Home

Windows Virtual Desktop - Able to use in multi-Application Kiosk Mode?

%3CLINGO-SUB%20id%3D%22lingo-sub-391177%22%20slang%3D%22en-US%22%3EWindows%20Virtual%20Desktop%20-%20Able%20to%20use%20in%20multi-Application%20Kiosk%20Mode%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-391177%22%20slang%3D%22en-US%22%3E%3CP%3EGood%20Afternoon%2C%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20are%20considering%20leveraging%20Windows%20Virtual%20Desktop%20for%20our%20customer%20base%20where%20we%20will%20expose%201%20or%20more%20applications%20in%20kiosk%20mode%20via%20a%20multi-tenant%20scenario.%20To%20clarify....%3C%2FP%3E%3CP%3EAdmin%20authentication%20(to%20manage%20the%20desktop%20as%20needed%20and%20to%20run%20background%20processes)%20would%20be%20done%20via%20the%20abc.com%20domain.%26nbsp%3B%20We%20can%20create%20another%20VM%20to%20run%20a%20windows%20domain%20server%20(as%20is%20currently%20required)%20for%20hybrid%20identity%20for%20these%20abc.com%20admin%20domain%20accounts.%26nbsp%3B%20However%2C%20for%20end%20user%20authentication%2C%20which%20is%20multi-tenant%2C%20each%20user%20will%20authenticate%20via%20their%20own%20domain%20which%20is%20on%20Azure%20Active%20Directory.%20For%20example%2C%20we%20have%203%20client%20organizations%3A%20%26nbsp%3B%20xxx.com%2C%20yyy.com%2C%20and%20zzz.com%20%26nbsp%3B%3C%2FP%3E%3CP%3ESo%20a%20user%20chuck%40xxx.com%20should%20be%20able%20to%20authenticate%20into%20the%20kiosk%20we%20have%20configured%20and%20run%202%20desktop%20applications%20we%20have%20exposed%20for%20him%20to%20use.%20%26nbsp%3B%26nbsp%3B%3C%2FP%3E%3CP%3EIs%20this%20scenario%20currently%20feasible%3F%26nbsp%3B%20I%20have%20read%20that%20kiosk%20mode%20of%20regular%20Windows%2010%20professional%2Fenterprise%20permits%20this.%20Also%2C%20will%20Windows%20Virtual%20Desktop%20ever%20be%20able%20to%20operate%20solely%20on%20Azure%20Active%20Directory%3F%3C%2FP%3E%3CP%3EIf%20not%2C%20please%20contact%20me%20if%20it%20would%20be%20of%20value%20to%20provide%20more%20details%20about%20our%20solution.%26nbsp%3B%20We%20are%20looking%20to%20implement%20this%20with%20potentially%20hundreds%20to%20thousands%20of%20Azure%20AD%20domains%20and%20thousands%20to%2010's%20of%20thousands%20of%20users%20in%20total.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks!%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-392168%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Able%20to%20use%20in%20multi-Application%20Kiosk%20Mode%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-392168%22%20slang%3D%22en-US%22%3E%3CP%3EThanks%2C%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F195573%22%20target%3D%22_blank%22%3E%40Stefan%20Georgiev%3C%2FA%3E%20.%26nbsp%3B%20Upon%20doing%20further%20research%2C%20it%20looks%20like%20part%20of%20what%20I%20was%20asking%20for%20existed%20in%20a%20prior%20preview%20for%20RDmi%3A%26nbsp%3B%3CFONT%3E%3CA%20href%3D%22https%3A%2F%2Fwww.brianmadden.com%2Fopinion%2FAn-overview-of-multi-tenancy-in-Remote-Desktop-modern-infrastructure-RDmi%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fwww.brianmadden.com%2Fopinion%2FAn-overview-of-multi-tenancy-in-Remote-Desktop-modern-infrastructure-RDmi%3C%2FA%3E%3C%2FFONT%3E%3C%2FP%3E%3CP%3EFrom%20the%20latest%20MSFT%20documentation%20I've%20seen%2C%20RDmi%20is%20now%20part%20of%20WVD.%26nbsp%3B%20Or%2C%20maybe%20what%20that%20article%20describes%20is%20something%20that%20would%20be%20a%20level%20down%20(ie%20the%20underlying%20functionality%20for%20WVD)%20where%20we%20could%20modify%20the%20WVD%20hosting%3F%26nbsp%3B%20If%20the%20functionality%20described%20in%20the%20article%20still%20exists%2C%20that%20would%20enable%20us%20to%20achieve%20what%20we%20are%20looking%20to%20do.%26nbsp%3B%20However%2C%20the%20ADDS%20requirement%20would%20be%20an%20issue%20due%20to%20the%20cost.%26nbsp%3B%20If%20there%20would%20be%20a%20way%20to%20create%20more%20pricing%20options%20for%20ADDS%20such%20as%20for%2050%20objects%2C%20100%20objects%2C%20200%20objects%2C%20etc.%20it%20would%20open%20up%20new%20opportunities%20for%20the%20SMB%20client%20base.%3C%2FP%3E%3CP%3EIf%20you%20have%20any%20additional%20information%20regarding%20what%20happened%20with%20RDmi%2C%20it%20would%20be%20greatly%20appreciated!%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-392057%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Able%20to%20use%20in%20multi-Application%20Kiosk%20Mode%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-392057%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F310808%22%20target%3D%22_blank%22%3E%40Matt_Shanaman%3C%2FA%3E%20If%20I%20can%20breakdown%20the%20question%20support%20WVD%20VMs%20joining%20%3CSPAN%20style%3D%22display%3A%20inline%20!important%3B%20float%3A%20none%3B%20background-color%3A%20%23ffffff%3B%20color%3A%20%23333333%3B%20font-family%3A%20'SegoeUI'%2C'Lato'%2C'Helvetica%20Neue'%2CHelvetica%2CArial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%22%3EAzure%20Active%20Directory%20is%20on%20the%20road%20map%20and%20will%20be%20announce%20around%20GA.%20However%20at%20the%20moment%20having%20different%20users%20from%20different%20(non%20related%20domain)%20authenticating%20to%20the%20same%20VM%20via%20WVD%20is%20not%20supported.%20Background%20process%20however%20can%20be%20ran%20in%20the%20local%20admin%20context%20if%20that%20helps.%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Matt_Shanaman
New Contributor

