Forum Discussion
MDE for shared desktops Citrix, RDSH ect
Hello, Are there any instructions\tips to enroll a windows 2019 server into MDE that acts as a shared desktop for multiple users. i.e., servers that have more then two people logging into them...
For this type of device, you would normally sign it up with a service account and assign a license like Business Premium or Office E3/E5. You can adjust the limitation to 15 for that service account user. You could also do a kiosk type of install.
*However, you're stating SERVER and this is different. It depends on what you want to accomplish. If you simply want to push similar policies like ASR, Firewall and the like that Intune does for workstation devices then you can just use M365 Defender portal to onboard servers using a tag and create a dynamic group in Azure AD. You'll need at least an E5 license.
If you want more than just GPO in the cloud, and want the goodness of MDM for workstations as for servers, then you would need to get Defender for Servers.
The issue with Defender for Servers is an all or nothing type of onboarding, which I dont like.
If you have an CSP/MSP for licensing you can also request for Defender for Business (for servers) which gives you the capability of onboarding selectively.
*Now all this is just wasted, because perhaps the *REAL* solution is Azure Virtual Desktop, which gives you FAR GREATER bang for you buck even in terms of licensing.
TLDR: Maybe re-think your solution and design it around the requirements that can be supported in the future and is the most cost effective.
*However, you're stating SERVER and this is different. It depends on what you want to accomplish. If you simply want to push similar policies like ASR, Firewall and the like that Intune does for workstation devices then you can just use M365 Defender portal to onboard servers using a tag and create a dynamic group in Azure AD. You'll need at least an E5 license.
If you want more than just GPO in the cloud, and want the goodness of MDM for workstations as for servers, then you would need to get Defender for Servers.
The issue with Defender for Servers is an all or nothing type of onboarding, which I dont like.
If you have an CSP/MSP for licensing you can also request for Defender for Business (for servers) which gives you the capability of onboarding selectively.
*Now all this is just wasted, because perhaps the *REAL* solution is Azure Virtual Desktop, which gives you FAR GREATER bang for you buck even in terms of licensing.
TLDR: Maybe re-think your solution and design it around the requirements that can be supported in the future and is the most cost effective.