Azure Virtual Desktop - Per User External User Licensing?

ignite24 · ‎Jul 27 2021

Hello,

Does the "Per user access pricing for external users" support allowing external parties to connect to a full Virtual Desktop?

The first link below shows the license as an option for "Virtual Desktops":

https://azure.microsoft.com/en-us/pricing/details/virtual-desktop/

This article announcing it only seems to specify "remote app streaming":

https://azure.microsoft.com/en-us/blog/azure-virtual-desktop-the-desktop-and-app-virtualization-plat...

I'm trying to understand if we can utilize a full desktop for a specific use case we have for when we need to have 3rd party auditors review our organization's work.

Thank you in advance.

ignite24 · ‎Jul 27 2021

Both remote apps and desktops can be accessed by the external users. There is an extra cost for allowing access to desktops over only allowing remote app access. More info can be found here: https://docs.microsoft.com/en-us/azure/virtual-desktop/remote-app-streaming/licensing

janzhang · ‎Aug 10 2021

@JasonMasten One this is licensed, do you have the process of how the external users connect to AVD? Thanks in advanced.

JasonMasten · ‎Aug 10 2021

@janzhang AVD does not support B2B or B2C yet. The identities remain the same as any other AVD deployment, they must exist in ADDS and Azure AD. More info can be found here: Set up managed identities in Azure Virtual Desktop - Azure | Microsoft Docs

janzhang · ‎Aug 10 2021

Thanks Jason. In that case, in terms of connecting to the AVD Application from the external user side, I assume the steps are the same as below?
https://docs.microsoft.com/en-gb/azure/virtual-desktop/user-documentation/connect-windows-7-10?toc=/...

janzhang · ‎Aug 10 2021

Given the external users need to be created under the same ADDS and Azure AD within the tenant of where the AVD deployment will be, how does Microsoft identify the difference between "internal" and "external" users?

JasonMasten · ‎Aug 10 2021

@janzhang yes, your link is correct. Once the user has been assigned to an app group, they will be able to connect with the client. When you enroll your subscription for Remote App Streaming, any user connecting to AVD in that subscription will be charged for the Remote App Streaming service. So you would be billed double if you deploy your internal users to the same subscription.

janzhang · ‎Aug 11 2021

Thanks Jason so technically those users are not external users/Guest users. Inviting guest(external) users to our Azure AD, and assign them to WVD app group is still not possible?

JasonMasten · ‎Aug 11 2021

@janzhang The recommended architecture for Remote App Streaming is to setup a dedicated tenant and subscription for your external users. So following that approach, you would never mix your internal and external users together in the same AD / Azure AD. Users cannot be invited in to use AVD (No B2B and B2C). https://docs.microsoft.com/en-us/azure/virtual-desktop/remote-app-streaming/architecture-recs#deploy...

AK1 · ‎Sep 08 2021

You are saying AVD does not support B2B yet. Does this mean that B2B support is coming? If this is planned, any estimate when?

JasonMasten · ‎Sep 08 2021

@AK1 Please refer to the public Roadmap website to find feature development and release dates: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=Windows%20Virtual%20Desktop%2CIn%20dev...

DVOSM · ‎Sep 29 2021

Thanks for this info! was looking for it!

But how about MFA functions for your external users? Would you then also need to hava an Azure P1 per external user or is this function part of the billing Remote App Streaming Service?

JasonMasten · ‎Sep 29 2021

@DVOSM Remote App Streaming provides licensing for AVD, not your Azure AD tenant. You would still need licenses to support P1 or P2 features.

Marc Wolfson · ‎Oct 26 2021

@janzhang External uses in AAD always have a UPN that indicates this.
So if I invite mwolfson@microsoft.com to my tenant as a Guest account (meaning they will authenticate to their own AAD and provide my tenant a token their UPN from my AAD tenant will be
mwolfson_microsoft.com#EXT#@mdwsoft.onmicrosoft.com
Pretty easy to distinguish and further you wouldn't have an AD identity if you are using Hybrid Join as most AVD customers use today, meaning the VM is joined to the domain and AD credentials on the VM must match the UPN in AAD.

ignite24 · ‎Jul 27 2021

Both remote apps and desktops can be accessed by the external users. There is an extra cost for allowing access to desktops over only allowing remote app access. More info can be found here: https://docs.microsoft.com/en-us/azure/virtual-desktop/remote-app-streaming/licensing

View solution in original post

Azure Virtual Desktop - Per User External User Licensing?

Azure Virtual Desktop - Per User External User Licensing?

Re: Azure Virtual Desktop - Per User External User Licensing?

Re: Azure Virtual Desktop - Per User External User Licensing?

Re: Azure Virtual Desktop - Per User External User Licensing?

Re: Azure Virtual Desktop - Per User External User Licensing?

Re: Azure Virtual Desktop - Per User External User Licensing?

Re: Azure Virtual Desktop - Per User External User Licensing?

Re: Azure Virtual Desktop - Per User External User Licensing?

Re: Azure Virtual Desktop - Per User External User Licensing?

Re: Azure Virtual Desktop - Per User External User Licensing?

Re: Azure Virtual Desktop - Per User External User Licensing?

Re: Azure Virtual Desktop - Per User External User Licensing?

Re: Azure Virtual Desktop - Per User External User Licensing?

Re: Azure Virtual Desktop - Per User External User Licensing?

Re: Azure Virtual Desktop - Per User External User Licensing?

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Azure Virtual Desktop - Per User External User Licensing?