Good Afternoon, 

We are considering leveraging Windows Virtual Desktop for our customer base where we will expose 1 or more applications in kiosk mode via a multi-tenant scenario. To clarify....

Admin authentication (to manage the desktop as needed and to run background processes) would be done via the abc.com domain.  We can create another VM to run a windows domain server (as is currently required) for hybrid identity for these abc.com admin domain accounts.  However, for end user authentication, which is multi-tenant, each user will authenticate via their own domain which is on Azure Active Directory. For example, we have 3 client organizations:   xxx.com, yyy.com, and zzz.com  

So a user chuck@xxx.com should be able to authenticate into the kiosk we have configured and run 2 desktop applications we have exposed for him to use.   

Is this scenario currently feasible?  I have read that kiosk mode of regular Windows 10 professional/enterprise permits this. Also, will Windows Virtual Desktop ever be able to operate solely on Azure Active Directory?

If not, please contact me if it would be of value to provide more details about our solution.  We are looking to implement this with potentially hundreds to thousands of Azure AD domains and thousands to 10's of thousands of users in total.

 

Thanks!

2 Replies

@Matt_Shanaman If I can breakdown the question support WVD VMs joining Azure Active Directory is on the road map and will be announce around GA. However at the moment having different users from different (non related domain) authenticating to the same VM via WVD is not supported. Background process however can be ran in the local admin context if that helps.

Thanks, @Stefan Georgiev .  Upon doing further research, it looks like part of what I was asking for existed in a prior preview for RDmi: https://www.brianmadden.com/opinion/An-overview-of-multi-tenancy-in-Remote-Desktop-modern-infrastruc...

From the latest MSFT documentation I've seen, RDmi is now part of WVD.  Or, maybe what that article describes is something that would be a level down (ie the underlying functionality for WVD) where we could modify the WVD hosting?  If the functionality described in the article still exists, that would enable us to achieve what we are looking to do.  However, the ADDS requirement would be an issue due to the cost.  If there would be a way to create more pricing options for ADDS such as for 50 objects, 100 objects, 200 objects, etc. it would open up new opportunities for the SMB client base.

If you have any additional information regarding what happened with RDmi, it would be greatly appreciated!

Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
36 Replies
Extentions Synchronization
Deleted in Discussions on
3 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
Security Community Webinars
Valon_Kolica in Security, Privacy & Compliance on
9 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies