registered application in Azure AD you can configure conditional access. Follow the steps here (https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/app-based-mfa) and use the “Windows Virtual Desktop Client” app.”
evasse somehow I can't get it to work, configured everything but neither the app nor the webinterface are blocking me from acessing with my non-MFA account, anything I am missing here?
- Christian_Montoya
A_priori_superior : Can you clarify what you mean by "with my non-MFA account"? Has this account never required MFA? I'm not sure of the direct interaction, but you may need to enable MFA for this user first: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates .
Christian_MontoyaThis account has never been enabled for MFA, correct. But that's the whole reason to set a conditional access policy, to prevent user not meeting the criteria, in this case having MFA enabled, to access certain resources. If I enable MFA for the users manually or automatically, there is no reason to define a conditional access rule for certain apps.
Btw it's working for other applications, but not WVD.- Christian_Montoya
A_priori_superior : It's working on other applications by individually listing them, like you tried with Windows Virtual Desktop Client? Can you add Windows Virtual Desktop to the list of apps? Or Replace the client with this one, and let us know if that works?
